This pins Bleve to a soon-to-be v2.5.0 commit.
Fixes CVE-2022-31022. We can unpin when v2.5.0 releases (likely March 25th).
We do not need any new features or similar, though there are some fixes that are nice to receive.
We will **not** backport this fix as we aren't actually vulnerable to anything via CVE-2022-31022; we never use its code, nor does Bleve. The reason we are fixing this is to get Trivy to stop complaining.
Fixes: #97439
Add NotOlderThan support to getHistory
Add support for Exact
Add tests
Refactor tests
Add error test
Co-authored-by: Marco de Abreu <18629099+marcoabreu@users.noreply.github.com>
* refactor grafana_index_server_index_size to calculate in a goroutine instead of at scrape time and remove grafana_index_server_indexed_docs metric
* use wire to inject bleve index metrics
* remove sprinkles metrics from bleve index metrics
* log error when trying to calculate file index size and bump interval to 1m instead of 5s
* check namespace in unistore
* fix tests
* fix trace status
* Use capital letter
---------
Co-authored-by: Karl Persson <23356117+kalleep@users.noreply.github.com>
* Update to latest cog version and update workspaces
* Update generated go files
* Try to avoid concurrency issues
* Update workspaces
* Try to remove the sync...
* Remove grafana dependency from xorm go.mod file
Alerting: Include time range in templated dashboard and panel urls
Time range:
from=Alert.StartsAt-1hr
Firing Alerts: to=Current Timestamp
Resolved Alerts: to=Alert.EndsAt
* WIP adding custom analyzer so we can do substring search efficiently
* Adding unit tests for title search
* formatting
* adds more title search unit tests
* organize helpers
* fixes issue caused by having two title mappings
* Removes camelcase token filter since it prevents you from searching for a substring of chars and numbers. Adds regression test.
* adds back mapping for title_phrase
* use simple analyzer for input query string so it doesn't filter out english stop words
* ran bleve tests, table snapshots updated
* ignore linter for "unused" test functions. They are very helpful for troubleshooting search. Keeping them.
* only log total hits and query cost if result not nil
* fixes failing test - one more field because there are two title mappings now
* fix test
* fixes test - only take first item when its the title
* Adds separate internal field for title ngram mapping.
When searching with a query, results are sorted by score desc.
When searching without a query, results are sorted by title desc.
Adjusts ngram max to be 10.
Text queries are a disjunction of an exact match, phrase match, and a match. Boosted to have priority in that order.
Adds more unit tests for searching.
* linter
* fix test
* ran tests - generated new test dash json
* sort by title phrase instead of title
* fix test - not relying on /apis/dashboard/search to apply title sorting anymore
* Adds ability to run integration tests against spanner (by using GRAFANA_TEST_DB=spanner env variable. SPANNER_DB variable then specifies database to use: spannertest, emulator or string like /projects/<project>/instances/<instance>/databases/<db>)
* Adds feature to migration dialects to create database from a snapshot, instead of running individual migrations.
* Adds first version of Spanner snapshot, prepared from "OSS" migrations.
* Uses generated bit-reversed-positive values instead of auto_increment. (As an experiment)
* Chore: Bump golang.org/x/net to v0.36.0
* Chore: Use github.com/moby/moby version 27.5.1 instead of 26.0.0
* Chore: Bump github.com/ua-parser/uap-go to v0.0.0-20250213224047-9c035f085b90
* Chore: Bump github.com/grpc-ecosystem/go-grpc-middleware/v2 to fix 32-bit overflow issue
* Add isProvisioned field to model
* Add new isProvisioned column to migration
* Disable auto assignment to organization if the user is provisioned
* add annotation to user model
* add annotation to user models
* Remove IsProvisioned field from Identity
* Move new field assignenment and add default value
* Update annotations for user query results
* Remove isProvisioned from identity
* Add new column to test
* Resolve user from identity at SyncOrgHook
* make it build and start
* run some migrations
* add build tags, remove log
* remove unused code
* revert go.mod changes
* move initialisation into dialect file
* update workspace
* update workspace once again
* clean up dependencies
* further cleanup
* Address some review feedback.
* Fix go.sum.
---------
Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
Stephanie Hingtgen
Ryan McKinley
Jean-Philippe Quéméner
Mustafa Sencer Özcan
Mariell Hoversholm
Marco de Abreu
Georges Chaudy
Matheus Macabu
Igor Suleymanov
Peter Štibraný
Will Assis
Will Browne
owensmallwood
Selene
Tito Lins
Karl Persson
Matthew Jacobson
maicon
Tania
alerting-team[bot]
Alexander Zobnin
linoman
Serge Zaitsev