Inspired from Keep a Changelog
- [CVE-2021-23490] Bump parse-link-header from
1.0.1to2.0.0(#3738) - [CVE-2022-25758] Bump scss-tokenizer from
0.3.0to0.4.3(#3727) - [CVE-2021-3765] Update
@microsoft/api-documenterand@microsoft/api-extractorversions to bump validator from8.2.0to13.9.0(#3725) - [CVE-2022-1537] Bump grunt from
1.4.1to1.5.3(#3723) - [CVE-2022-0436] Bump grunt from
1.4.1to1.5.3(#3723) - [CVE-2021-23382] Bump postcss from
8.2.10to8.2.13(#3739) - [CVE-2021-3803] Bump nth-check from
1.0.2to2.0.1(#3729) - [CVE-2022-25858] Bump terser from
4.8.0to4.8.1(#3726) - [CVE-2020-15366] Bump ajv from
4.11.8to6.12.6(#3769) - [CVE-2021-35065] Bump glob-parent from
6.0.0to6.0.2(#3742) - [CVE-2022-25851] Bump jpeg-js from
0.4.1to0.4.4(#3741) - [CVE-2022-48285] Bump jszip from
3.7.1to3.10.1(#3740) - Bump
joito v14 to avoid the possibility of prototype poisoning in a nested dependency (#3952) - Bump
sass-lintfrom1.12.1to1.13.0to fixeslintsecurity issue (#4338)
- [Optimizer] Increase timeout waiting for the exiting of an optimizer worker (#3193)
- Fix a problem that prevented plugin-helpers from building plugins (#2486)
- Run the unit tests of the CI workflow in band (#1306)
- Capture and report code coverage metrics in workflows (#1478)
- Add verification workflow for release builds (#1502)
- Record functional test artifacts in case of failure (#3190)
- Improve yarn's performance in workflows by caching yarn's cache folder (#3194)
- [Version] Increment to 1.4 (#1341)
- Add
targetfolders oftest_utilsandcoreto theosd cleanpatterns (#1442)
- Fix test failures due to them ending before their duration is captured (#1338)
- Add retrying flaky jest tests (#2967)
- [CVE-2022-2499] Resolve qs from 6.5.2 and 6.7.0 to 6.11.0 in 1.x (#3451)
- [CVE-2020-36632] [REQUIRES PLUGIN VALIDATION] Bump flat from 4.1.1 to 5.0.2 (#3539). To the best of our knowledge, this is a non-breaking change, but if your plugin relies on
mochatests, validate that they still work correctly (and plan to migrate them tojestin preparation formochadeprecation. - [CVE-2023-25653] Bump node-jose to 2.2.0 (#3445)
- [CVE-2021-23807] Bump jsonpointer from 4.1.0 to 5.0.1 (#3535)
- [CVE-2021-23424] Bump ansi-html from 0.0.7 to 0.0.8 (#3536)
- [CVE-2022-24999] Bump express from 4.17.1 to 4.18.2 (#3542)
- [I18n] Register ru, ru-RU locale (#2817)
- [TSVB] Fix the link to "serial differencing aggregation" documentation (#3503)
- [TSVB] Fix a spelling error in the README file (#3518)
- Simplify the in-code instructions for upgrading
re2(#3328) - [Doc] Improve DEVELOPER_GUIDE to make first time setup quicker and easier (#3421)
- Update MAINTAINERS.md formatting and maintainer list (#3338)
- Remove
github-checks-reporter, an unused dependency (#3126) - [Version] Increment to 1.3.9 (#3375)
- Remove the unused
renovate.json5file (3489)
- [CVE-2022-25901] Bump supertest from 2.0.5 to 2.0.12 (#3326)
- [CVE-2022-25860] Bump simple-git from 3.15.1 to 3.16.0 (#3345)
- [CVE-2022-46175] Bump json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 (#3201)
- [CVE-2022-25912] Bump simple-git from 3.4.0 to 3.15.0 (#3036)
- Bump decode-uri-component from 0.2.0 to 0.2.2 (#3009)
- Bump highlight.js from 9.18.5 to 10.7.3 (#4045)
- [BUG] Fixes misleading embeddable plugin error message (#3043)
- [BUG] Trim trailing slashes before checking no-restricted-path rule (#3020)
- Lock workflow tests to Chrome and ChromeDriver 107 as the last combination that run on Node.js v10 (#3299)
- Update yarn timeout for GitHub workflow on Windows (#3118)
- Add Windows CI to the GitHub workflow (#2966)
- Fix documentation link for date math (#3207)
- [CVE-2022-0144] Bump shelljs from 0.8.4 to 0.8.5 (#2511)
- [Legacy Maps Plugin] Prevent reverse-tabnabbing (#2540)
- [CVE-2022-3517] Bump minimatch from 3.0.4 to 3.0.5 and [IBM X-Force ID: 220063] unset-value from 1.0.1 to 2.0.1 (#2640)
- [CVE-2022-0155] Bump follow-redirects to 1.15.2 (#2653)
- [CVE-2022-0536] Bump follow-redirects to 1.15.2 (#2653)
- [CVE-2021-24033] Remove storybook package (#2660)
- [CVE-2021-42740] Remove storybook package (#2660)
- [CVE-2022-23647] Bump prismjs to 1.29.0 (#2668)
- [CVE-2022-37599] Bump loader-utils to 2.0.4 (#2995)
- [CVE-2022-37603] Bump loader-utils to 2.0.4 (#2995)
- [Windows] Facilitate building and running OSD and plugins on Windows platforms (#2601)
- [Windows] Add helper functions to work around the differences of platforms (#2681)
- [Windows] Add
@osd/cross-platformpackage to standardize path handling across platforms (#2703)
- [Chore] Visualize link fix #2395
- [BUG] Fix suggestion list cutoff issue (#2607)
- Remove Leftover X Pack references (#2638)
- Bump
delversion to fix MacOS race condition (#2847) - Temporary workaround for task-kill exceptions on Windows when it is passed a pid for a process that is already dead (#2842)
- [Build] Fixed "Last Access Time" not being set by
scanCopyon Windows (#2964) - Update
leaflet-vegaand fix its usage (#3005) - Add clarifying tooltips to header navigation (#3573)
- Update backport custom branch name to utilize head template (#2766)
- Add the release runbook to RELEASING.md (#2533)
- Security-CVEs fixes guidelines #2674
- Correct README and help command of osd-plugin-helpers (#2810)
- Increment version to 1.3.7 #2528
- Bump
chromedriverto 106 to fix function test fail issue #2514 - Fix incorrect validation of time values in JUnit Reporter (#2965)
- [CVE-2021-3807] Resolves ansi-regex to v5.0.1 (#2425)
- [CVE-2022-23713] Handle invalid query, index and date in vega charts filter handlers (#1932)
- Use a forced CSP-compliant interpreter with Vega visualizations (#2352)
- Bump moment-timezone from 0.5.34 to 0.5.37 (#2361)
- [CVE-2022-0144] Bump shelljs from 0.8.4 to 0.8.5 (#2511)
- Custom healthcheck with filters (#2232, #2277). To configure see example in config/opensearch_dashboards.yml
- Add CHANGELOG.md and related workflows (#2414)
- Extends plugin-helpers to be used for automating version changes (#2398,#2486)
- Version Increment to 1.3.6 (#2420)
- Update caniuse to fix failed integration tests (#2322)