search

opensearch-project / index-management

🗃 Automate periodic data operations, such as deleting indices at a certain age or performing a rollover at a certain size
https://opensearch.org/docs/latest/im-plugin/index/
Apache License 2.0
53 stars 108 forks source link

Upgrade ktlint to mitigate CVE-2023-6378 #1095

Closed r1walz closed 5 months ago

r1walz commented 5 months ago

Issues: #1059 #1060

Description of changes:

Mitigating CVE-2023-6378.

CheckList:

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

r1walz commented 5 months ago

Build is failing as newly upgraded ktlint dep is failing due to lint violations. @bowenlan-amzn @vikasvb90 I think we should add lint rules and apply formatting here?

vikasvb90 commented 5 months ago

@r1walz Yes, we will have to fix formattings but I am not sure if cli is the right dependency to be replaced with.

r1walz commented 5 months ago

Original artifact for ktlint was moved to ktlint-cli. Since, ktlint v0.51.0-FINAL has the required dependency upgrade, I switched over to the new artifact only. This is also aligned with their change log breaking changes suggestions.

r1walz commented 5 months ago

Removing backport labels as this is going to require manual backport.

codecov[bot] commented 5 months ago

Codecov Report

Attention: 539 lines in your changes are missing coverage. Please review.

Comparison is base (027509e) 74.90% compared to head (884fe42) 75.37%. Report is 1 commits behind head on main.

:exclamation: Current head 884fe42 differs from pull request most recent head 5f8891b. Consider uploading reports for the commit 5f8891b to get more accurate results

Files Patch % Lines
...agement/indexstatemanagement/ManagedIndexRunner.kt 57.14% 30 Missing and 9 partials :warning:
...xmanagement/snapshotmanagement/model/SMMetadata.kt 69.51% 17 Missing and 8 partials :warning:
...atemanagement/step/rollover/AttemptRolloverStep.kt 75.00% 15 Missing and 7 partials :warning:
...xmanagement/rollup/actionfilter/FieldCapsFilter.kt 31.03% 20 Missing :warning:
...ndexmanagement/transform/TransformSearchService.kt 73.23% 12 Missing and 7 partials :warning:
...nt/indexstatemanagement/ManagedIndexCoordinator.kt 58.13% 16 Missing and 2 partials :warning:
...ndexstatemanagement/validation/ActionValidation.kt 5.26% 18 Missing :warning:
...exstatemanagement/model/destination/Destination.kt 29.16% 16 Missing and 1 partial :warning:
.../opensearch/indexmanagement/rollup/RollupRunner.kt 42.85% 8 Missing and 8 partials :warning:
...atemanagement/step/shrink/AttemptMoveShardsStep.kt 79.45% 10 Missing and 5 partials :warning:
... and 92 more
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1095 +/- ## ============================================ + Coverage 74.90% 75.37% +0.47% - Complexity 2812 2815 +3 ============================================ Files 367 367 Lines 16522 17038 +516 Branches 2363 2370 +7 ============================================ + Hits 12375 12843 +468 - Misses 2845 2894 +49 + Partials 1302 1301 -1 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.