Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security: [M3-9447] - Update react-vnc for security updates #11758

Merged
merged 5 commits into from
Feb 28, 2025
Merged

security: [M3-9447] - Update react-vnc for security updates #11758

merged 5 commits into from
Feb 28, 2025

Conversation

abailly-akamai
Copy link
Contributor

@abailly-akamai abailly-akamai commented Feb 27, 2025
edited
Loading

Description 📝

🎉 This will resolve

And hopefully burry these path-to-regex issues for the foreseeable future 👍

Changes 🔄

List any change(s) relevant to the reviewer.

  • Update react-vnc to 3.0.7

Target release date 🗓️

3/11/2025

Preview 📷

No visual (or functional) regression should result from this PR

How to test 🧪

Verification steps

  • Confirm Glish works as it should
    • Linode Detail > Launch LISH Console > Glish
  • Confirm tests are passing
Author Checklists

As an Author, to speed up the review process, I considered 🤔

👀 Doing a self review
❔ Our contribution guidelines
🤏 Splitting feature into small PRs
➕ Adding a changeset
🧪 Providing/improving test coverage
🔐 Removing all sensitive information from the code and PR description
🚩 Using a feature flag to protect the release
👣 Providing comprehensive reproduction steps
📑 Providing or updating our documentation
🕛 Scheduling a pair reviewing session
📱 Providing mobile support
♿ Providing accessibility support

  • I have read and considered all applicable items listed above.

As an Author, before moving this PR from Draft to Open, I confirmed ✅

  • All unit tests are passing
  • TypeScript compilation succeeded without errors
  • Code passes all linting rules

@abailly-akamai abailly-akamai added the Security Pull requests that address a security vulnerability label Feb 27, 2025
@abailly-akamai abailly-akamai self-assigned this Feb 27, 2025
@bnussman-akamai bnussman-akamai mentioned this pull request Feb 27, 2025
Closed
4 tasks
@abailly-akamai abailly-akamai changed the title security: [M3-9447] - Pin lowest path-to-regexp to 0.1.12 security: [M3-9447] Feb 27, 2025
@abailly-akamai abailly-akamai changed the title security: [M3-9447] security: [M3-9447] - Update react-vnc for security updates Feb 27, 2025
abailly-akamai
abailly-akamai commented Feb 27, 2025
View reviewed changes
packages/manager/src/features/Lish/Glish.tsx
ref.current.rfb._rfbConnectionState !== 'connected'
) {
return;
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Those checks help with seeing the Glish interface sometime reload before being fully available

@abailly-akamai abailly-akamai marked this pull request as ready for review February 27, 2025 22:04
@abailly-akamai abailly-akamai requested a review from a team as a code owner February 27, 2025 22:04
@abailly-akamai abailly-akamai requested review from hkhalil-akamai and cliu-akamai and removed request for a team February 27, 2025 22:04
hkhalil-akamai
hkhalil-akamai approved these changes Feb 27, 2025
View reviewed changes
Copy link
Contributor

@hkhalil-akamai hkhalil-akamai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fix! Verified Glish works as expected. ✅

Lock file diff is unexpectedly large -- I assume this is because react-vnc has many changed dependencies? Or is this something related to pnpm.

@bnussman-akamai
Copy link
Member

It's because react-vnc didn't use devDependencies until recently. 😳 They had some weird stuff going on: roerohan/react-vnc#61 (comment) @hkhalil-akamai

bnussman-akamai
bnussman-akamai approved these changes Feb 27, 2025
View reviewed changes
Copy link
Member

@bnussman-akamai bnussman-akamai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! 🙏

@bnussman-akamai bnussman-akamai added the Approved Multiple approvals and ready to merge! label Feb 27, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 28, 2025
edited
Loading

Coverage Report:
Base Coverage: 80.18%
Current Coverage: 80.17%

@linode-gh-bot
Copy link
Collaborator

Cloud Manager UI test results

🔺 1 failing test on test run #5 ↗︎

❌ Failing✅ Passing↪️ Skipped🕐 Duration
1 Failing529 Passing3 Skipped116m 56s

Details

Failing Tests
SpecTest
timerange-verification.spec.tsIntegration tests for verifying Cloudpulse custom and preset configurations » Implement and validate the functionality of the custom date and time picker for selecting a specific date and time range

Troubleshooting

Use this command to re-run the failing tests:

pnpm cy:run -s "cypress/e2e/core/cloudpulse/timerange-verification.spec.ts"

@abailly-akamai abailly-akamai merged commit b62843b into linode:develop Feb 28, 2025
23 of 24 checks passed
@cypress Cypress
Copy link

cypress bot commented Feb 28, 2025

Cloud Manager E2E    Run #7320

Run Properties:  status check failed Failed #7320  •  git commit b62843b72f: security: [M3-9447] - Update `react-vnc` for security updates (#11758)
Project Cloud Manager E2E
Branch Review develop
Run status status check failed Failed #7320
Run duration 31m 53s
Commit git commit b62843b72f: security: [M3-9447] - Update `react-vnc` for security updates (#11758)
Committer Alban Bailly
View all properties for this run ↗︎
Test results
Tests that failed  Failures 1
Tests that were flaky  Flaky 5
Tests that did not run due to a developer annotating a test with .skip  Pending 3
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 531
View all changes introduced in this branch ↗︎

Tests for review

Failed  cypress/e2e/core/cloudpulse/timerange-verification.spec.ts • 1 failed test

View Output Video

Test Artifacts
Integration tests for verifying Cloudpulse custom and preset configurations > Implement and validate the functionality of the custom date and time picker for selecting a specific date and time range Screenshots Video
Flakiness  linodes/clone-linode.spec.ts • 1 flaky test

View Output Video

Test Artifacts
clone linode > can clone a Linode from Linode details page Screenshots Video
Flakiness  stackscripts/smoke-community-stackscripts.spec.ts • 1 flaky test

View Output Video

Test Artifacts
Community Stackscripts integration tests > pagination works with infinite scrolling Screenshots Video
Flakiness  images/machine-image-upload.spec.ts • 2 flaky tests

View Output Video

Test Artifacts
machine image > uploads machine image, mock finish event Screenshots Video
machine image > uploads machine image, mock upload canceled failed event Screenshots Video
Flakiness  helpAndSupport/close-support-ticket.spec.ts • 1 flaky test

View Output Video

Test Artifacts
close support tickets > can close a closable support ticket Screenshots Video

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bnussman-akamai bnussman-akamai bnussman-akamai approved these changes

@hkhalil-akamai hkhalil-akamai hkhalil-akamai approved these changes

@cliu-akamai cliu-akamai Awaiting requested review from cliu-akamai cliu-akamai is a code owner automatically assigned from linode/frontend

Assignees

@abailly-akamai abailly-akamai

Labels
Approved Multiple approvals and ready to merge! Security Pull requests that address a security vulnerability
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@abailly-akamai @bnussman-akamai @linode-gh-bot @hkhalil-akamai