[jira] [Created] (SENSSOFT-344) Update Install/Deploy instructions on Website
Joshua Poore created SENSSOFT-344: - Summary: Update Install/Deploy instructions on Website Key: SENSSOFT-344 URL: https://issues.apache.org/jira/browse/SENSSOFT-344 Project: SensSoft Issue Type: Task Components: website Affects Versions: SensSoft 1.0 Reporter: Joshua Poore Assignee: Joshua Poore Fix For: SensSoft 1.0 Update website deploy instructions in preparation for name change. They are currently, hopelessly out of date. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-343) Browser "Options" 'Tool Version" field doesn't appear to write to tool_version (or tool major, minor, patch) version
Joshua Poore created SENSSOFT-343: - Summary: Browser "Options" 'Tool Version" field doesn't appear to write to tool_version (or tool major, minor, patch) version Key: SENSSOFT-343 URL: https://issues.apache.org/jira/browse/SENSSOFT-343 Project: SensSoft Issue Type: Bug Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 major_version, minor_version, patch_version successfully parse userAleVersion, but ToolVersion is not similarly parsed and viewable in kibana. Could be an indexing issue. If so, will move ticket to SensSoft v 1.0 -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-30) Improve example server
[ https://issues.apache.org/jira/browse/SENSSOFT-30?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-30. -- Resolution: Fixed unclear which server needs improving. > Improve example server > -- > > Key: SENSSOFT-30 > URL: https://issues.apache.org/jira/browse/SENSSOFT-30 > Project: SensSoft > Issue Type: Improvement >Reporter: Joshua Poore >Assignee: Michelle Beard >Priority: Trivial > Fix For: SensSoft 1.0 > > Original Estimate: 4h > Remaining Estimate: 4h > > Improve example server -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-342) No interval Logs Appearing in Elastic
[
https://issues.apache.org/jira/browse/SENSSOFT-342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joshua Poore resolved SENSSOFT-342.
---
Resolution: Not A Problem
Queried Elasticsearch directly
{code:java}
http://localhost:9200/userale/_search?q=logType:interval
{code}
Interval Logs are indeed being written to the UserALE index:
{code:java}
_index "userale"
_type "doc"
_id "olhTsmkBlFKxlUEzn0FV"
_score 1.0208666
_source
userId "nobody"
type"mouseover"
targetChangetrue
userAction false
useraleVersion "1.1.0"
target "a"
pageTitle "Branches · apache/incubator-senssoft"
@timestamp "2019-03-25T00:50:18.179Z"
pageReferrer"https://github.com/apache/incubator-senssoft/projects;
typeChange false
startTime 1553475010012
endTime 1553475013868
sessionID "session_1553474988111"
host"172.18.0.1"
minor_ver "1"
count 14
pageUrl "https://github.com/apache/incubator-senssoft/branches;
toolName"test_app"
logType "interval"
duration3856
toolVersion null
patch_ver "0"
path[…]
major_ver "1"{code}
However, interval logs do not have a "clientTime" field–its contrary to their
nature, they use startTime and endTime. Therefore, when users select
"clientTime" for indexing, these logs do not appear in the *userale index in
Kibana. Pushed instructions for users to select "@timestamp" if they want to
view interval logs. This solution makes sense conceptually and pragmatically.
> No interval Logs Appearing in Elastic
> -
>
> Key: SENSSOFT-342
> URL: https://issues.apache.org/jira/browse/SENSSOFT-342
> Project: SensSoft
> Issue Type: Bug
> Components: builds
>Affects Versions: SensSoft 1.0
> Environment: Elastic 6.5
>Reporter: Joshua Poore
>Assignee: Joshua Poore
>Priority: Major
> Fix For: SensSoft 1.0
>
>
> Interval logs are being written but do not appear in Elastic.
> Confirmed that they are being written using example server, via script tags
> and web extensions.
> NOTE: Need to replicate on 6.2.2. elastic build.
> Hypothesis: missed some update to index in migration to Elastic 6.5–can see
> that "interval" is a searchable property in Kibana filters.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Closed] (SENSSOFT-332) Upgrade to Elastic 6.6
[ https://issues.apache.org/jira/browse/SENSSOFT-332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore closed SENSSOFT-332. - Resolution: Implemented Updated via Senssoft 332 merge > Upgrade to Elastic 6.6 > -- > > Key: SENSSOFT-332 > URL: https://issues.apache.org/jira/browse/SENSSOFT-332 > Project: SensSoft > Issue Type: New Feature > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Should be an easy upgrade given we're currently running 6.5.4. New features > are great! > [https://www.elastic.co/blog/elastic-stack-6-6-0-released] > Doesn't appear to be any breaking changes to current configs rel to 6.5.4: > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/6.7/breaking-changes-6.6.html] > [https://www.elastic.co/guide/en/kibana/current/release-notes-6.6.0.html#breaking-6.6.0] > [https://www.elastic.co/guide/en/beats/libbeat/6.6/breaking-changes.html] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-342) No interval Logs Appearing in Elastic
[ https://issues.apache.org/jira/browse/SENSSOFT-342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-342: - Assignee: Joshua Poore > No interval Logs Appearing in Elastic > - > > Key: SENSSOFT-342 > URL: https://issues.apache.org/jira/browse/SENSSOFT-342 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 > Environment: Elastic 6.5 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Interval logs are being written but do not appear in Elastic. > Confirmed that they are being written using example server, via script tags > and web extensions. > NOTE: Need to replicate on 6.2.2. elastic build. > Hypothesis: missed some update to index in migration to Elastic 6.5–can see > that "interval" is a searchable property in Kibana filters. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-341) Web Extension Produces Duplicate Logs
[
https://issues.apache.org/jira/browse/SENSSOFT-341?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joshua Poore updated SENSSOFT-341:
--
Description:
The Web Extension produces duplicate logs w/ identical class structure and time
stamps (incl. microtime).
Affects 'SENSSOFT-336', '-SENSSOFT-192'- branches, and pre-Gulp 4.0.0
'-SENSSOFT-192'- builds.
Affects logs originating from both Firefox and Chrome
Confirmed that this isn't an indexing problem with Elastic–duplicate logs
appear in local file using our example server test utility.
Confirmed using both temporary 'unpacked' extensions built from source, and
pre-build extension on chrome store.
Behavior noted following upgrade to recent versions of Chrome/Firefox (72/65)
Confirmed that this behavior DOES NOT affect UserALE.js script tag deployments.
Confirmed that this behavior originates from browser using java "example" log
server (see below).
{code:java}
{"target":"div#main-masthead.ui masthead padded center aligned inverted
vertical segment","path":["div#main-masthead.ui masthead padded center aligned
inverted vertical
segment","div.main-wrapper","body","html","#document","Window"],"pageUrl":"http://senssoft.incubator.apache.org/","pageTitle":"Apache
SensSoft","pageReferrer":"","clientTime":1553281575226,"microTime":0.73,"location":{"x":288,"y":70},"type":"click","logType":"raw","userAction":true,"details":{"clicks":1,"ctrl":false,"alt":false,"shift":false,"meta":false},"userId":"nobody","toolVersion":null,"toolName":"test_app","useraleVersion":"1.1.0","sessionID":"session_1553280781567"},
{"target":"div#main-masthead.ui masthead padded center aligned inverted
vertical segment","path":["div#main-masthead.ui masthead padded center aligned
inverted vertical
segment","div.main-wrapper","body","html","#document","Window"],"pageUrl":"http://senssoft.incubator.apache.org/","pageTitle":"Apache
SensSoft","pageReferrer":"","clientTime":1553281575226,"microTime":0.73,"location":{"x":288,"y":70},"type":"click","logType":"raw","userAction":true,"details":{"clicks":1,"ctrl":false,"alt":false,"shift":false,"meta":false},"userId":"nobody","toolVersion":null,"toolName":"test_app","useraleVersion":"1.1.0","sessionID":"session_1553280781567"},
{code}
was:
The Web Extension produces duplicate logs w/ identical class structure and time
stamps (incl. microtime).
Affects 'SENSSOFT-336', '-SENSSOFT-192'- branches, and pre-Gulp 4.0.0
'-SENSSOFT-192'- builds.
Affects logs originating from both Firefox and Chrome
Confirmed that this isn't an indexing problem with Elastic–duplicate logs
appear in local file using our example server test utility.
Confirmed that this behavior DOES NOT affect UserALE.js script tag deployments.
Confirmed using both temporary 'unpacked' extensions built from source, and
pre-build extension on chrome store.
Behavior noted following upgrade to recent versions of Chrome/Firefox (72/65)
> Web Extension Produces Duplicate Logs
> -
>
> Key: SENSSOFT-341
> URL: https://issues.apache.org/jira/browse/SENSSOFT-341
> Project: SensSoft
> Issue Type: Bug
> Components: UserALE.js
>Affects Versions: UserALE.js 1.1.0, UserALE.js 2.0.0
> Environment: Chrome 72
> Firefox 65
> javascript
>Reporter: Joshua Poore
>Assignee: Joshua Poore
>Priority: Major
> Fix For: UserALE.js 1.1.0, UserALE.js 2.0.0
>
>
> The Web Extension produces duplicate logs w/ identical class structure and
> time stamps (incl. microtime).
> Affects 'SENSSOFT-336', '-SENSSOFT-192'- branches, and pre-Gulp 4.0.0
> '-SENSSOFT-192'- builds.
> Affects logs originating from both Firefox and Chrome
> Confirmed that this isn't an indexing problem with Elastic–duplicate logs
> appear in local file using our example server test utility.
> Confirmed using both temporary 'unpacked' extensions built from source, and
> pre-build extension on chrome store.
> Behavior noted following upgrade to recent versions of Chrome/Firefox (72/65)
> Confirmed that this behavior DOES NOT affect UserALE.js script tag
> deployments.
> Confirmed that this behavior originates from browser using java "example" log
> server (see below).
> {code:java}
> {"target":"div#main-masthead.ui masthead padded center aligned inverted
> vertical segment","path":["div#main-masthead.ui masthead padded center
> aligned inverted vertical
> segment","div.main-wrapper","body","html","#document","Window"],"pageUrl":"http://senssoft.incubator.apache.org/","pageTitle":"Apache
>
>
[jira] [Updated] (SENSSOFT-332) Upgrade to Elastic 6.6
[ https://issues.apache.org/jira/browse/SENSSOFT-332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-332: -- Description: Should be an easy upgrade given we're currently running 6.5.4. New features are great! [https://www.elastic.co/blog/elastic-stack-6-6-0-released] Doesn't appear to be any breaking changes to current configs rel to 6.5.4: [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] [https://www.elastic.co/guide/en/elasticsearch/reference/6.7/breaking-changes-6.6.html] [https://www.elastic.co/guide/en/kibana/current/release-notes-6.6.0.html#breaking-6.6.0] [https://www.elastic.co/guide/en/beats/libbeat/6.6/breaking-changes.html] was: Should be an easy upgrade given we're currently running 6.5.4. New features are great! [https://www.elastic.co/blog/elastic-stack-6-6-0-released] > Upgrade to Elastic 6.6 > -- > > Key: SENSSOFT-332 > URL: https://issues.apache.org/jira/browse/SENSSOFT-332 > Project: SensSoft > Issue Type: New Feature > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Should be an easy upgrade given we're currently running 6.5.4. New features > are great! > [https://www.elastic.co/blog/elastic-stack-6-6-0-released] > Doesn't appear to be any breaking changes to current configs rel to 6.5.4: > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/6.7/breaking-changes-6.6.html] > [https://www.elastic.co/guide/en/kibana/current/release-notes-6.6.0.html#breaking-6.6.0] > [https://www.elastic.co/guide/en/beats/libbeat/6.6/breaking-changes.html] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-332) Upgrade to Elastic 6.6
[ https://issues.apache.org/jira/browse/SENSSOFT-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16799053#comment-16799053 ] Joshua Poore commented on SENSSOFT-332: --- added new .yml file for ElasticSearch, Kibana, Logstash, Metricbeat 6.6.2 (current version) > Upgrade to Elastic 6.6 > -- > > Key: SENSSOFT-332 > URL: https://issues.apache.org/jira/browse/SENSSOFT-332 > Project: SensSoft > Issue Type: New Feature > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Should be an easy upgrade given we're currently running 6.5.4. New features > are great! > [https://www.elastic.co/blog/elastic-stack-6-6-0-released] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-342) No interval Logs Appearing in Elastic
Joshua Poore created SENSSOFT-342: - Summary: No interval Logs Appearing in Elastic Key: SENSSOFT-342 URL: https://issues.apache.org/jira/browse/SENSSOFT-342 Project: SensSoft Issue Type: Bug Components: builds Affects Versions: SensSoft 1.0 Environment: Elastic 6.5 Reporter: Joshua Poore Fix For: SensSoft 1.0 Interval logs are being written but do not appear in Elastic. Confirmed that they are being written using example server, via script tags and web extensions. NOTE: Need to replicate on 6.2.2. elastic build. Hypothesis: missed some update to index in migration to Elastic 6.5–can see that "interval" is a searchable property in Kibana filters. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-341) Web Extension Produces Duplicate Logs
Joshua Poore created SENSSOFT-341: - Summary: Web Extension Produces Duplicate Logs Key: SENSSOFT-341 URL: https://issues.apache.org/jira/browse/SENSSOFT-341 Project: SensSoft Issue Type: Bug Components: UserALE.js Affects Versions: UserALE.js 1.1.0, UserALE.js 2.0.0 Environment: Chrome 72 Firefox 65 javascript Reporter: Joshua Poore Assignee: Joshua Poore Fix For: UserALE.js 1.1.0, UserALE.js 2.0.0 The Web Extension produces duplicate logs w/ identical class structure and time stamps (incl. microtime). Affects SENSSOFT-336, SENSSOFT-192 branches, and pre-Gulp 4.0.0 SENSSOFT-192 builds. Affects logs originating from both Firefox and Chrome Confirmed that this isn't an indexing problem with Elastic–duplicate logs appear in local file using our example server test utility. Confirmed that this behavior DOES NOT affect UserALE.js script tag deployments. Behavior noted following upgrade to recent versions of Chrome/Firefox (72/65) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-341) Web Extension Produces Duplicate Logs
[ https://issues.apache.org/jira/browse/SENSSOFT-341?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-341: -- Description: The Web Extension produces duplicate logs w/ identical class structure and time stamps (incl. microtime). Affects 'SENSSOFT-336', '-SENSSOFT-192'- branches, and pre-Gulp 4.0.0 '-SENSSOFT-192'- builds. Affects logs originating from both Firefox and Chrome Confirmed that this isn't an indexing problem with Elastic–duplicate logs appear in local file using our example server test utility. Confirmed that this behavior DOES NOT affect UserALE.js script tag deployments. Confirmed using both temporary 'unpacked' extensions built from source, and pre-build extension on chrome store. Behavior noted following upgrade to recent versions of Chrome/Firefox (72/65) was: The Web Extension produces duplicate logs w/ identical class structure and time stamps (incl. microtime). Affects SENSSOFT-336, SENSSOFT-192 branches, and pre-Gulp 4.0.0 SENSSOFT-192 builds. Affects logs originating from both Firefox and Chrome Confirmed that this isn't an indexing problem with Elastic–duplicate logs appear in local file using our example server test utility. Confirmed that this behavior DOES NOT affect UserALE.js script tag deployments. Behavior noted following upgrade to recent versions of Chrome/Firefox (72/65) > Web Extension Produces Duplicate Logs > - > > Key: SENSSOFT-341 > URL: https://issues.apache.org/jira/browse/SENSSOFT-341 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0, UserALE.js 2.0.0 > Environment: Chrome 72 > Firefox 65 > javascript >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.1.0, UserALE.js 2.0.0 > > > The Web Extension produces duplicate logs w/ identical class structure and > time stamps (incl. microtime). > Affects 'SENSSOFT-336', '-SENSSOFT-192'- branches, and pre-Gulp 4.0.0 > '-SENSSOFT-192'- builds. > Affects logs originating from both Firefox and Chrome > Confirmed that this isn't an indexing problem with Elastic–duplicate logs > appear in local file using our example server test utility. > Confirmed that this behavior DOES NOT affect UserALE.js script tag > deployments. > Confirmed using both temporary 'unpacked' extensions built from source, and > pre-build extension on chrome store. > Behavior noted following upgrade to recent versions of Chrome/Firefox (72/65) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENSSOFT-340) UserALE.js fails to build on Branch-336
[ https://issues.apache.org/jira/browse/SENSSOFT-340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16781336#comment-16781336 ] Joshua Poore edited comment on SENSSOFT-340 at 3/1/19 6:36 AM: --- Have been unable to replicate this error: Hypothesis 1: Uncaught breaking change in Gulp 4.0.0 migration. Rebuilt from scratch with NPM 6.7.0 Node.js 11.1.0, Successfully Hypotheses 2: Global Gulp/NPM settings cause different outcomes for different users On my end, updated 'Engine' var in package.js for ~ NPM 6.7.0, ~ Node.js 11.1.0 (NPM, 6.5.0 should be comparable), rebuilt successfully. Hypothesis 3: Global Rollup versions conflict with local userale.js packages, causing different outcomes for different users. Updated Rollup from v 0.26 -> 1.3.2 (!!) and rollup-plugin-json. Breaking changes resolved in gulpfile. Tested script tag and plugins with new build. They function to expectation in chrome and firefox, consistent with SENSSOFT-192 branch. Regression testing finds that Useralejs builds from SENSSOFT-192 through rollup with iife format are subtly different from those build in SENSSOFT-336, despite minimal syntax changes to this gulp/rollup task. Does not appear to be functionally different after unit and integration testing–seems to be inherent to modern version of rollup. Based on docs [1-2], userale.js rollup output is left as iify (optimized for script tags), other rollup outputs (ext) are left as esm modules. was (Author: poor...@me.com): Have been unable to replicate this error: Hypothesis 1: Uncaught breaking change in Gulp 4.0.0 migration. Rebuilt from scratch with NPM 6.7.0 Node.js 11.1.0, Successfully Hypotheses 2: Global Gulp/NPM settings cause different outcomes for different users On my end, updated 'Engine' var in package.js for ~ 6.7.0, ~ Node.js 11.1.0 (NPM, 6.5.0 should be comparable), rebuilt successfully. Hypothesis 3: Global Rollup versions conflict with local userale.js packages, causing different outcomes for different users. Updated Rollup from v 0.26 -> 1.3.2 (!!) and rollup-plugin-json. Breaking changes resolved in gulpfile. Tested script tag and plugins with new build. They function to expectation in chrome and firefox, consistent with SENSSOFT-192 branch. Regression testing finds that Useralejs builds from SENSSOFT-192 through rollup with iife format are subtly different from those build in SENSSOFT-336, despite minimal syntax changes to this gulp/rollup task. Does not appear to be functionally different after unit and integration testing–seems to be inherent to modern version of rollup. Based on docs [1-2], userale.js rollup output is left as iify (optimized for script tags), other rollup outputs (ext) are left as esm modules. > UserALE.js fails to build on Branch-336 > --- > > Key: SENSSOFT-340 > URL: https://issues.apache.org/jira/browse/SENSSOFT-340 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 > Environment: NPM v3.5.2 and v6.5.0, Node.js ?? >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Critical > Fix For: UserALE.js 2.0.0 > > > Following Gulp 4.0.0 update one user reports that userale.js will not build > on SENSSOFT-336 > Ran on NPM v3.5.2 and v6.5.0 > Error at 'build-web-ext' > Error Text: 'Error: Could not load null: path must be a string or Buffer' > /npm-modules/rollup/dist. ... > Rollup is clearly having trouble > Not a common issue, very few tickets/stackexchange(s): > [https://github.com/szwacz/electron-boilerplate/issues/102] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-340) UserALE.js fails to build on Branch-336
[ https://issues.apache.org/jira/browse/SENSSOFT-340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-340. --- Resolution: Cannot Reproduce Can't reproduce. However, have taken steps to reduce the likelihood (updating very outdated dependencies) that this happens elsewhere. Will keep investigating. > UserALE.js fails to build on Branch-336 > --- > > Key: SENSSOFT-340 > URL: https://issues.apache.org/jira/browse/SENSSOFT-340 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 > Environment: NPM v3.5.2 and v6.5.0, Node.js ?? >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Critical > Fix For: UserALE.js 2.0.0 > > > Following Gulp 4.0.0 update one user reports that userale.js will not build > on SENSSOFT-336 > Ran on NPM v3.5.2 and v6.5.0 > Error at 'build-web-ext' > Error Text: 'Error: Could not load null: path must be a string or Buffer' > /npm-modules/rollup/dist. ... > Rollup is clearly having trouble > Not a common issue, very few tickets/stackexchange(s): > [https://github.com/szwacz/electron-boilerplate/issues/102] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-340) UserALE.js fails to build on Branch-336
[ https://issues.apache.org/jira/browse/SENSSOFT-340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16781336#comment-16781336 ] Joshua Poore commented on SENSSOFT-340: --- Have been unable to replicate this error: Hypothesis 1: Uncaught breaking change in Gulp 4.0.0 migration. Rebuilt from scratch with NPM 6.7.0 Node.js 11.1.0, Successfully Hypotheses 2: Global Gulp/NPM settings cause different outcomes for different users On my end, updated 'Engine' var in package.js for ~ 6.7.0, ~ Node.js 11.1.0 (NPM, 6.5.0 should be comparable), rebuilt successfully. Hypothesis 3: Global Rollup versions conflict with local userale.js packages, causing different outcomes for different users. Updated Rollup from v 0.26 -> 1.3.2 (!!) and rollup-plugin-json. Breaking changes resolved in gulpfile. Tested script tag and plugins with new build. They function to expectation in chrome and firefox, consistent with SENSSOFT-192 branch. Regression testing finds that Useralejs builds from SENSSOFT-192 through rollup with iife format are subtly different from those build in SENSSOFT-336, despite minimal syntax changes to this gulp/rollup task. Does not appear to be functionally different after unit and integration testing–seems to be inherent to modern version of rollup. Based on docs [1-2], userale.js rollup output is left as iify (optimized for script tags), other rollup outputs (ext) are left as esm modules. > UserALE.js fails to build on Branch-336 > --- > > Key: SENSSOFT-340 > URL: https://issues.apache.org/jira/browse/SENSSOFT-340 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 > Environment: NPM v3.5.2 and v6.5.0, Node.js ?? >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Critical > Fix For: UserALE.js 2.0.0 > > > Following Gulp 4.0.0 update one user reports that userale.js will not build > on SENSSOFT-336 > Ran on NPM v3.5.2 and v6.5.0 > Error at 'build-web-ext' > Error Text: 'Error: Could not load null: path must be a string or Buffer' > /npm-modules/rollup/dist. ... > Rollup is clearly having trouble > Not a common issue, very few tickets/stackexchange(s): > [https://github.com/szwacz/electron-boilerplate/issues/102] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-340) UserALE.js fails to build on Branch-336
[ https://issues.apache.org/jira/browse/SENSSOFT-340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-340: -- Description: Following Gulp 4.0.0 update one user reports that userale.js will not build on SENSSOFT-336 Ran on NPM v3.5.2 and v6.5.0 Error at 'build-web-ext' Error Text: 'Error: Could not load null: path must be a string or Buffer' /npm-modules/rollup/dist. ... Rollup is clearly having trouble Not a common issue, very few tickets/stackexchange(s): [https://github.com/szwacz/electron-boilerplate/issues/102] was: Following Gulp 4.0.0 update one user reports that userale.js will not build on SENSSOFT-336 Ran on NPM v3.5.2 and v6.5.0 Error at 'build-web-ext' Error Text: 'Error: Could not load null: path must be a string or Buffer' > UserALE.js fails to build on Branch-336 > --- > > Key: SENSSOFT-340 > URL: https://issues.apache.org/jira/browse/SENSSOFT-340 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 > Environment: NPM v3.5.2 and v6.5.0, Node.js ?? >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Critical > Fix For: UserALE.js 2.0.0 > > > Following Gulp 4.0.0 update one user reports that userale.js will not build > on SENSSOFT-336 > Ran on NPM v3.5.2 and v6.5.0 > Error at 'build-web-ext' > Error Text: 'Error: Could not load null: path must be a string or Buffer' > /npm-modules/rollup/dist. ... > Rollup is clearly having trouble > Not a common issue, very few tickets/stackexchange(s): > [https://github.com/szwacz/electron-boilerplate/issues/102] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-340) UserALE.js fails to build on Branch-336
Joshua Poore created SENSSOFT-340: - Summary: UserALE.js fails to build on Branch-336 Key: SENSSOFT-340 URL: https://issues.apache.org/jira/browse/SENSSOFT-340 Project: SensSoft Issue Type: Bug Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Environment: NPM v3.5.2 and v6.5.0, Node.js ?? Reporter: Joshua Poore Assignee: Joshua Poore Fix For: UserALE.js 2.0.0 Following Gulp 4.0.0 update one user reports that userale.js will not build on SENSSOFT-336 Ran on NPM v3.5.2 and v6.5.0 Error at 'build-web-ext' Error Text: 'Error: Could not load null: path must be a string or Buffer' -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-331) Call and Configured UserAle.js via Webpack from src
[ https://issues.apache.org/jira/browse/SENSSOFT-331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-331: - Assignee: Joshua Poore (was: Rob Foley) > Call and Configured UserAle.js via Webpack from src > --- > > Key: SENSSOFT-331 > URL: https://issues.apache.org/jira/browse/SENSSOFT-331 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End users want to use webpack to call and configure userale.js from src. > Merit's investigation -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-332) Upgrade to Elastic 6.6
[ https://issues.apache.org/jira/browse/SENSSOFT-332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-332: - Assignee: Joshua Poore > Upgrade to Elastic 6.6 > -- > > Key: SENSSOFT-332 > URL: https://issues.apache.org/jira/browse/SENSSOFT-332 > Project: SensSoft > Issue Type: New Feature > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Should be an easy upgrade given we're currently running 6.5.4. New features > are great! > [https://www.elastic.co/blog/elastic-stack-6-6-0-released] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-331) Call and Configured UserAle.js via Webpack from src
[ https://issues.apache.org/jira/browse/SENSSOFT-331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-331: - Assignee: (was: Joshua Poore) > Call and Configured UserAle.js via Webpack from src > --- > > Key: SENSSOFT-331 > URL: https://issues.apache.org/jira/browse/SENSSOFT-331 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End users want to use webpack to call and configure userale.js from src. > Merit's investigation -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-328) Page Sessions in UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-328: - Assignee: Joshua Poore (was: Rob Foley) > Page Sessions in UserALE.js > --- > > Key: SENSSOFT-328 > URL: https://issues.apache.org/jira/browse/SENSSOFT-328 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End Users want to capture page sessions. > A page session event class is out of scope for UserALE.js > However, it should be trivial to build a PageSessionId, using the same > methods we use to build a browser session id, store in SessionStorage, if > there is no existing PageSessionId already stored in SessionStorage. > Functionality would be added to PackageLogs UserALE.js src -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-335) Update Gulp file to Gulp 4.0.0 preferred format
[ https://issues.apache.org/jira/browse/SENSSOFT-335?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-335: - Assignee: (was: Joshua Poore) > Update Gulp file to Gulp 4.0.0 preferred format > --- > > Key: SENSSOFT-335 > URL: https://issues.apache.org/jira/browse/SENSSOFT-335 > Project: SensSoft > Issue Type: Improvement > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Priority: Trivial > Fix For: UserALE.js 2.0.0 > > > Gulp 4 "prefers" a certain structure to the gulpfile (see > [https://github.com/gulpjs/gulp/issues/1392]): > vars/const > funx () > gulp.task x, y, z > > While we have updated to Gulp 4 from 3.9.1, our gulpfile is still in the old > structure, which functions embedded in gulp.tasks > vars/const > gulp.task x (funx), y (funx), z (funx) > > The result is that Gulp runs tasks serialized or paralleled funx as > tasks, rather than named tasks. Annoying cosmetic issue in > console output and if our gulpfile gets more complex, potentially something > more annoying for debugging purposes. > Modify our gulpfile to adopt Gulp 4 preferred structure. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-330) Page Loads with UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-330?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-330: - Assignee: (was: Joshua Poore) > Page Loads with UserALE.js > -- > > Key: SENSSOFT-330 > URL: https://issues.apache.org/jira/browse/SENSSOFT-330 > Project: SensSoft > Issue Type: Wish > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End users want page load stats. Not 100% how this fits within userale.js > scope, but may be worth investigating as a new event class. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-329) Browser Fingerprints in UseALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-329: - Assignee: (was: Joshua Poore) > Browser Fingerprints in UseALE.js > - > > Key: SENSSOFT-329 > URL: https://issues.apache.org/jira/browse/SENSSOFT-329 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End Users want to get details about a browser. They want this available in > the script tag deployment scheme. > It should be trivial to get through navigator.appVersion property, and add > some logic to parse the broswer and version to make them searchable in one or > more fields. > This should be on every document, so this is a mod to packageLogs UserALE.js > src -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-245) UserALE Bandwidth Benchmarking
[ https://issues.apache.org/jira/browse/SENSSOFT-245?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-245: - Assignee: (was: Rob Foley) > UserALE Bandwidth Benchmarking > -- > > Key: SENSSOFT-245 > URL: https://issues.apache.org/jira/browse/SENSSOFT-245 > Project: SensSoft > Issue Type: Task > Components: UserALE.js > Environment: html >Reporter: Joshua Poore >Priority: Major > Fix For: UserALE.js 2.0.0 > > > We need to know bandwidth impact with 3 levels of settings: default, LowFI, > HighFI (later are negotiable). How much bandwidth will logging require FROM > THE WEB. May be worthwhile to make general recommendations for storage, as > well. > I'm looking for a stacked histogram or line chart (DoD) > Extra points for throwing it on the website. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-330) Page Loads with UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-330?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-330: - Assignee: Joshua Poore (was: Rob Foley) > Page Loads with UserALE.js > -- > > Key: SENSSOFT-330 > URL: https://issues.apache.org/jira/browse/SENSSOFT-330 > Project: SensSoft > Issue Type: Wish > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End users want page load stats. Not 100% how this fits within userale.js > scope, but may be worth investigating as a new event class. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-336) Document Meta-Data on UserALE.js Logs
[ https://issues.apache.org/jira/browse/SENSSOFT-336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-336: - Assignee: Joshua Poore (was: Rob Foley) > Document Meta-Data on UserALE.js Logs > - > > Key: SENSSOFT-336 > URL: https://issues.apache.org/jira/browse/SENSSOFT-336 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 2.0.0 > > > End-Users Want Additional Data on UserALE.js logs (script-tag + EXT) to give > added context to logs. Especially useful for Business Analytics use-cases -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-329) Browser Fingerprints in UseALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-329: - Assignee: Joshua Poore (was: Rob Foley) > Browser Fingerprints in UseALE.js > - > > Key: SENSSOFT-329 > URL: https://issues.apache.org/jira/browse/SENSSOFT-329 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End Users want to get details about a browser. They want this available in > the script tag deployment scheme. > It should be trivial to get through navigator.appVersion property, and add > some logic to parse the broswer and version to make them searchable in one or > more fields. > This should be on every document, so this is a mod to packageLogs UserALE.js > src -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-335) Update Gulp file to Gulp 4.0.0 preferred format
[ https://issues.apache.org/jira/browse/SENSSOFT-335?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-335: - Assignee: Joshua Poore (was: Rob Foley) > Update Gulp file to Gulp 4.0.0 preferred format > --- > > Key: SENSSOFT-335 > URL: https://issues.apache.org/jira/browse/SENSSOFT-335 > Project: SensSoft > Issue Type: Improvement > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Trivial > Fix For: UserALE.js 2.0.0 > > > Gulp 4 "prefers" a certain structure to the gulpfile (see > [https://github.com/gulpjs/gulp/issues/1392]): > vars/const > funx () > gulp.task x, y, z > > While we have updated to Gulp 4 from 3.9.1, our gulpfile is still in the old > structure, which functions embedded in gulp.tasks > vars/const > gulp.task x (funx), y (funx), z (funx) > > The result is that Gulp runs tasks serialized or paralleled funx as > tasks, rather than named tasks. Annoying cosmetic issue in > console output and if our gulpfile gets more complex, potentially something > more annoying for debugging purposes. > Modify our gulpfile to adopt Gulp 4 preferred structure. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-338) Mocha unit tests treat 'document' and 'window' as 'Undefinied' vars
[ https://issues.apache.org/jira/browse/SENSSOFT-338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-338. --- Resolution: Fixed Used jsdom-global library to resolve. easy to include, exposes DOM elements as global variables in jsdom environments. Simply invoke at script level through 'require' or 'import'. Good package, well used and has hooks that play nice with Mocha 6. but, requires at least a 'modern' version of JSDOM SENSSOFT-339 > Mocha unit tests treat 'document' and 'window' as 'Undefinied' vars > > > Key: SENSSOFT-338 > URL: https://issues.apache.org/jira/browse/SENSSOFT-338 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Blocker > Fix For: UserALE.js 2.0.0 > > > Results in failing unit tests, although document and window are global > variables properties in deploy/prod environment (browser). > Fix tests. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-338) Mocha unit tests treat 'document' and 'window' as 'Undefinied' vars
[ https://issues.apache.org/jira/browse/SENSSOFT-338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-338: - Assignee: Joshua Poore (was: Rob Foley) > Mocha unit tests treat 'document' and 'window' as 'Undefinied' vars > > > Key: SENSSOFT-338 > URL: https://issues.apache.org/jira/browse/SENSSOFT-338 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Blocker > Fix For: UserALE.js 2.0.0 > > > Results in failing unit tests, although document and window are global > variables properties in deploy/prod environment (browser). > Fix tests. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-339) Update to JSDOM for Unit Testing
Joshua Poore created SENSSOFT-339: - Summary: Update to JSDOM for Unit Testing Key: SENSSOFT-339 URL: https://issues.apache.org/jira/browse/SENSSOFT-339 Project: SensSoft Issue Type: Bug Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Joshua Poore Fix For: UserALE.js 2.0.0 Something like 22 of 45 unit tests use JSDOM as a prod environment emulator (webpage). We currently use v8, which is outdated. New version (13.1.0) introduces breaking changes (as of v10). Namely there are scripting/syntactical differences in how environments are configured and called. Update to current version 13.1.0 -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-334) Add pageTitle to UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-334. --- Resolution: Fixed > Add pageTitle to UserALE.js > --- > > Key: SENSSOFT-334 > URL: https://issues.apache.org/jira/browse/SENSSOFT-334 > Project: SensSoft > Issue Type: Sub-task > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > page title is a great searchable field. We currently get it in details in the > browser plugin, but we need in all of our logs. > Easy add to packagelogs userale src. > Have a working solution that I'm testing with the browser plugin. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-337) Add pageReferrer to UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-337?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-337. --- Resolution: Fixed > Add pageReferrer to UserALE.js > --- > > Key: SENSSOFT-337 > URL: https://issues.apache.org/jira/browse/SENSSOFT-337 > Project: SensSoft > Issue Type: Sub-task > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 2.0.0 > > > End-users want to be able to retrieve document.referrer and link to logs > within a given session. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-333) Add pageURL to UserALE.js logs
[ https://issues.apache.org/jira/browse/SENSSOFT-333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-333: -- Issue Type: Sub-task (was: New Feature) Parent: SENSSOFT-336 > Add pageURL to UserALE.js logs > -- > > Key: SENSSOFT-333 > URL: https://issues.apache.org/jira/browse/SENSSOFT-333 > Project: SensSoft > Issue Type: Sub-task > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > Currently, we only get pageURL via the Browser plugin, however, this is > useful for script tag deployments too. > Have a working fix for this. Testing this out to make sure it doesn't act > strangely when userale.js. is used with browser plugin -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-333) Add pageURL to UserALE.js logs
[ https://issues.apache.org/jira/browse/SENSSOFT-333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-333. --- Resolution: Fixed > Add pageURL to UserALE.js logs > -- > > Key: SENSSOFT-333 > URL: https://issues.apache.org/jira/browse/SENSSOFT-333 > Project: SensSoft > Issue Type: Sub-task > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > Currently, we only get pageURL via the Browser plugin, however, this is > useful for script tag deployments too. > Have a working fix for this. Testing this out to make sure it doesn't act > strangely when userale.js. is used with browser plugin -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SENSSOFT-337) Add pageReferrer to UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-337?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-337: - Assignee: Joshua Poore (was: Rob Foley) > Add pageReferrer to UserALE.js > --- > > Key: SENSSOFT-337 > URL: https://issues.apache.org/jira/browse/SENSSOFT-337 > Project: SensSoft > Issue Type: Sub-task > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 2.0.0 > > > End-users want to be able to retrieve document.referrer and link to logs > within a given session. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-338) Mocha unit tests treat 'document' and 'window' as 'Undefinied' vars
Joshua Poore created SENSSOFT-338: - Summary: Mocha unit tests treat 'document' and 'window' as 'Undefinied' vars Key: SENSSOFT-338 URL: https://issues.apache.org/jira/browse/SENSSOFT-338 Project: SensSoft Issue Type: Bug Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 Results in failing unit tests, although document and window are properties in deploy/prod environment. Fix tests. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-337) Add pageReferrer to UserALE.js
Joshua Poore created SENSSOFT-337: - Summary: Add pageReferrer to UserALE.js Key: SENSSOFT-337 URL: https://issues.apache.org/jira/browse/SENSSOFT-337 Project: SensSoft Issue Type: Sub-task Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 End-users want to be able to retrieve document.referrer and link to logs within a given session. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-334) Add pageTitle to UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-334: -- Issue Type: Sub-task (was: Improvement) Parent: SENSSOFT-336 > Add pageTitle to UserALE.js > --- > > Key: SENSSOFT-334 > URL: https://issues.apache.org/jira/browse/SENSSOFT-334 > Project: SensSoft > Issue Type: Sub-task > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > page title is a great searchable field. We currently get it in details in the > browser plugin, but we need in all of our logs. > Easy add to packagelogs userale src. > Have a working solution that I'm testing with the browser plugin. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-336) Document Meta-Data on UserALE.js Logs
Joshua Poore created SENSSOFT-336: - Summary: Document Meta-Data on UserALE.js Logs Key: SENSSOFT-336 URL: https://issues.apache.org/jira/browse/SENSSOFT-336 Project: SensSoft Issue Type: New Feature Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 End-Users Want Additional Data on UserALE.js logs (script-tag + EXT) to give added context to logs. Especially useful for Business Analytics use-cases -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-335) Update Gulp file to Gulp 4.0.0 preferred format
Joshua Poore created SENSSOFT-335: - Summary: Update Gulp file to Gulp 4.0.0 preferred format Key: SENSSOFT-335 URL: https://issues.apache.org/jira/browse/SENSSOFT-335 Project: SensSoft Issue Type: Improvement Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 Gulp 4 "prefers" a certain structure to the gulpfile (see [https://github.com/gulpjs/gulp/issues/1392]): vars/const funx () gulp.task x, y, z While we have updated to Gulp 4 from 3.9.1, our gulpfile is still in the old structure, which functions embedded in gulp.tasks vars/const gulp.task x (funx), y (funx), z (funx) The result is that Gulp runs tasks serialized or paralleled funx as tasks, rather than named tasks. Annoying cosmetic issue in console output and if our gulpfile gets more complex, potentially something more annoying for debugging purposes. Modify our gulpfile to adopt Gulp 4 preferred structure. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENSSOFT-328) Page Sessions in UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-328?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16776093#comment-16776093 ] Joshua Poore edited comment on SENSSOFT-328 at 2/24/19 2:18 AM: The webextension generates sessions by tabs–new session IDs are created when tabs are opened and closed. That means that different events collected from different pages in the same tab will have the same session id. However, the same method used via script tag will change session id if the page is navigated away from and returned to (or reloaded) within the same tab. So resolved for now, but should see if we need web ext to generate a page session id as well. was (Author: poor...@me.com): The webextension generates sessions by tabs–new session IDs are created when tabs are opened and closed. That means that different events collected from different pages in the same tab will have the same session id. However, the same method used via script tag will change session id if the page is navigated away from and returned to (reloads dont do it) within the same tab. So resolved for now, but should see if we need web ext to generate a page session id as well. > Page Sessions in UserALE.js > --- > > Key: SENSSOFT-328 > URL: https://issues.apache.org/jira/browse/SENSSOFT-328 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Rob Foley >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End Users want to capture page sessions. > A page session event class is out of scope for UserALE.js > However, it should be trivial to build a PageSessionId, using the same > methods we use to build a browser session id, store in SessionStorage, if > there is no existing PageSessionId already stored in SessionStorage. > Functionality would be added to PackageLogs UserALE.js src -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-328) Page Sessions in UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-328. --- Resolution: Fixed The webextension generates sessions by tabs–new session IDs are created when tabs are opened and closed. That means that different events collected from different pages in the same tab will have the same session id. However, the same method used via script tag will change session id if the page is navigated away from and returned to (reloads dont do it) within the same tab. So resolved for now, but should see if we need web ext to generate a page session id as well. > Page Sessions in UserALE.js > --- > > Key: SENSSOFT-328 > URL: https://issues.apache.org/jira/browse/SENSSOFT-328 > Project: SensSoft > Issue Type: New Feature > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Rob Foley >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > End Users want to capture page sessions. > A page session event class is out of scope for UserALE.js > However, it should be trivial to build a PageSessionId, using the same > methods we use to build a browser session id, store in SessionStorage, if > there is no existing PageSessionId already stored in SessionStorage. > Functionality would be added to PackageLogs UserALE.js src -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-322?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-322. --- Resolution: Fixed > minimatch deprecation: ReDOS vulnerability > -- > > Key: SENSSOFT-322 > URL: https://issues.apache.org/jira/browse/SENSSOFT-322 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > Attachments: minimatch 2.0.7 vulnerability > > > minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to > ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of > vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: > # The right way: update to gulp 4.0.0, which has breaking changes. > # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm > install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of > vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing > npm to install 3.0.2 should remove vulnerability. This solution is purely a > downstream hack. see this thread: > [https://stackoverflow.com/questions/38046392/npm-warn-deprecated-minimatch2-0-10-please-update-to-minimatch-3-0-2-or-higher/38077214] > Will test #2 as an intermediate solution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Closed] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore closed SENSSOFT-323. - No more vulnerabilities (for now) > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Blocker > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Closed] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-322?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore closed SENSSOFT-322. - minimatch was a Gulp 3.9.1 dependency. Resolved by updating to Gulp 4.0.0 > minimatch deprecation: ReDOS vulnerability > -- > > Key: SENSSOFT-322 > URL: https://issues.apache.org/jira/browse/SENSSOFT-322 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > Attachments: minimatch 2.0.7 vulnerability > > > minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to > ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of > vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: > # The right way: update to gulp 4.0.0, which has breaking changes. > # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm > install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of > vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing > npm to install 3.0.2 should remove vulnerability. This solution is purely a > downstream hack. see this thread: > [https://stackoverflow.com/questions/38046392/npm-warn-deprecated-minimatch2-0-10-please-update-to-minimatch-3-0-2-or-higher/38077214] > Will test #2 as an intermediate solution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16776090#comment-16776090 ] Joshua Poore commented on SENSSOFT-323: --- Tested script tag via "example" index.html in Chrome and Firefox (current) Tested "unpacked" browser extension in both Chrome and Firefox (current) Passed through Elastic Pipeline w/o issue. Pushed changes to SENSSOFT-323, merged into SENSSOFT-192, deleted SENSSOFT-323 > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Blocker > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16775769#comment-16775769 ] Joshua Poore commented on SENSSOFT-323: --- Testing functionality of artifacts through logging pipeline before pushing later. > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Blocker > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[
https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16775768#comment-16775768
]
Joshua Poore commented on SENSSOFT-323:
---
Eureka! Some stupid parens were making life irritating!
I have a build solution running, all userale artifacts are building and tests
are running as expected.
Only nit is that Gulp 4 is pushing for an entire re-write to the Gulp File so
that named functions are specified after vars, following gulp.task procedural
logic. Passing our code, which embeds the functions in gulp.task, through Gulp
4 results in the console logging a lot of "anonymous" tasks. This happens every
time we run a series within gulp task (see below). I'll write another ticket to
modify our gulpfile to the new schema, but this is purely cosmetic (low
priority):
{code:java}
[21:47:53] Using gulpfile
~/Documents/Apache_SensSoft/dev/incubator-senssoft-useralejs-SENSSOFT-323/gulpfile.js
[21:47:53] Starting 'test'...
[21:47:53] Starting 'build'...
[21:47:53] Starting 'rollup'...
[21:47:53] Finished 'rollup' after 82 ms
[21:47:53] Starting 'build-web-ext'...
[21:47:53] Starting 'rollup-web-ext-content'...
[21:47:53] Finished 'rollup-web-ext-content' after 61 ms
[21:47:53] Starting 'rollup-web-ext-background'...
[21:47:54] Finished 'rollup-web-ext-background' after 31 ms
[21:47:54] Starting 'rollup-web-ext-options'...
[21:47:54] Finished 'rollup-web-ext-options' after 4.98 ms
[21:47:54] Starting ''...
[21:47:54] Finished '' after 33 ms
[21:47:54] Finished 'build-web-ext' after 131 ms
[21:47:54] Starting ''...
[21:47:54] Finished '' after 261 ms
[21:47:54] Finished 'build' after 476 ms
[21:47:54] Starting 'lint'...
[21:47:54] Finished 'lint' after 345 ms
[21:47:54] Starting ''...
attachHandlers
✓ attaches all the event handlers without duplicates
✓ debounces bufferedEvents (507ms)
defineDetails
- configures high detail events correctly
configure
✓ merges new configs into main config object
✓ includes a userid if present in the window.location
getUserIdFromParams
✓ fetches userId from URL params
✓ returns null if no matching param
getInitialSettings
timeStampScale
✓ no event.timestamp
✓ zero
✓ epoch milliseconds
✓ epoch microseconds
✓ performance navigation time
getInitialSettings
✓ fetches all settings from a script tag (99ms)
✓ grabs user id from params
Userale API
✓ provides configs
✓ edits configs
✓ starts + stops (212ms)
✓ sends custom logs
packageLogs
setLogFilter
✓ assigns the handler to the provided value
✓ allows the handler to be nulled
setLogMapper
✓ assigns the handler to the provided value
✓ allows the handler to be nulled
packageLog
✓ only executes if on
✓ calls detailFcn with the event as an argument if provided
✓ packages logs
✓ filters logs when a handler is assigned and returns false
✓ assigns logs to the mapper's return value if a handler is assigned
✓ does not call the map handler if the log is filtered out
✓ does not attempt to call a non-function filter/mapper
extractTimeFields
✓ returns the millisecond and microsecond portions of a timestamp
✓ sets micro to 0 when no decimal is present
✓ always returns an object
getLocation
✓ returns event page location
✓ calculates page location if unavailable
✓ fails to null
selectorizePath
✓ returns a new array of the same length provided
getSelector
✓ builds a selector
✓ identifies window
✓ handles a non-null unknown value
buildPath
✓ builds a path
✓ defaults to path if available
sendLogs
✓ sends logs on an interval
✓ does not send logs if the config is off
✓ sends logs on page exit with navigator
✓ sends logs on page exit without navigator
✓ does not send logs on page exit if config is off
45 passing (948ms)
1 pending
{code}
> Update to Gulp 4.0.0
>
>
> Key: SENSSOFT-323
> URL: https://issues.apache.org/jira/browse/SENSSOFT-323
> Project: SensSoft
> Issue Type: Bug
> Components: UserALE.js
>Affects Versions: UserALE.js 1.1.0
> Environment: NPM, Node.js
>Reporter: Joshua Poore
>Assignee: Joshua Poore
>Priority: Blocker
> Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0
>
>
> Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also
> deprecated). Gulp 4 solves all these issues. However, it has breaking changes
> with new syntax and new dependences (e.g., moves away from gulp-utilities).
> Some relevant refs:
> [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a]
>
[jira] [Assigned] (SENSSOFT-334) Add pageTitle to UserALE.js
[ https://issues.apache.org/jira/browse/SENSSOFT-334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore reassigned SENSSOFT-334: - Assignee: Joshua Poore (was: Rob Foley) > Add pageTitle to UserALE.js > --- > > Key: SENSSOFT-334 > URL: https://issues.apache.org/jira/browse/SENSSOFT-334 > Project: SensSoft > Issue Type: Improvement > Components: UserALE.js >Affects Versions: UserALE.js 2.0.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Minor > Fix For: UserALE.js 2.0.0 > > > page title is a great searchable field. We currently get it in details in the > browser plugin, but we need in all of our logs. > Easy add to packagelogs userale src. > Have a working solution that I'm testing with the browser plugin. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-333) Add pageURL to UserALE.js logs
Joshua Poore created SENSSOFT-333: - Summary: Add pageURL to UserALE.js logs Key: SENSSOFT-333 URL: https://issues.apache.org/jira/browse/SENSSOFT-333 Project: SensSoft Issue Type: New Feature Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Joshua Poore Fix For: UserALE.js 2.0.0 Currently, we only get pageURL via the Browser plugin, however, this is useful for script tag deployments too. Have a working fix for this. Testing this out to make sure it doesn't act strangely when userale.js. is used with browser plugin -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-334) Add pageTitle to UserALE.js
Joshua Poore created SENSSOFT-334: - Summary: Add pageTitle to UserALE.js Key: SENSSOFT-334 URL: https://issues.apache.org/jira/browse/SENSSOFT-334 Project: SensSoft Issue Type: Improvement Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 page title is a great searchable field. We currently get it in details in the browser plugin, but we need in all of our logs. Easy add to packagelogs userale src. Have a working solution that I'm testing with the browser plugin. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-323: -- Priority: Blocker (was: Critical) > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Blocker > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-332) Upgrade to Elastic 6.6
Joshua Poore created SENSSOFT-332: - Summary: Upgrade to Elastic 6.6 Key: SENSSOFT-332 URL: https://issues.apache.org/jira/browse/SENSSOFT-332 Project: SensSoft Issue Type: New Feature Components: builds Affects Versions: SensSoft 1.0 Reporter: Joshua Poore Fix For: SensSoft 1.0 Should be an easy upgrade given we're currently running 6.5.4. New features are great! [https://www.elastic.co/blog/elastic-stack-6-6-0-released] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-331) Call and Configured UserAle.js via Webpack from src
Joshua Poore created SENSSOFT-331: - Summary: Call and Configured UserAle.js via Webpack from src Key: SENSSOFT-331 URL: https://issues.apache.org/jira/browse/SENSSOFT-331 Project: SensSoft Issue Type: New Feature Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 End users want to use webpack to call and configure userale.js from src. Merit's investigation -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-330) Page Loads with UserALE.js
Joshua Poore created SENSSOFT-330: - Summary: Page Loads with UserALE.js Key: SENSSOFT-330 URL: https://issues.apache.org/jira/browse/SENSSOFT-330 Project: SensSoft Issue Type: Wish Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 End users want page load stats. Not 100% how this fits within userale.js scope, but may be worth investigating as a new event class. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-329) Browser Fingerprints in UseALE.js
Joshua Poore created SENSSOFT-329: - Summary: Browser Fingerprints in UseALE.js Key: SENSSOFT-329 URL: https://issues.apache.org/jira/browse/SENSSOFT-329 Project: SensSoft Issue Type: New Feature Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 End Users want to get details about a browser. They want this available in the script tag deployment scheme. It should be trivial to get through navigator.appVersion property, and add some logic to parse the broswer and version to make them searchable in one or more fields. This should be on every document, so this is a mod to packageLogs UserALE.js src -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-328) Page Sessions in UserALE.js
Joshua Poore created SENSSOFT-328: - Summary: Page Sessions in UserALE.js Key: SENSSOFT-328 URL: https://issues.apache.org/jira/browse/SENSSOFT-328 Project: SensSoft Issue Type: New Feature Components: UserALE.js Affects Versions: UserALE.js 2.0.0 Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 2.0.0 End Users want to capture page sessions. A page session event class is out of scope for UserALE.js However, it should be trivial to build a PageSessionId, using the same methods we use to build a browser session id, store in SessionStorage, if there is no existing PageSessionId already stored in SessionStorage. Functionality would be added to PackageLogs UserALE.js src -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16748313#comment-16748313 ] Joshua Poore commented on SENSSOFT-323: --- [~rf]–Thanks!! Helpful. The myriad packages involved in minifying is a startling cadre. I'll try this out, however, I doesn't look like the minify operation should have any impact on the test pipeline. I'll keep hunting for syntax errors. Thanks for the pointer! Good to hear from you! > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Critical > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-327) Plugin does not accept toolVersion params from Options menu
Joshua Poore created SENSSOFT-327: - Summary: Plugin does not accept toolVersion params from Options menu Key: SENSSOFT-327 URL: https://issues.apache.org/jira/browse/SENSSOFT-327 Project: SensSoft Issue Type: Improvement Components: UserALE.js Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 Environment: javascript, ruby Reporter: Joshua Poore Assignee: Rob Foley Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 entering in a toolVersion value in the Options menu of the Chrome plugin does not result in logs labeled as such. testing through /example/index.html confirms that userale-1.1.0.min.js will produce logs with toolVersion if params are passed through script tag. hypothesis: logstash requests to browser for toolVersion discoverable on page are superceeding manual inputs. manual inputs should coerce params and supercede data discovered on page -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-326) Modify Metricbeat config so that Dashboards are not Automatically Rendered
Joshua Poore created SENSSOFT-326: - Summary: Modify Metricbeat config so that Dashboards are not Automatically Rendered Key: SENSSOFT-326 URL: https://issues.apache.org/jira/browse/SENSSOFT-326 Project: SensSoft Issue Type: Improvement Components: builds Affects Versions: SensSoft 1.0 Environment: Kibana, Metricbeat Reporter: Joshua Poore Assignee: Joshua Poore Fix For: SensSoft 1.0 When the metricbeat container is started, numerous dashboards and visualizations are automatically loaded into Kibana. This pollutes the dashboard and vis selections, making it harder to find Apache SensSoft relevant content. Resolution is to set auto dashboard gen flag to false in metricbeat configs. Then, package only relevant viz/dashboards in .json that users can import. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-323: -- Priority: Critical (was: Major) > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Critical > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-323: -- Issue Type: Bug (was: Task) > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Closed] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore closed SENSSOFT-325. - Will make new tickets to test Kubs functionality with elastic upgrade–don't anticipate any issues. > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > Attachments: ELK_6.5.4_update_POL, Screen Shot 2019-01-15 at 9.38.36 > PM.png, Screen Shot 2019-01-15 at 9.39.28 PM.png > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16743611#comment-16743611 ] Joshua Poore commented on SENSSOFT-325: --- Changes pushed to incubator-senssoft/SENSSOFT-325 branch with updates to README. Will merge tomorrow. > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > Attachments: ELK_6.5.4_update_POL, Screen Shot 2019-01-15 at 9.38.36 > PM.png, Screen Shot 2019-01-15 at 9.39.28 PM.png > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-325. --- Resolution: Fixed > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > Attachments: ELK_6.5.4_update_POL, Screen Shot 2019-01-15 at 9.38.36 > PM.png, Screen Shot 2019-01-15 at 9.39.28 PM.png > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16743610#comment-16743610 ] Joshua Poore commented on SENSSOFT-325: --- Console output–confirms that 6.5.4 images are pulled and containers built. [^ELK_6.5.4_update_POL] ^Screens show that logs received, and Kibana visualizations and Dashboards are fully functional, userale index appropriately working (with aggregatable fields). Beats also worked as expected.^ ^!Screen Shot 2019-01-15 at 9.38.36 PM.png!^ > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > Attachments: ELK_6.5.4_update_POL, Screen Shot 2019-01-15 at 9.38.36 > PM.png, Screen Shot 2019-01-15 at 9.39.28 PM.png > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-325: -- Attachment: Screen Shot 2019-01-15 at 9.39.28 PM.png Screen Shot 2019-01-15 at 9.38.36 PM.png > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > Attachments: ELK_6.5.4_update_POL, Screen Shot 2019-01-15 at 9.38.36 > PM.png, Screen Shot 2019-01-15 at 9.39.28 PM.png > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-325: -- Attachment: ELK_6.5.4_update_POL > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > Attachments: ELK_6.5.4_update_POL > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-325: -- Description: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade to E-L-K + B in /docker and test on new branch. ElasticSearch 6.5.4 Docs: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] [https://www.elastic.co/guide/en/kibana/current/docker.html] [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/docker.html] [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] [https://www.elastic.co/guide/en/logstash/current/config-examples.html] NOTE: I am NOT touching Kubs configs (will add a test ticket following). was: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade to E-L-K and test on new branch. ElasticSearch 6.5.4 Docs: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] [https://www.elastic.co/guide/en/kibana/current/docker.html] [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/docker.html] [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K + B in /docker and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > NOTE: I am NOT touching Kubs configs (will add a test ticket following). > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-325) ELK stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-325: -- Description: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade to E-L-K and test on new branch. ElasticSearch 6.5.4 Docs: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] [https://www.elastic.co/guide/en/kibana/current/docker.html] [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/docker.html] [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] [https://www.elastic.co/guide/en/logstash/current/config-examples.html] was: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade to E-L-K and test on new branch. ElasticSearch 6.5: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > ELK stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-325) ELK + beats stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-325: -- Summary: ELK + beats stack <6.5 has known security issues (was: ELK stack <6.5 has known security issues ) > ELK + beats stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K and test on new branch. > ElasticSearch 6.5.4 Docs: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > [https://www.elastic.co/guide/en/kibana/current/docker.html] > [https://www.elastic.co/guide/en/kibana/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/docker.html] > [https://www.elastic.co/guide/en/logstash/current/breaking-changes.html] > [https://www.elastic.co/guide/en/logstash/current/upgrading-logstash-pqs.html] > [https://www.elastic.co/guide/en/logstash/current/config-examples.html] > > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-325) ELK stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-325: -- Description: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade to E-L-K and test on new branch. ElasticSearch 6.5: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] was: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade and test on new branch. ElasticSearch 6.5: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > ELK stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade to E-L-K and test on new branch. > ElasticSearch 6.5: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-325) ELK stack <6.5 has known security issues
[ https://issues.apache.org/jira/browse/SENSSOFT-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-325: -- Description: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. [https://www.elastic.co/community/security] Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade and test on new branch. ElasticSearch 6.5: [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] was: Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade and test on new branch. > ELK stack <6.5 has known security issues > - > > Key: SENSSOFT-325 > URL: https://issues.apache.org/jira/browse/SENSSOFT-325 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: SensSoft 1.0 > > > Kibana and Elasticsearch both have known security issues related to code > injection and user impersonation. > [https://www.elastic.co/community/security] > Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there > are no breaking changes across the same major version. However, X-Pack plugin > must be removed. > Will complete upgrade and test on new branch. > ElasticSearch 6.5: > [https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html] > [https://www.elastic.co/guide/en/elasticsearch/reference/current/breaking-changes-6.5.html] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-325) ELK stack <6.5 has known security issues
Joshua Poore created SENSSOFT-325: - Summary: ELK stack <6.5 has known security issues Key: SENSSOFT-325 URL: https://issues.apache.org/jira/browse/SENSSOFT-325 Project: SensSoft Issue Type: Bug Components: builds Affects Versions: SensSoft 1.0 Reporter: Joshua Poore Assignee: Joshua Poore Fix For: SensSoft 1.0 Kibana and Elasticsearch both have known security issues related to code injection and user impersonation. Resolution is to upgrade from 6.2.2–>6.5.4. According to documentation, there are no breaking changes across the same major version. However, X-Pack plugin must be removed. Will complete upgrade and test on new branch. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-319) Single Machine Multi-Node (Demo) Set-Up Builds with Errors
[ https://issues.apache.org/jira/browse/SENSSOFT-319?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-319: -- Priority: Minor (was: Critical) > Single Machine Multi-Node (Demo) Set-Up Builds with Errors > -- > > Key: SENSSOFT-319 > URL: https://issues.apache.org/jira/browse/SENSSOFT-319 > Project: SensSoft > Issue Type: Bug > Components: builds >Affects Versions: SensSoft 1.0 >Reporter: Joshua Poore >Priority: Minor > Attachments: SingleMachineClusterError copy.rtf, err.dump > > > After starting Elastic Cluster, starting up logging server results in errors > (see attached) > > Looks like docker_loadbalancer_1 appears as orphan and in an unhealthy state > > MacBook-Pro:docker jpoore$ docker ps > CONTAINER ID IMAGE COMMAND CREATED > STATUS PORTS > NAMES > 6d5816bd5ade docker_loadbalancer "/usr/local/bin/dock…" 22 minutes > ago Up 22 minutes (unhealthy) 0.0.0.0:9200->9200/tcp, > 0.0.0.0:32769->9300/tcp docker_loadbalancer_1 > > Worth noting that docker_loadbalancer and docker_elasticsearch have the same > image ID > MacBook-Pro:docker jpoore$ docker images > REPOSITORY TAG IMAGE > ID CREATED SIZE > docker_logstash latest > d0efbcb6a90d 13 minutes ago 702MB > docker_elasticsearch latest > 94f744990e75 29 minutes ago 518MB > docker_loadbalancer latest > 94f744990e75 29 minutes ago 518MB > docker.elastic.co/logstash/logstash-oss 6.2.2 > 7910488ecc70 10 months ago 702MB > docker.elastic.co/elasticsearch/elasticsearch-oss 6.2.2 > 0453814a47b3 10 months ago 483MB > > Tried to build on MacBook Pro running macOS 10.14.1 > 2.9 GHz IC i7 > 8 GB 1600 MHz DDR3 > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741762#comment-16741762 ] Joshua Poore commented on SENSSOFT-323: --- Another thing that could have broken in the gulpfile is the minify operation. Our gulp 3.9.1 dependencies on uglify-js-harmony are completely deprecated. Tried to work with uglify-es, gulp-uglify. No dice. Again, see package.json and gulpfile.js to see the diffs between SENSSOFT-323 and SENSSOFT-192. The three things we can work on in parallel: # Fix build/minify pipeline for userale-1.1.0.min.js in gulp 4 framework (DoD: when we get ext to build) # Fix logging (DoD: when we start getting errors logged during min.js build/test pipeline) # Fix test pipeline (DoD: unit tests run and what is broken, or which test are pending due to bad builds) *COULD REALLY USE SOME HELP* > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741760#comment-16741760 ] Joshua Poore edited comment on SENSSOFT-323 at 1/14/19 4:45 AM: I figured that if I can't master the syntax, I should focus on logging so that we actually get error logs in the build pipeline where the gulp 4 syntax is breaking builds. Reading a little more–it looks like gulp-utilities is deprecated, and the gulp team intentionally moved away from them in v4 to avoid the bloat in the utility dependency tree. Means that some of our test dependencies and logging dependencies are flat bust too. I like gulp-mocha tests and found a gulp (4) -endorsed reference to a mocha test pipeline, which is similar to ours. [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] Updated logging to gulplog and followed guides, but I still can't get either tests to run or error logs to print. Run build and tests from SENSSOFT-323 branch to see output. was (Author: poor...@me.com): Reading a little more–it looks like gulp-utilities is deprecated, and the gulp team intentionally moved away from them in v4 to avoid the bloat in the utility dependency tree. I like gulp-mocha tests and found a gulp-endorsed reference to a mocha test pipeline, which is similar to ours. [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] Updated logging to gulplog and followed guides, but I still can't get either tests to run or error logs to print. Run build and tests from SENSSOFT-323 branch to see output. > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741758#comment-16741758 ] Joshua Poore edited comment on SENSSOFT-323 at 1/14/19 4:42 AM: Next, started updating gulpfile.js with new syntax. Followed helpful guides: [https://teamtreehouse.com/community/gulp-basics-how-to-update-from-gulp-3-to-gulp-4] [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] [https://codeburst.io/switching-to-gulp-4-0-271ae63530c0] You can find my changes in [WIP] SENSSOFT-323 branch. Build ran with no errors–all tasks finished. However, noting that tests don't print, but test tasks finished (in ms, not s–way too fast). I realized that tests and our entire logging apparatus is likely flat bust. Checking builds--userale-1.1.0.js builds, but userale-1.1.0.min.js is NOT building. Notably, all of [~rf]'s original gulp.task(s) with chained tasks are in the minified userale.js build pipeline. *This means that the places where the build script is breaking is exactly where I moved chained tasks to gulp.series or gulp.parallel tasking.* was (Author: poor...@me.com): Next, started updating gulpfile.js with new syntax. Followed helpful guides: [https://teamtreehouse.com/community/gulp-basics-how-to-update-from-gulp-3-to-gulp-4] [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] [https://codeburst.io/switching-to-gulp-4-0-271ae63530c0] You can find my changes in [WIP] SENSSOFT-323 branch. Build ran with no errors–all tasks finished. However, noting that tests don't print, but test tasks finished (in ms, not s–way too fast). I realized that tests and our entire logging apparatus is likely flat bust. > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741760#comment-16741760 ] Joshua Poore commented on SENSSOFT-323: --- Reading a little more–it looks like gulp-utilities is deprecated, and the gulp team intentionally moved away from them in v4 to avoid the bloat in the utility dependency tree. I like gulp-mocha tests and found a gulp-endorsed reference to a mocha test pipeline, which is similar to ours. [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] Updated logging to gulplog and followed guides, but I still can't get either tests to run or error logs to print. Run build and tests from SENSSOFT-323 branch to see output. > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[
https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741755#comment-16741755
]
Joshua Poore commented on SENSSOFT-323:
---
First thing I tried was just updating package.json to update to Gulp 4.0.0. I
knew there would be breaking changes.
After install, the build threw a predictable error:
{code:java}
AssertionError [ERR_ASSERTION]: Task function must be specified
{code}
This error was expected and relates to Gulp 4.0.0 new automation
features–gulp.series and gulp.parallel. When multiple tasks are changed within
a gulp.task, they need to be given a .series or .parallel to resolve order of
operations issues.
> Update to Gulp 4.0.0
>
>
> Key: SENSSOFT-323
> URL: https://issues.apache.org/jira/browse/SENSSOFT-323
> Project: SensSoft
> Issue Type: Task
> Components: UserALE.js
>Affects Versions: UserALE.js 1.1.0
> Environment: NPM, Node.js
>Reporter: Joshua Poore
>Assignee: Joshua Poore
>Priority: Major
> Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0
>
>
> Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also
> deprecated). Gulp 4 solves all these issues. However, it has breaking changes
> with new syntax and new dependences (e.g., moves away from gulp-utilities).
> Some relevant refs:
> [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a]
> [https://www.npmjs.com/package/gulplog]
> [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html]
> [https://www.npmjs.com/package/gulp-mocha]
> [https://github.com/mochajs/mocha/tree/master/lib/reporters]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741758#comment-16741758 ] Joshua Poore commented on SENSSOFT-323: --- Next, started updating gulpfile.js with new syntax. Followed helpful guides: [https://teamtreehouse.com/community/gulp-basics-how-to-update-from-gulp-3-to-gulp-4] [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] [https://codeburst.io/switching-to-gulp-4-0-271ae63530c0] You can find my changes in [WIP] SENSSOFT-323 branch. Build ran with no errors–all tasks finished. However, noting that tests don't print, but test tasks finished (in ms, not s–way too fast). I realized that tests and our entire logging apparatus is likely flat bust. > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741753#comment-16741753 ] Joshua Poore edited comment on SENSSOFT-323 at 1/14/19 4:17 AM: Added SENSSOFT-323 branch (off SENSSOFT-192) for Gulp 4.0.0 update Includes WIP mods to package.json and gulpfile.json was (Author: poor...@me.com): Added SENSSOFT-323 branch (off SENSSOFT-192) for Gulp 4.0.0 update > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741753#comment-16741753 ] Joshua Poore edited comment on SENSSOFT-323 at 1/14/19 4:17 AM: Added SENSSOFT-323 branch (off SENSSOFT-192) for Gulp 4.0.0 update Includes WIP mods to package.json and gulpfile.js was (Author: poor...@me.com): Added SENSSOFT-323 branch (off SENSSOFT-192) for Gulp 4.0.0 update Includes WIP mods to package.json and gulpfile.json > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741753#comment-16741753 ] Joshua Poore commented on SENSSOFT-323: --- Added SENSSOFT-323 branch (off SENSSOFT-192) for Gulp 4.0.0 update > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741747#comment-16741747 ] Joshua Poore commented on SENSSOFT-322: --- In order to appropriately update minimatch in sub-, sub-dependencies, we need to update Gulp to version 4.0.0 > minimatch deprecation: ReDOS vulnerability > -- > > Key: SENSSOFT-322 > URL: https://issues.apache.org/jira/browse/SENSSOFT-322 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > Attachments: minimatch 2.0.7 vulnerability > > > minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to > ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of > vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: > # The right way: update to gulp 4.0.0, which has breaking changes. > # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm > install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of > vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing > npm to install 3.0.2 should remove vulnerability. This solution is purely a > downstream hack. see this thread: > [https://stackoverflow.com/questions/38046392/npm-warn-deprecated-minimatch2-0-10-please-update-to-minimatch-3-0-2-or-higher/38077214] > Will test #2 as an intermediate solution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Closed] (SENSSOFT-321) Gulp Mocha Dependency Deprecation: Critical Command Injection Vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-321?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore closed SENSSOFT-321. - > Gulp Mocha Dependency Deprecation: Critical Command Injection Vulnerability > --- > > Key: SENSSOFT-321 > URL: https://issues.apache.org/jira/browse/SENSSOFT-321 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 > Environment: javascript >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Critical > Fix For: UserALE.js 1.1.0 > > Attachments: Gulp Mocha Vulnerability > > > Gulp Mocha v3.x has a critical vulnerability (see attached terminal output > for details) due to "growl" package dependency. Vulnerability must be fixed > before deployed on a network with any exposure. > Running NPM/Node v 11.6 > Will post in comments as issue is explored. > > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Closed] (SENSSOFT-324) Example Page Does Not Generate Logs
[ https://issues.apache.org/jira/browse/SENSSOFT-324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore closed SENSSOFT-324. - > Example Page Does Not Generate Logs > --- > > Key: SENSSOFT-324 > URL: https://issues.apache.org/jira/browse/SENSSOFT-324 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 > Environment: node.js, web, html, javascript >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Following the Example README's at both MASTER and on brnch SENSSOFT-192 > doesn't result in sample logs. > Tested in pre (SENSSOFT-321 commit versions, and post SENSSOFT-321 commits). > Tested in both node.js server and ELK stack logging server (tried sending > logs from index.html to both in memory example server, and single node ELK > stack). > Tested on recent versions of both Chrome and FF -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-324) Example Page Does Not Generate Logs
[ https://issues.apache.org/jira/browse/SENSSOFT-324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741746#comment-16741746 ] Joshua Poore commented on SENSSOFT-324: --- Pushed patch to MASTER and SENSSOFT-192 > Example Page Does Not Generate Logs > --- > > Key: SENSSOFT-324 > URL: https://issues.apache.org/jira/browse/SENSSOFT-324 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 > Environment: node.js, web, html, javascript >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Following the Example README's at both MASTER and on brnch SENSSOFT-192 > doesn't result in sample logs. > Tested in pre (SENSSOFT-321 commit versions, and post SENSSOFT-321 commits). > Tested in both node.js server and ELK stack logging server (tried sending > logs from index.html to both in memory example server, and single node ELK > stack). > Tested on recent versions of both Chrome and FF -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-324) Example Page Does Not Generate Logs
Joshua Poore created SENSSOFT-324: - Summary: Example Page Does Not Generate Logs Key: SENSSOFT-324 URL: https://issues.apache.org/jira/browse/SENSSOFT-324 Project: SensSoft Issue Type: Bug Components: UserALE.js Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 Environment: node.js, web, html, javascript Reporter: Joshua Poore Assignee: Joshua Poore Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 Following the Example README's at both MASTER and on brnch SENSSOFT-192 doesn't result in sample logs. Tested in pre (SENSSOFT-321 commit versions, and post SENSSOFT-321 commits). Tested in both node.js server and ELK stack logging server (tried sending logs from index.html to both in memory example server, and single node ELK stack). Tested on recent versions of both Chrome and FF -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (SENSSOFT-324) Example Page Does Not Generate Logs
[ https://issues.apache.org/jira/browse/SENSSOFT-324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore resolved SENSSOFT-324. --- Resolution: Pending Closed see comments > Example Page Does Not Generate Logs > --- > > Key: SENSSOFT-324 > URL: https://issues.apache.org/jira/browse/SENSSOFT-324 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 > Environment: node.js, web, html, javascript >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Following the Example README's at both MASTER and on brnch SENSSOFT-192 > doesn't result in sample logs. > Tested in pre (SENSSOFT-321 commit versions, and post SENSSOFT-321 commits). > Tested in both node.js server and ELK stack logging server (tried sending > logs from index.html to both in memory example server, and single node ELK > stack). > Tested on recent versions of both Chrome and FF -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-324) Example Page Does Not Generate Logs
[ https://issues.apache.org/jira/browse/SENSSOFT-324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741710#comment-16741710 ] Joshua Poore commented on SENSSOFT-324: --- Resolution: [1] In master, previous commit changed userale.js min file reference to 1.1.0. Master should reference 1.0.0. THis is fine on the SENSSOFT-192 branch. [2] On both, src field in index.html references build/userale-1.1.0.min.js. Even when operating in that dir, index.html cannot reference the userale build. Therefore, src needs to reference users full file path to the userale-1.x.min.js build. I'll patch these up and push to both branches later. > Example Page Does Not Generate Logs > --- > > Key: SENSSOFT-324 > URL: https://issues.apache.org/jira/browse/SENSSOFT-324 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 > Environment: node.js, web, html, javascript >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Following the Example README's at both MASTER and on brnch SENSSOFT-192 > doesn't result in sample logs. > Tested in pre (SENSSOFT-321 commit versions, and post SENSSOFT-321 commits). > Tested in both node.js server and ELK stack logging server (tried sending > logs from index.html to both in memory example server, and single node ELK > stack). > Tested on recent versions of both Chrome and FF -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16741683#comment-16741683 ] Joshua Poore commented on SENSSOFT-322: --- Solution #2 is a terrible idea. While it's possible to ensure that later versions of minimatch are running globally, updating downstream dependencies of gulp requires either a complicated npm link task, which seems complicated to walk users through, or it requires manually replacing minimatch <3.0.2 in subdirs. --a little too hackie to even consider for a short-term fix [https://stackoverflow.com/questions/52966789/how-to-update-specific-sub-package-version-by-using-npm] > minimatch deprecation: ReDOS vulnerability > -- > > Key: SENSSOFT-322 > URL: https://issues.apache.org/jira/browse/SENSSOFT-322 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > Attachments: minimatch 2.0.7 vulnerability > > > minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to > ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of > vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: > # The right way: update to gulp 4.0.0, which has breaking changes. > # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm > install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of > vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing > npm to install 3.0.2 should remove vulnerability. This solution is purely a > downstream hack. see this thread: > [https://stackoverflow.com/questions/38046392/npm-warn-deprecated-minimatch2-0-10-please-update-to-minimatch-3-0-2-or-higher/38077214] > Will test #2 as an intermediate solution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
Joshua Poore created SENSSOFT-322: - Summary: minimatch deprecation: ReDOS vulnerability Key: SENSSOFT-322 URL: https://issues.apache.org/jira/browse/SENSSOFT-322 Project: SensSoft Issue Type: Bug Components: UserALE.js Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 Reporter: Joshua Poore Assignee: Joshua Poore Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: # The right way: update to gulp 4.0.0, which has breaking changes. # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing npm to install 3.0.2 should remove vulnerability. This solution is purely a downstream hack. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (SENSSOFT-323) Update to Gulp 4.0.0
Joshua Poore created SENSSOFT-323: - Summary: Update to Gulp 4.0.0 Key: SENSSOFT-323 URL: https://issues.apache.org/jira/browse/SENSSOFT-323 Project: SensSoft Issue Type: Task Components: UserALE.js Affects Versions: UserALE.js 1.1.0 Environment: NPM, Node.js Reporter: Joshua Poore Assignee: Joshua Poore Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also deprecated). Gulp 4 solves all these issues. However, it has breaking changes with new syntax and new dependences (e.g., moves away from gulp-utilities). Some relevant refs: [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] [https://www.npmjs.com/package/gulplog] [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] [https://www.npmjs.com/package/gulp-mocha] [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-323) Update to Gulp 4.0.0
[ https://issues.apache.org/jira/browse/SENSSOFT-323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-323: -- Sprint: Sprint 17 > Update to Gulp 4.0.0 > > > Key: SENSSOFT-323 > URL: https://issues.apache.org/jira/browse/SENSSOFT-323 > Project: SensSoft > Issue Type: Task > Components: UserALE.js >Affects Versions: UserALE.js 1.1.0 > Environment: NPM, Node.js >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > > Gulp 3.9.1 is deprecated and has vulnerable dependencies (which are also > deprecated). Gulp 4 solves all these issues. However, it has breaking changes > with new syntax and new dependences (e.g., moves away from gulp-utilities). > Some relevant refs: > [https://gist.github.com/jeromecoupe/0b807b0c1050647eb340360902c3203a] > [https://www.npmjs.com/package/gulplog] > [https://gulpjs.org/recipes/mocha-test-runner-with-gulp.html] > [https://www.npmjs.com/package/gulp-mocha] > [https://github.com/mochajs/mocha/tree/master/lib/reporters] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-322?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-322: -- Sprint: Sprint 17 > minimatch deprecation: ReDOS vulnerability > -- > > Key: SENSSOFT-322 > URL: https://issues.apache.org/jira/browse/SENSSOFT-322 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > Attachments: minimatch 2.0.7 vulnerability > > > minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to > ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of > vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: > # The right way: update to gulp 4.0.0, which has breaking changes. > # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm > install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of > vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing > npm to install 3.0.2 should remove vulnerability. This solution is purely a > downstream hack. see this thread: > [https://stackoverflow.com/questions/38046392/npm-warn-deprecated-minimatch2-0-10-please-update-to-minimatch-3-0-2-or-higher/38077214] > Will test #2 as an intermediate solution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-322?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-322: -- Description: minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: # The right way: update to gulp 4.0.0, which has breaking changes. # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing npm to install 3.0.2 should remove vulnerability. This solution is purely a downstream hack. see this thread: [https://stackoverflow.com/questions/38046392/npm-warn-deprecated-minimatch2-0-10-please-update-to-minimatch-3-0-2-or-higher/38077214] Will test #2 as an intermediate solution was: minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: # The right way: update to gulp 4.0.0, which has breaking changes. # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing npm to install 3.0.2 should remove vulnerability. This solution is purely a downstream hack. > minimatch deprecation: ReDOS vulnerability > -- > > Key: SENSSOFT-322 > URL: https://issues.apache.org/jira/browse/SENSSOFT-322 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > Attachments: minimatch 2.0.7 vulnerability > > > minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to > ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of > vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: > # The right way: update to gulp 4.0.0, which has breaking changes. > # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm > install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of > vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing > npm to install 3.0.2 should remove vulnerability. This solution is purely a > downstream hack. see this thread: > [https://stackoverflow.com/questions/38046392/npm-warn-deprecated-minimatch2-0-10-please-update-to-minimatch-3-0-2-or-higher/38077214] > Will test #2 as an intermediate solution -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (SENSSOFT-322) minimatch deprecation: ReDOS vulnerability
[ https://issues.apache.org/jira/browse/SENSSOFT-322?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joshua Poore updated SENSSOFT-322: -- Attachment: minimatch 2.0.7 vulnerability > minimatch deprecation: ReDOS vulnerability > -- > > Key: SENSSOFT-322 > URL: https://issues.apache.org/jira/browse/SENSSOFT-322 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js >Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 >Reporter: Joshua Poore >Assignee: Joshua Poore >Priority: Major > Fix For: UserALE.js 1.0.0, UserALE.js 1.1.0 > > Attachments: minimatch 2.0.7 vulnerability > > > minimatch 2.0.7 has a ReDOS vulnerability. minimatch must be upgraded to > ^3.0.2 to remove vulnerability. However, minimatch 2.0.7 is a dependency of > vinyl-fs, which is a dependency of gulp 3.9.1. Two potential options: > # The right way: update to gulp 4.0.0, which has breaking changes. > # The wonky way: coerce global environment to use minimatch 3.0.2 using "npm > install -g minimatch@3.0.2". gulp 3.9.1 will still force installation of > vinyl-fs, which will force installation of minimatch 2.0.7. However, coercing > npm to install 3.0.2 should remove vulnerability. This solution is purely a > downstream hack. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
