Skip to content

opensearch-dashboards-3/3.4.0 package update #77246

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aborrero merged 5 commits into from
Jan 9, 2026
Merged

opensearch-dashboards-3/3.4.0 package update #77246

aborrero merged 5 commits into from
Jan 9, 2026

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Jan 5, 2026

Commit: c1d92e84395038f5f99e64e27b00c00fbabcd075

Note: If you need to make manual changes to this PR, apply the skip:staging-update-bot label so the reconciler won't overwrite them.

@octo-sts octo-sts bot added automated pr opensearch-dashboards-3 request-version-update request for a newer version of a package P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. labels Jan 5, 2026
@octo-sts
Copy link
Contributor Author

octo-sts bot commented Jan 5, 2026
edited
Loading

🔄 Build Failed: Git Checkout Error

Expected commit 1b1df96f89316f534c2f30206fbd79d08992f288 for 3.4.0, found 9917c3edf20efcd4db8328b732a6cfc4673675ca

Build Details

Category Details
Build System melange
Failure Point git checkout operation for opensearch-dashboards-3-config subpackage

Root Cause Analysis 🔍

Git commit hash mismatch during checkout of tag 3.4.0. The expected commit hash (1b1df96f89316f534c2f30206fbd79d08992f288) does not match the actual commit hash (9917c3edf20efcd4db8328b732a6cfc4673675ca) found at the tag. This suggests the tag reference has been updated or the expected commit hash is outdated.

Was this comment helpful? Please use 👍 or 👎 reactions on this comment.

@octo-sts octo-sts bot added the ai/skip-comment Stop AI from commenting on PR label Jan 5, 2026
@AmberArcadia AmberArcadia self-assigned this Jan 6, 2026
@octo-sts octo-sts bot added bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. approver-bot/manual-review-needed manual/review-needed staging-approver-bot/manual-review-needed labels Jan 6, 2026
@AmberArcadia
opensearch-dashboards-3: refresh CVE bumps
245d726 
Updated CVE fixes to address:
- CVE-2025-15284 (GHSA-6rw7-vpxm-498p) - qs vulnerability
- CVE-2025-54798 (GHSA-52f5-9888-hmc6) - tmp vulnerability
- CVE-2025-57352 (GHSA-rx8g-88g5-qh64) - min-document vulnerability
- CVE-2025-68428 (GHSA-f8cm-6447-x5h2) - jspdf updated to v4.0.0
@AmberArcadia AmberArcadia force-pushed the staging-update-bot/opensearch-dashboards-3.yaml branch from 9570b78 to 245d726 Compare January 7, 2026 21:15
@AmberArcadia
Copy link
Member

AmberArcadia commented Jan 8, 2026

Looks like qs is sticky. Perhaps we can follow that up separately.

@AmberArcadia AmberArcadia requested a review from a team January 8, 2026 19:52
aborrero
aborrero approved these changes Jan 9, 2026
View reviewed changes
Copy link
Member

@aborrero aborrero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@aborrero aborrero merged commit 76e9bce into main Jan 9, 2026
17 of 19 checks passed
@aborrero aborrero deleted the staging-update-bot/opensearch-dashboards-3.yaml branch January 9, 2026 09:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aborrero aborrero aborrero approved these changes

Assignees

@AmberArcadia AmberArcadia

Labels

ai/skip-comment Stop AI from commenting on PR approver-bot/manual-review-needed automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. manual/review-needed opensearch-dashboards-3 P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-version-update request for a newer version of a package staging-approver-bot/manual-review-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AmberArcadia @aborrero