Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Outdated dependency on Grafana Dashboards

Description

Grafana dashboards repository has an outdated modules and dependabot alerts

Total 38 alerts (4 critical, 23 high)

  •  

  • 'loader-utils' 2 critical and 10 other notifications

  • 'webpack' 1 critical

  • 'simple-git' 1 critical and 1 high

  • 'json5' 4 high

  • Rest of the high severity 

                 

There are multiple alerts for the same CVEs and deprecation as we closed old dependabots PRs and it opened a new one for each new version of the package.

We should do sanity testing before merging the update.

 

ACs

  • we should have below fixed

    • 'loader-utils' 2 critical and 10 other notifications

    • 'webpack' 1 critical

    • 'simple-git' 1 critical and 1 high

    • 'axios' which is important tool and has a significant bump to the version. (2 moderate) - fix if no significant effort needed

  • other non critical as per effort - fix if no significant effort needed

How to test

Please do sanity check if everything is working fine here and i can check for the remaining dependabot alerts.

How to document

None

Attachments

1

Smart Checklist

hide

Activity

Show:
Done

Details

Assignee

Reporter

Priority

Components

Labels

Needs QA

Yes

Needs Doc

No

Planned Version/s

Fix versions

Story Points

Smart Checklist Progress

Smart Checklist

Created December 5, 2023 at 1:49 PM
Updated August 8, 2024 at 5:01 AM
Resolved March 22, 2024 at 11:26 AM
Configure