This pins Bleve to a soon-to-be v2.5.0 commit.
Fixes CVE-2022-31022. We can unpin when v2.5.0 releases (likely March 25th).
We do not need any new features or similar, though there are some fixes that are nice to receive.
We will **not** backport this fix as we aren't actually vulnerable to anything via CVE-2022-31022; we never use its code, nor does Bleve. The reason we are fixing this is to get Trivy to stop complaining.
Fixes: #97439
* Alerting: Fix loss of TimeInterval location on remote AM apply
deepcopy.Copy does not correctly copy PostableUserConfig because it ignores
unexported fields. As a result, TimeInterval locations default to UTC instead
of retaining their original values.
* make update-workspace
* update some links in plugin jsons update backend tests
* fix the test
* fix the test
* Update public/app/plugins/datasource/azuremonitor/plugin.json
Co-authored-by: David Harris <david.harris@grafana.com>
* more docs links added, fix tests
---------
Co-authored-by: David Harris <david.harris@grafana.com>
Add NotOlderThan support to getHistory
Add support for Exact
Add tests
Refactor tests
Add error test
Co-authored-by: Marco de Abreu <18629099+marcoabreu@users.noreply.github.com>
* include user UID in GetTeamMembers() output
* move user.uid next to the other user fields
* generate openapi specs
* remove new line at EOF
* fix sql select syntax
* fix sql select syntax
* fix sql select syntax
* fix sql select syntax
* Fix UNION syntax in resourcepermissions package.
* Fix migrations in usermig package to work with Spanner.
* Fix health query.
* Use more connections for integration tests.
* Add test-go-integration-spanner target to run integration tests against Spanner emulator.
* Add test for enterprise.
* Don't delete sequence number for migration_log.id column.
* Only bump max open connections to 20 for Spanner.
Lower integration test timeout.
* Add migration to remove datasources:drilldown
* remove role assignments as well
* rename to datasources:drilldown
* remove the role assignments
* made it simple instead
* Update pkg/services/sqlstore/migrations/accesscontrol/datasource_drilldown_removal.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update pkg/services/sqlstore/migrations/accesscontrol/datasource_drilldown_removal.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
What is this feature?
This PR introduces a new alert rule configuration option, keep_firing_for (Prometheus documentation).
keep_firing_for prevents alerts from resolving immediately after the alert condition returns to normal. Instead, they transition into a "Recovering" state and are not considered resolved by the Alertmanager. Once the recovery period ends (or after the next evaluation if it is bigger than keep_firing_for), the alert transitions to "Normal" if it doesn't start alerting again:
Before
+----------+ +----------+
| Alerting |---->| Normal |
+----------+ +----------+
-----
After
+----------+ +------------+ +----------+
| Alerting |----->| Recovering |---->| Normal |
+----------+ +------------+ +----------+
Why do we need this feature?
This feature prevents flapping alerts by adding a recovery period. This helps avoid false resolutions caused by brief alert
Mihai Doarna
Mariell Hoversholm
Jean-Philippe Quéméner
Gábor Farkas
Will Browne
Matthew Jacobson
Yulia Shanyrova
Tania
Timur Olzhabayev
Gabriel MABILLE
Matheus Macabu
Marco de Abreu
Andres Martinez Gotor
Yuri Tseretyan
Tito Lins
Peter Štibraný
Georges Chaudy
Kyle Brandt
Will Assis
xavi
Mustafa Sencer Özcan
Stephanie Hingtgen
owensmallwood
Sam Jewell
Alexander Akhmetov
Isabella Siu
Ryan McKinley
ismail simsek
Eric Leijonmarck