diff --git a/.gitignore b/.gitignore
index 79c4020..9b59c0a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
-SOURCES/grafana-7.5.11.tar.gz
-SOURCES/grafana-vendor-7.5.11-1.tar.xz
-SOURCES/grafana-webpack-7.5.11-1.tar.gz
+SOURCES/grafana-7.5.15.tar.gz
+SOURCES/grafana-vendor-7.5.15-1.tar.xz
+SOURCES/grafana-webpack-7.5.15-1.tar.gz
diff --git a/.grafana.metadata b/.grafana.metadata
index d33b818..fceebe4 100644
--- a/.grafana.metadata
+++ b/.grafana.metadata
@@ -1,3 +1,3 @@
-cd7bfb63dd91361c1bc9c46d1f889b1f54f7758a SOURCES/grafana-7.5.11.tar.gz
-d55ac0b3a8fb3a0ce772442923e2ca3cba1af78f SOURCES/grafana-vendor-7.5.11-1.tar.xz
-db79c330e9a56dac2cdcae9b7c07c86112a66237 SOURCES/grafana-webpack-7.5.11-1.tar.gz
+292e451c457e936beb477bf5b4aec7b60f5a7d91 SOURCES/grafana-7.5.15.tar.gz
+c64c34383ec9209d4ac3645946e8c366efe847cc SOURCES/grafana-vendor-7.5.15-1.tar.xz
+2acb75f947ddd7b693da0356bdb4aebe8417146c SOURCES/grafana-webpack-7.5.15-1.tar.gz
diff --git a/SOURCES/002-manpages.patch b/SOURCES/002-manpages.patch
index 36ca294..2927b39 100644
--- a/SOURCES/002-manpages.patch
+++ b/SOURCES/002-manpages.patch
@@ -4,7 +4,7 @@ index 0000000000..7ac2af882c
--- /dev/null
+++ b/docs/man/man1/grafana-cli.1
@@ -0,0 +1,60 @@
-+.TH GRAFANA "1" "October 2021" "Grafana cli version 7.5.11" "User Commands"
++.TH GRAFANA "1" "April 2022" "Grafana cli version 7.5.15" "User Commands"
+.SH NAME
+grafana-cli \- command line administration for the Grafana metrics dashboard and graph editor
+.SH DESCRIPTION
@@ -70,7 +70,7 @@ index 0000000000..c616268b31
--- /dev/null
+++ b/docs/man/man1/grafana-server.1
@@ -0,0 +1,72 @@
-+.TH VERSION "1" "October 2021" "Version 7.5.11" "User Commands"
++.TH VERSION "1" "April 2022" "Version 7.5.15" "User Commands"
+.SH NAME
+grafana-server \- back-end server for the Grafana metrics dashboard and graph editor
+.SH DESCRIPTION
diff --git a/SOURCES/005-remove-unused-dependencies.patch b/SOURCES/005-remove-unused-dependencies.patch
index 19d72f0..585c0c1 100644
--- a/SOURCES/005-remove-unused-dependencies.patch
+++ b/SOURCES/005-remove-unused-dependencies.patch
@@ -1,5 +1,11 @@
+From ce669908e2d54d29dd4b585f3614f6df8c447f8a Mon Sep 17 00:00:00 2001
+From: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Tue, 5 Apr 2022 16:12:37 +0200
+Subject: [PATCH] remove unused dependencies
+
+
diff --git a/go.mod b/go.mod
-index 426b70ab7a..dc0c9a61ef 100644
+index c1d6c0ee42..c040bbaab0 100644
--- a/go.mod
+++ b/go.mod
@@ -21,7 +21,6 @@ require (
@@ -19,29 +25,166 @@ index 426b70ab7a..dc0c9a61ef 100644
github.com/linkedin/goavro/v2 v2.10.0
github.com/magefile/mage v1.11.0
diff --git a/go.sum b/go.sum
-index 98874d6a7c..03243066ac 100644
+index 98874d6a7c..50212f12f2 100644
--- a/go.sum
+++ b/go.sum
-@@ -282,8 +282,6 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsr
+@@ -206,12 +206,10 @@ github.com/bmatcuk/doublestar v1.2.2/go.mod h1:wiQtGV+rzVYxB7WIlirSN++5HPtPlXEo9
+ github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
+ github.com/bmizerany/pat v0.0.0-20170815010413-6226ea591a40/go.mod h1:8rLXio+WjiTceGBHIoTvn60HIbs7Hm7bcHjyrSqYB9c=
+ github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps=
+-github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+ github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b h1:L/QXpzIa3pOvUGt1D1lA5KjYhPBAN/3iWdP7xeFS9F0=
+ github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
+ github.com/bsm/sarama-cluster v2.1.13+incompatible/go.mod h1:r7ao+4tTNXvWm+VRpRJchr2kQhqxgmAp2iEX5W96gMM=
+ github.com/c-bata/go-prompt v0.2.2/go.mod h1:VzqtzE2ksDBcdln8G7mk2RX9QyGjH+OVqOCSiVIqS34=
+-github.com/c2h5oh/datasize v0.0.0-20200112174442-28bbd4740fee h1:BnPxIde0gjtTnc9Er7cxvBk8DHLWhEux0SxayC8dP6I=
+ github.com/c2h5oh/datasize v0.0.0-20200112174442-28bbd4740fee/go.mod h1:S/7n9copUssQ56c7aAgHqftWO4LTf4xY6CGWt8Bc+3M=
+ github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
+ github.com/cenkalti/backoff v0.0.0-20181003080854-62661b46c409/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
+@@ -281,9 +279,6 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng
+ github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
- github.com/crewjam/httperr v0.0.0-20190612203328-a946449404da/go.mod h1:+rmNIXRvYMqLQeR4DHyTvs6y0MEMymTz4vyFpFkKTPs=
+-github.com/crewjam/httperr v0.0.0-20190612203328-a946449404da/go.mod h1:+rmNIXRvYMqLQeR4DHyTvs6y0MEMymTz4vyFpFkKTPs=
-github.com/crewjam/saml v0.4.6-0.20201227203850-bca570abb2ce h1:pAuTpLhCqC20s2RLhUirfw606jReW+8z2U5EvG+0S7E=
-github.com/crewjam/saml v0.4.6-0.20201227203850-bca570abb2ce/go.mod h1:/gCaeLf13J8/621RNZ6TaExji/8xCWcn6UmdJ57wURQ=
github.com/crossdock/crossdock-go v0.0.0-20160816171116-049aabb0122b/go.mod h1:v9FBN7gdVTpiD/+LZ7Po0UKvROyT87uLVxTHVky/dlQ=
github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
github.com/cznic/b v0.0.0-20180115125044-35e9bbe41f07/go.mod h1:URriBxXwVq5ijiJ12C7iIZqlA69nTlI+LgI6/pwftG8=
-@@ -914,10 +912,6 @@ github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7
+@@ -302,13 +297,11 @@ github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2
+ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+-github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4=
+ github.com/deepmap/oapi-codegen v1.3.13 h1:9HKGCsdJqE4dnrQ8VerFS0/1ZOJPmAhN+g8xgp8y3K4=
+ github.com/deepmap/oapi-codegen v1.3.13/go.mod h1:WAmG5dWY8/PYHt4vKxlt90NsbHMAOCiteYKZMiIRfOo=
+ github.com/dgraph-io/badger v1.6.0/go.mod h1:zwt7syl517jmP8s94KqSxTlM6IMsdhYy6psNgSztDR4=
+ github.com/dgraph-io/badger v1.6.2/go.mod h1:JW2yswe3V058sS0kZ2h/AXeDSqFjxnZcRrVH//y2UQE=
+ github.com/dgraph-io/ristretto v0.0.2/go.mod h1:KPxhHT9ZxKefz+PCeOGsrHpl1qZ7i70dGTu2u+Ahh6E=
+-github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
+ github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+ github.com/dgryski/go-bitstream v0.0.0-20180413035011-3522498ce2c8/go.mod h1:VMaSuZ+SZcx/wljOQKvp5srsbCiKDEb6K2wC4+PiBmQ=
+ github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
+@@ -434,8 +427,6 @@ github.com/go-logfmt/logfmt v0.5.0 h1:TrB8swr/68K7m9CcGut2g3UOihhbcbiMAYiuTXdEih
+ github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
+ github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
+ github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
+-github.com/go-macaron/binding v0.0.0-20190806013118-0b4f37bab25b h1:U65wj9SF7qUBTGrnt6VxbHCT0Dw8dz4uch52G+5SdfA=
+-github.com/go-macaron/binding v0.0.0-20190806013118-0b4f37bab25b/go.mod h1:AG8Z6qkQM8s47aUDJOco/SNwJ8Czif2hMm7rc0abDog=
+ github.com/go-macaron/gzip v0.0.0-20160222043647-cad1c6580a07 h1:YSIA98PevNf1NtCa/J6cz7gjzpz99WVAOa9Eg0klKps=
+ github.com/go-macaron/gzip v0.0.0-20160222043647-cad1c6580a07/go.mod h1://cJFfDp/70L0oTNAMB+M8Jd0rpuIx/55iARuJ6StwE=
+ github.com/go-macaron/inject v0.0.0-20160627170012-d8a0b8677191 h1:NjHlg70DuOkcAMqgt0+XA+NHwtu66MkTVVgR4fFWbcI=
+@@ -886,7 +877,6 @@ github.com/joeshaw/multierror v0.0.0-20140124173710-69b34d4ec901/go.mod h1:Z86h9
+ github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
+ github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
+ github.com/jonboulle/clockwork v0.2.0/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
+-github.com/jonboulle/clockwork v0.2.1/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
+ github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ=
+ github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
+ github.com/joncrlsn/dque v2.2.1-0.20200515025108-956d14155fa2+incompatible/go.mod h1:hDZb8oMj3Kp8MxtbNLg9vrtAUDHjgI1yZvqivT4O8Iw=
+@@ -914,10 +904,7 @@ github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
-github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
--github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
+ github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
-github.com/jung-kurt/gofpdf v1.16.2 h1:jgbatWHfRlPYiK85qgevsZTHviWXKwB1TTiKdz5PtRc=
-github.com/jung-kurt/gofpdf v1.16.2/go.mod h1:1hl7y57EsiPAkLbOwzpzqgx1A30nQCk/YmFV8S2vmK0=
github.com/jwilder/encoding v0.0.0-20170811194829-b4e1701a28ef/go.mod h1:Ct9fl0F6iIOGgxJ5npU/IUOhOhqlVrGjyIZc8/MagT0=
github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88 h1:uC1QfSlInpQF+M0ao65imhwqKnz3Q2z/d8PWZRMQvDM=
github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k=
+@@ -1006,8 +993,6 @@ github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ
+ github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE=
+ github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0=
+ github.com/matryer/moq v0.0.0-20190312154309-6cfb0558e1bd/go.mod h1:9ELz6aaclSIGnZBoaSLZ3NAl1VTufbOrXBPvtcy6WiQ=
+-github.com/mattermost/xml-roundtrip-validator v0.0.0-20201213122252-bcd7e1b9601e h1:qqXczln0qwkVGcpQ+sQuPOVntt2FytYarXXxYSNJkgw=
+-github.com/mattermost/xml-roundtrip-validator v0.0.0-20201213122252-bcd7e1b9601e/go.mod h1:qccnGMcpgwcNaBnxqpJpWWUiPNr5H3O8eDgGV9gT5To=
+ github.com/mattetti/filebuffer v1.0.0/go.mod h1:X6nyAIge2JGVmuJt2MFCqmHrb/5IHiphfHtot0s5cnI=
+ github.com/mattetti/filebuffer v1.0.1 h1:gG7pyfnSIZCxdoKq+cPa8T0hhYtD9NxCdI4D7PTjRLM=
+ github.com/mattetti/filebuffer v1.0.1/go.mod h1:YdMURNDOttIiruleeVr6f56OrMc+MydEnTcXwtkxNVs=
+@@ -1083,7 +1068,6 @@ github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0Qu
+ github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
+ github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
+ github.com/mitchellh/mapstructure v1.2.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+-github.com/mitchellh/mapstructure v1.3.2 h1:mRS76wmkOn3KkKAyXDu42V+6ebnXWIztFSYGN7GeoRg=
+ github.com/mitchellh/mapstructure v1.3.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+ github.com/mitchellh/reflectwalk v1.0.1 h1:FVzMWA5RllMAKIdUSC8mdWo3XtwoecrH79BY70sEEpE=
+ github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
+@@ -1200,7 +1184,6 @@ github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR
+ github.com/peterh/liner v1.0.1-0.20180619022028-8c1271fcf47f/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc=
+ github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
+ github.com/philhofer/fwd v1.1.1/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
+-github.com/phpdave11/gofpdi v1.0.7/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI=
+ github.com/pierrec/cmdflag v0.0.2/go.mod h1:a3zKGZ3cdQUfxjd0RGMLZr8xI3nvpJOB+m6o/1X5BmU=
+ github.com/pierrec/lz4 v0.0.0-20190327172049-315a67e90e41/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
+ github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
+@@ -1327,7 +1310,6 @@ github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNue
+ github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
+ github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
+ github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+-github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w=
+ github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
+ github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
+ github.com/samuel/go-zookeeper v0.0.0-20190810000440-0ceca61e4d75/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
+@@ -1510,7 +1492,6 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
+ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+ github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA=
+-github.com/zenazn/goji v0.9.1-0.20160507202103-64eb34159fe5/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
+ github.com/ziutek/mymysql v1.5.4 h1:GB0qdRGsTwQSBVYuVShFBKaXSnSnYYC2d9knnE1LHFs=
+ github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
+ gitlab.com/nyarla/go-crypt v0.0.0-20160106005555-d9a5dc2b789b/go.mod h1:T3BPAOm2cqquPa0MKWeNkmOM5RQsRhkrwMWonFMN7fE=
+@@ -1619,7 +1600,6 @@ golang.org/x/exp v0.0.0-20200821190819-94841d0725da/go.mod h1:3jZMyOhIsHpP37uCMk
+ golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
+ golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+ golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
+-golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
+ golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+ golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+ golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+@@ -1766,7 +1746,6 @@ golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7w
+ golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+-golang.org/x/sys v0.0.0-20190804053845-51ab0e2deafa/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20190902133755-9109b7679e13/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+@@ -1876,8 +1855,6 @@ golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgw
+ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+ golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+ golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+-golang.org/x/tools v0.0.0-20190802220118-1d1727260058/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
+-golang.org/x/tools v0.0.0-20190805222050-c5a2fd39b72a/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
+ golang.org/x/tools v0.0.0-20190813034749-528a2984e271/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+@@ -1933,7 +1910,6 @@ golang.org/x/tools v0.0.0-20201022035929-9cf592e881e9/go.mod h1:emZCQorbCU4vsT4f
+ golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+ golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+ golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+-golang.org/x/tools v0.0.0-20201226215659-b1c90890d22a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+ golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+@@ -2120,9 +2096,6 @@ gopkg.in/jcmturner/gokrb5.v7 v7.2.3/go.mod h1:l8VISx+WGYp+Fp7KRbsiUuXTTOnxIc3Tuv
+ gopkg.in/jcmturner/rpc.v1 v1.1.0/go.mod h1:YIdkC4XfD6GXbzje11McwsDuOlZQSb9W4vfLvuNnlv8=
+ gopkg.in/ldap.v3 v3.0.2 h1:R6RBtabK6e1GO0eQKtkyOFbAHO73QesLzI2w2DZ6b9w=
+ gopkg.in/ldap.v3 v3.0.2/go.mod h1:oxD7NyBuxchC+SgJDE1Q5Od05eGt29SDQVBmV+HYbzw=
+-gopkg.in/macaron.v1 v1.3.4/go.mod h1:/RoHTdC8ALpyJ3+QR36mKjwnT1F1dyYtsGM9Ate6ZFI=
+-gopkg.in/macaron.v1 v1.4.0 h1:RJHC09fAnQ8tuGUiZNjG0uyL1BWSdSWd9SpufIcEArQ=
+-gopkg.in/macaron.v1 v1.4.0/go.mod h1:uMZCFccv9yr5TipIalVOyAyZQuOH3OkmXvgcWwhJuP4=
+ gopkg.in/mail.v2 v2.3.1 h1:WYFn/oANrAGP2C0dcV6/pbkPzv8yGzqTjPmTeO7qoXk=
+ gopkg.in/mail.v2 v2.3.1/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw=
+ gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
+@@ -2151,7 +2124,6 @@ gopkg.in/yaml.v3 v3.0.0-20200603094226-e3079894b1e8/go.mod h1:K4uyk7z7BCEPqu6E+C
+ gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+ gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
+ gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+-gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
+ gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
+ gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk=
+ honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
diff --git a/pkg/extensions/main.go b/pkg/extensions/main.go
index 24031ace2e..081475fc89 100644
--- a/pkg/extensions/main.go
diff --git a/SOURCES/008-remove-unused-frontend-crypto.patch b/SOURCES/008-remove-unused-frontend-crypto.patch
index 2409e23..d430e10 100644
--- a/SOURCES/008-remove-unused-frontend-crypto.patch
+++ b/SOURCES/008-remove-unused-frontend-crypto.patch
@@ -1,5 +1,11 @@
+From 3aed20dfb829f396403bae154cb4fcc0bb586966 Mon Sep 17 00:00:00 2001
+From: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Tue, 5 Apr 2022 18:42:31 +0200
+Subject: [PATCH] remove unused frontend crypto
+
+
diff --git a/package.json b/package.json
-index 9c5a2d93e2..7f65949ea4 100644
+index f859115e8d..831586ad88 100644
--- a/package.json
+++ b/package.json
@@ -294,6 +294,9 @@
@@ -24,3 +30,723 @@ index 3e56d31c37..a03ed1a67a 100644
},
plugins: [
new MonacoWebpackPlugin({
+diff --git a/yarn.lock b/yarn.lock
+index c17e6153be..3f5e5b80d6 100644
+--- a/yarn.lock
++++ b/yarn.lock
+@@ -8301,27 +8301,6 @@ asap@~1.0.0:
+ resolved "https://registry.yarnpkg.com/asap/-/asap-1.0.0.tgz#b2a45da5fdfa20b0496fc3768cc27c12fa916a7d"
+ integrity sha1-sqRdpf36ILBJb8N2jMJ8EvqRan0=
+
+-asn1.js@^4.0.0:
+- version "4.10.1"
+- resolved "https://registry.yarnpkg.com/asn1.js/-/asn1.js-4.10.1.tgz#b9c2bf5805f1e64aadeed6df3a2bfafb5a73f5a0"
+- integrity sha512-p32cOF5q0Zqs9uBiONKYLm6BClCoBCM5O9JfeUSlnQLBTxYdTK+pW+nXflm8UkKd2UYlEbYz5qEi0JuZR9ckSw==
+- dependencies:
+- bn.js "^4.0.0"
+- inherits "^2.0.1"
+- minimalistic-assert "^1.0.0"
+-
+-asn1@~0.2.3:
+- version "0.2.4"
+- resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.4.tgz#8d2475dfab553bb33e77b54e59e880bb8ce23136"
+- integrity sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==
+- dependencies:
+- safer-buffer "~2.1.0"
+-
+-assert-plus@1.0.0, assert-plus@^1.0.0:
+- version "1.0.0"
+- resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525"
+- integrity sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=
+-
+ assert@^1.1.1:
+ version "1.5.0"
+ resolved "https://registry.yarnpkg.com/assert/-/assert-1.5.0.tgz#55c109aaf6e0aefdb3dc4b71240c70bf574b18eb"
+@@ -8936,13 +8915,6 @@ batch@0.6.1:
+ resolved "https://registry.yarnpkg.com/batch/-/batch-0.6.1.tgz#dc34314f4e679318093fc760272525f94bf25c16"
+ integrity sha1-3DQxT05nkxgJP8dgJyUl+UvyXBY=
+
+-bcrypt-pbkdf@^1.0.0:
+- version "1.0.2"
+- resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz#a4301d389b6a43f9b67ff3ca11a3f6637e360e9e"
+- integrity sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=
+- dependencies:
+- tweetnacl "^0.14.3"
+-
+ before-after-hook@^2.0.0:
+ version "2.1.0"
+ resolved "https://registry.yarnpkg.com/before-after-hook/-/before-after-hook-2.1.0.tgz#b6c03487f44e24200dd30ca5e6a1979c5d2fb635"
+@@ -9009,11 +8981,6 @@ bluebird@^3.3.5, bluebird@^3.5.1, bluebird@^3.5.3, bluebird@^3.7.2:
+ resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f"
+ integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==
+
+-bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.4.0:
+- version "4.11.9"
+- resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.9.tgz#26d556829458f9d1e81fc48952493d0ba3507828"
+- integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==
+-
+ body-parser@1.19.0:
+ version "1.19.0"
+ resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.19.0.tgz#96b2709e57c9c4e09a6fd66a8fd979844f69f08a"
+@@ -9115,11 +9082,6 @@ braces@^3.0.1, braces@~3.0.2:
+ dependencies:
+ fill-range "^7.0.1"
+
+-brorand@^1.0.1:
+- version "1.1.0"
+- resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f"
+- integrity sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=
+-
+ browser-process-hrtime@^0.1.2:
+ version "0.1.3"
+ resolved "https://registry.yarnpkg.com/browser-process-hrtime/-/browser-process-hrtime-0.1.3.tgz#616f00faef1df7ec1b5bf9cfe2bdc3170f26c7b4"
+@@ -9135,58 +9097,6 @@ browser-stdout@1.3.1:
+ resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.1.tgz#baa559ee14ced73452229bad7326467c61fabd60"
+ integrity sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==
+
+-browserify-aes@^1.0.0, browserify-aes@^1.0.4:
+- version "1.2.0"
+- resolved "https://registry.yarnpkg.com/browserify-aes/-/browserify-aes-1.2.0.tgz#326734642f403dabc3003209853bb70ad428ef48"
+- integrity sha512-+7CHXqGuspUn/Sl5aO7Ea0xWGAtETPXNSAjHo48JfLdPWcMng33Xe4znFvQweqc/uzk5zSOI3H52CYnjCfb5hA==
+- dependencies:
+- buffer-xor "^1.0.3"
+- cipher-base "^1.0.0"
+- create-hash "^1.1.0"
+- evp_bytestokey "^1.0.3"
+- inherits "^2.0.1"
+- safe-buffer "^5.0.1"
+-
+-browserify-cipher@^1.0.0:
+- version "1.0.1"
+- resolved "https://registry.yarnpkg.com/browserify-cipher/-/browserify-cipher-1.0.1.tgz#8d6474c1b870bfdabcd3bcfcc1934a10e94f15f0"
+- integrity sha512-sPhkz0ARKbf4rRQt2hTpAHqn47X3llLkUGn+xEJzLjwY8LRs2p0v7ljvI5EyoRO/mexrNunNECisZs+gw2zz1w==
+- dependencies:
+- browserify-aes "^1.0.4"
+- browserify-des "^1.0.0"
+- evp_bytestokey "^1.0.0"
+-
+-browserify-des@^1.0.0:
+- version "1.0.2"
+- resolved "https://registry.yarnpkg.com/browserify-des/-/browserify-des-1.0.2.tgz#3af4f1f59839403572f1c66204375f7a7f703e9c"
+- integrity sha512-BioO1xf3hFwz4kc6iBhI3ieDFompMhrMlnDFC4/0/vd5MokpuAc3R+LYbwTA9A5Yc9pq9UYPqffKpW2ObuwX5A==
+- dependencies:
+- cipher-base "^1.0.1"
+- des.js "^1.0.0"
+- inherits "^2.0.1"
+- safe-buffer "^5.1.2"
+-
+-browserify-rsa@^4.0.0:
+- version "4.0.1"
+- resolved "https://registry.yarnpkg.com/browserify-rsa/-/browserify-rsa-4.0.1.tgz#21e0abfaf6f2029cf2fafb133567a701d4135524"
+- integrity sha1-IeCr+vbyApzy+vsTNWenAdQTVSQ=
+- dependencies:
+- bn.js "^4.1.0"
+- randombytes "^2.0.1"
+-
+-browserify-sign@^4.0.0:
+- version "4.0.4"
+- resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.0.4.tgz#aa4eb68e5d7b658baa6bf6a57e630cbd7a93d298"
+- integrity sha1-qk62jl17ZYuqa/alfmMMvXqT0pg=
+- dependencies:
+- bn.js "^4.1.1"
+- browserify-rsa "^4.0.0"
+- create-hash "^1.1.0"
+- create-hmac "^1.1.2"
+- elliptic "^6.0.0"
+- inherits "^2.0.1"
+- parse-asn1 "^5.0.0"
+-
+ browserify-zlib@^0.2.0:
+ version "0.2.0"
+ resolved "https://registry.yarnpkg.com/browserify-zlib/-/browserify-zlib-0.2.0.tgz#2869459d9aa3be245fe8fe2ca1f46e2e7f54d73f"
+@@ -9259,11 +9169,6 @@ buffer-indexof@^1.0.0:
+ resolved "https://registry.yarnpkg.com/buffer-indexof/-/buffer-indexof-1.1.1.tgz#52fabcc6a606d1a00302802648ef68f639da268c"
+ integrity sha512-4/rOEg86jivtPTeOUUT61jJO1Ya1TrR/OkqCSZDyq84WJh3LuuiphBYJN+fm5xufIk4XAFcEwte/8WzC8If/1g==
+
+-buffer-xor@^1.0.3:
+- version "1.0.3"
+- resolved "https://registry.yarnpkg.com/buffer-xor/-/buffer-xor-1.0.3.tgz#26e61ed1422fb70dd42e6e36729ed51d855fe8d9"
+- integrity sha1-JuYe0UIvtw3ULm42cp7VHYVf6Nk=
+-
+ buffer@^4.3.0:
+ version "4.9.1"
+ resolved "https://registry.yarnpkg.com/buffer/-/buffer-4.9.1.tgz#6d1bb601b07a4efced97094132093027c95bc298"
+@@ -9566,17 +9471,7 @@ caniuse-db@1.0.30000772:
+ resolved "https://registry.yarnpkg.com/caniuse-db/-/caniuse-db-1.0.30000772.tgz#51aae891768286eade4a3d8319ea76d6a01b512b"
+ integrity sha1-UarokXaChureSj2DGep21qAbUSs=
+
+-caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001173:
+- version "1.0.30001299"
+- resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001299.tgz"
+- integrity sha512-iujN4+x7QzqA2NCSrS5VUy+4gLmRd4xv6vbBBsmfVqTx8bLAD8097euLqQgKxSVLvxjSDcvF1T/i9ocgnUFexw==
+-
+-caniuse-lite@^1.0.30000981, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001035, caniuse-lite@^1.0.30001093:
+- version "1.0.30001299"
+- resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001299.tgz"
+- integrity sha512-iujN4+x7QzqA2NCSrS5VUy+4gLmRd4xv6vbBBsmfVqTx8bLAD8097euLqQgKxSVLvxjSDcvF1T/i9ocgnUFexw==
+-
+-caniuse-lite@^1.0.30001109:
++caniuse-lite@^1.0.0, caniuse-lite@^1.0.30000981, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001035, caniuse-lite@^1.0.30001093, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001173:
+ version "1.0.30001299"
+ resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001299.tgz"
+ integrity sha512-iujN4+x7QzqA2NCSrS5VUy+4gLmRd4xv6vbBBsmfVqTx8bLAD8097euLqQgKxSVLvxjSDcvF1T/i9ocgnUFexw==
+@@ -9819,14 +9714,6 @@ ci-info@^2.0.0:
+ resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-2.0.0.tgz#67a9e964be31a51e15e5010d58e6f12834002f46"
+ integrity sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==
+
+-cipher-base@^1.0.0, cipher-base@^1.0.1, cipher-base@^1.0.3:
+- version "1.0.4"
+- resolved "https://registry.yarnpkg.com/cipher-base/-/cipher-base-1.0.4.tgz#8760e4ecc272f4c363532f926d874aae2c1397de"
+- integrity sha512-Kkht5ye6ZGmwv40uUDZztayT2ThLQGfnj/T71N/XzeZeo3nf8foyW7zGTsPYkEya3m5f3cAypH+qe7YOrM1U2Q==
+- dependencies:
+- inherits "^2.0.1"
+- safe-buffer "^5.0.1"
+-
+ circular-json@^0.3.1:
+ version "0.3.3"
+ resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.3.tgz#815c99ea84f6809529d2f45791bdf82711352d66"
+@@ -10562,7 +10449,7 @@ core-js@^3.0.1, core-js@^3.0.4, core-js@^3.6.5:
+ resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.8.3.tgz#c21906e1f14f3689f93abcc6e26883550dd92dd0"
+ integrity sha512-KPYXeVZYemC2TkNEkX/01I+7yd+nX3KddKwZ1Ww7SKWdI2wQprSgLmrTddT8nw92AjEklTsPBoSdQBhbI1bQ6Q==
+
+-core-util-is@1.0.2, core-util-is@~1.0.0:
++core-util-is@~1.0.0:
+ version "1.0.2"
+ resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
+ integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=
+@@ -10613,14 +10500,6 @@ cpy@^8.1.1:
+ p-filter "^2.1.0"
+ p-map "^3.0.0"
+
+-create-ecdh@^4.0.0:
+- version "4.0.3"
+- resolved "https://registry.yarnpkg.com/create-ecdh/-/create-ecdh-4.0.3.tgz#c9111b6f33045c4697f144787f9254cdc77c45ff"
+- integrity sha512-GbEHQPMOswGpKXM9kCWVrremUcBmjteUaQ01T9rkKCPDXfUHX0IoP9LpHYo2NPFampa4e+/pFDc3jQdxrxQLaw==
+- dependencies:
+- bn.js "^4.1.0"
+- elliptic "^6.0.0"
+-
+ create-emotion@^10.0.27:
+ version "10.0.27"
+ resolved "https://registry.yarnpkg.com/create-emotion/-/create-emotion-10.0.27.tgz#cb4fa2db750f6ca6f9a001a33fbf1f6c46789503"
+@@ -10638,29 +10517,6 @@ create-error-class@^3.0.0:
+ dependencies:
+ capture-stack-trace "^1.0.0"
+
+-create-hash@^1.1.0, create-hash@^1.1.2:
+- version "1.2.0"
+- resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.2.0.tgz#889078af11a63756bcfb59bd221996be3a9ef196"
+- integrity sha512-z00bCGNHDG8mHAkP7CtT1qVu+bFQUPjYq/4Iv3C3kWjTFV10zIjfSoeqXo9Asws8gwSHDGj/hl2u4OGIjapeCg==
+- dependencies:
+- cipher-base "^1.0.1"
+- inherits "^2.0.1"
+- md5.js "^1.3.4"
+- ripemd160 "^2.0.1"
+- sha.js "^2.4.0"
+-
+-create-hmac@^1.1.0, create-hmac@^1.1.2, create-hmac@^1.1.4:
+- version "1.1.7"
+- resolved "https://registry.yarnpkg.com/create-hmac/-/create-hmac-1.1.7.tgz#69170c78b3ab957147b2b8b04572e47ead2243ff"
+- integrity sha512-MJG9liiZ+ogc4TzUwuvbER1JRdgvUFSB5+VR/g5h82fGaIRWMWddtKBHi7/sVhfjQZ6SehlyhvQYrcYkaUIpLg==
+- dependencies:
+- cipher-base "^1.0.3"
+- create-hash "^1.1.0"
+- inherits "^2.0.1"
+- ripemd160 "^2.0.0"
+- safe-buffer "^5.0.1"
+- sha.js "^2.4.8"
+-
+ create-react-context@0.3.0:
+ version "0.3.0"
+ resolved "https://registry.yarnpkg.com/create-react-context/-/create-react-context-0.3.0.tgz#546dede9dc422def0d3fc2fe03afe0bc0f4f7d8c"
+@@ -10712,22 +10568,9 @@ crypt@~0.0.1:
+ resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b"
+ integrity sha1-iNf/fsDfuG9xPch7u0LQRNPmxBs=
+
+-crypto-browserify@^3.11.0:
+- version "3.12.0"
+- resolved "https://registry.yarnpkg.com/crypto-browserify/-/crypto-browserify-3.12.0.tgz#396cf9f3137f03e4b8e532c58f698254e00f80ec"
+- integrity sha512-fz4spIh+znjO2VjL+IdhEpRJ3YN6sMzITSBijk6FK2UvTqruSQW+/cCZTSNsMiZNvUeq0CqurF+dAbyiGOY6Wg==
+- dependencies:
+- browserify-cipher "^1.0.0"
+- browserify-sign "^4.0.0"
+- create-ecdh "^4.0.0"
+- create-hash "^1.1.0"
+- create-hmac "^1.1.0"
+- diffie-hellman "^5.0.0"
+- inherits "^2.0.1"
+- pbkdf2 "^3.0.3"
+- public-encrypt "^4.0.0"
+- randombytes "^2.0.0"
+- randomfill "^1.0.3"
++crypto-browserify@^3.11.0, "crypto-browserify@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.1.tgz", "http-signature@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.1.tgz", http-signature@~1.2.0, selfsigned@^1.10.8, "selfsigned@https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.1.tgz":
++ version "1.1.1"
++ resolved "https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.1.tgz#f8cae15d883ffc0abc663b5eaaa711fcc64bb5c2"
+
+ crypto-random-string@^1.0.0:
+ version "1.0.0"
+@@ -11450,13 +11293,6 @@ dargs@^4.0.1:
+ dependencies:
+ number-is-nan "^1.0.0"
+
+-dashdash@^1.12.0:
+- version "1.14.1"
+- resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0"
+- integrity sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=
+- dependencies:
+- assert-plus "^1.0.0"
+-
+ data-urls@^1.1.0:
+ version "1.1.0"
+ resolved "https://registry.yarnpkg.com/data-urls/-/data-urls-1.1.0.tgz#15ee0582baa5e22bb59c77140da8f9c76963bbfe"
+@@ -11709,14 +11545,6 @@ deprecation@^2.0.0, deprecation@^2.3.1:
+ resolved "https://registry.yarnpkg.com/deprecation/-/deprecation-2.3.1.tgz#6368cbdb40abf3373b525ac87e4a260c3a700919"
+ integrity sha512-xmHIy4F3scKVwMsQ4WnVaS8bHOx0DmVwRywosKhaILI0ywMDWPtBSku2HNxRvF7jtwDRsoEwYQSfbxj8b7RlJQ==
+
+-des.js@^1.0.0:
+- version "1.0.0"
+- resolved "https://registry.yarnpkg.com/des.js/-/des.js-1.0.0.tgz#c074d2e2aa6a8a9a07dbd61f9a15c2cd83ec8ecc"
+- integrity sha1-wHTS4qpqipoH29YfmhXCzYPsjsw=
+- dependencies:
+- inherits "^2.0.1"
+- minimalistic-assert "^1.0.0"
+-
+ destroy@~1.0.4:
+ version "1.0.4"
+ resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80"
+@@ -11808,15 +11636,6 @@ diff@^4.0.2:
+ resolved "https://registry.yarnpkg.com/diff/-/diff-4.0.2.tgz#60f3aecb89d5fae520c11aa19efc2bb982aade7d"
+ integrity sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==
+
+-diffie-hellman@^5.0.0:
+- version "5.0.3"
+- resolved "https://registry.yarnpkg.com/diffie-hellman/-/diffie-hellman-5.0.3.tgz#40e8ee98f55a2149607146921c63e1ae5f3d2875"
+- integrity sha512-kqag/Nl+f3GwyK25fhUMYj81BUOrZ9IuJsjIcDE5icNM9FJHAVm3VcUDxdLPoQtTuUylWm6ZIknYJwwaPxsUzg==
+- dependencies:
+- bn.js "^4.1.0"
+- miller-rabin "^4.0.0"
+- randombytes "^2.0.0"
+-
+ dir-glob@2.0.0:
+ version "2.0.0"
+ resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-2.0.0.tgz#0b205d2b6aef98238ca286598a8204d29d0a0034"
+@@ -12084,14 +11903,6 @@ eastasianwidth@^0.2.0:
+ resolved "https://registry.yarnpkg.com/eastasianwidth/-/eastasianwidth-0.2.0.tgz#696ce2ec0aa0e6ea93a397ffcf24aa7840c827cb"
+ integrity sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==
+
+-ecc-jsbn@~0.1.1:
+- version "0.1.2"
+- resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz#3a83a904e54353287874c564b7549386849a98c9"
+- integrity sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=
+- dependencies:
+- jsbn "~0.1.0"
+- safer-buffer "^2.1.0"
+-
+ ee-first@1.1.1:
+ version "1.1.1"
+ resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
+@@ -12136,19 +11947,6 @@ element-resize-detector@^1.2.1:
+ dependencies:
+ batch-processor "1.0.0"
+
+-elliptic@^6.0.0:
+- version "6.5.3"
+- resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6"
+- integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==
+- dependencies:
+- bn.js "^4.4.0"
+- brorand "^1.0.1"
+- hash.js "^1.0.0"
+- hmac-drbg "^1.0.0"
+- inherits "^2.0.1"
+- minimalistic-assert "^1.0.0"
+- minimalistic-crypto-utils "^1.0.0"
+-
+ emitter-component@^1.1.1:
+ version "1.1.1"
+ resolved "https://registry.yarnpkg.com/emitter-component/-/emitter-component-1.1.1.tgz#065e2dbed6959bf470679edabeaf7981d1003ab6"
+@@ -13033,14 +12831,6 @@ eventsource@^1.0.7:
+ dependencies:
+ original "^1.0.0"
+
+-evp_bytestokey@^1.0.0, evp_bytestokey@^1.0.3:
+- version "1.0.3"
+- resolved "https://registry.yarnpkg.com/evp_bytestokey/-/evp_bytestokey-1.0.3.tgz#7fcbdb198dc71959432efe13842684e0525acb02"
+- integrity sha512-/f2Go4TognH/KvCISP7OUsHn85hT9nUkxxA9BEWxFn+Oj9o8ZNLm/40hdlgSLyuOimsrTKLUMEorQexp/aPQeA==
+- dependencies:
+- md5.js "^1.3.4"
+- safe-buffer "^5.1.1"
+-
+ exec-sh@^0.3.2:
+ version "0.3.2"
+ resolved "https://registry.yarnpkg.com/exec-sh/-/exec-sh-0.3.2.tgz#6738de2eb7c8e671d0366aea0b0db8c6f7d7391b"
+@@ -13311,16 +13101,6 @@ extract-zip@^1.7.0:
+ mkdirp "^0.5.4"
+ yauzl "^2.10.0"
+
+-extsprintf@1.3.0:
+- version "1.3.0"
+- resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05"
+- integrity sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=
+-
+-extsprintf@^1.2.0:
+- version "1.4.0"
+- resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.4.0.tgz#e2689f8f356fad62cca65a3a91c5df5f9551692f"
+- integrity sha1-4mifjzVvrWLMplo6kcXfX5VRaS8=
+-
+ fast-deep-equal@^2.0.1:
+ version "2.0.1"
+ resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz#7b05218ddf9667bf7f370bf7fdb2cb15fdd0aa49"
+@@ -14177,13 +13957,6 @@ getos@^3.2.1:
+ dependencies:
+ async "^3.2.0"
+
+-getpass@^0.1.1:
+- version "0.1.7"
+- resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.7.tgz#5eff8e3e684d569ae4cb2b1282604e8ba62149fa"
+- integrity sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=
+- dependencies:
+- assert-plus "^1.0.0"
+-
+ git-raw-commits@2.0.0:
+ version "2.0.0"
+ resolved "https://registry.yarnpkg.com/git-raw-commits/-/git-raw-commits-2.0.0.tgz#d92addf74440c14bcc5c83ecce3fb7f8a79118b5"
+@@ -14685,22 +14458,6 @@ has@^1.0.0, has@^1.0.1, has@^1.0.3:
+ dependencies:
+ function-bind "^1.1.1"
+
+-hash-base@^3.0.0:
+- version "3.0.4"
+- resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.0.4.tgz#5fc8686847ecd73499403319a6b0a3f3f6ae4918"
+- integrity sha1-X8hoaEfs1zSZQDMZprCj8/auSRg=
+- dependencies:
+- inherits "^2.0.1"
+- safe-buffer "^5.0.1"
+-
+-hash.js@^1.0.0, hash.js@^1.0.3:
+- version "1.1.7"
+- resolved "https://registry.yarnpkg.com/hash.js/-/hash.js-1.1.7.tgz#0babca538e8d4ee4a0f8988d68866537a003cf42"
+- integrity sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==
+- dependencies:
+- inherits "^2.0.3"
+- minimalistic-assert "^1.0.1"
+-
+ hast-to-hyperscript@^9.0.0:
+ version "9.0.1"
+ resolved "https://registry.yarnpkg.com/hast-to-hyperscript/-/hast-to-hyperscript-9.0.1.tgz#9b67fd188e4c81e8ad66f803855334173920218d"
+@@ -14789,15 +14546,6 @@ highlight.js@^10.1.1, highlight.js@~10.5.0:
+ resolved "https://registry.yarnpkg.com/highlight.js/-/highlight.js-10.5.0.tgz#3f09fede6a865757378f2d9ebdcbc15ba268f98f"
+ integrity sha512-xTmvd9HiIHR6L53TMC7TKolEj65zG1XU+Onr8oi86mYa+nLcIbxTTWkpW7CsEwv/vK7u1zb8alZIMLDqqN6KTw==
+
+-hmac-drbg@^1.0.0:
+- version "1.0.1"
+- resolved "https://registry.yarnpkg.com/hmac-drbg/-/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1"
+- integrity sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=
+- dependencies:
+- hash.js "^1.0.3"
+- minimalistic-assert "^1.0.0"
+- minimalistic-crypto-utils "^1.0.1"
+-
+ hoist-non-react-statics@3.3.2, hoist-non-react-statics@^3.3.2:
+ version "3.3.2"
+ resolved "https://registry.yarnpkg.com/hoist-non-react-statics/-/hoist-non-react-statics-3.3.2.tgz#ece0acaf71d62c2969c2ec59feff42a4b1a85b45"
+@@ -15075,15 +14823,6 @@ http-proxy@^1.17.0:
+ follow-redirects "^1.0.0"
+ requires-port "^1.0.0"
+
+-http-signature@~1.2.0:
+- version "1.2.0"
+- resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.2.0.tgz#9aecd925114772f3d95b65a60abb8f7c18fbace1"
+- integrity sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=
+- dependencies:
+- assert-plus "^1.0.0"
+- jsprim "^1.2.2"
+- sshpk "^1.7.0"
+-
+ https-browserify@^1.0.0:
+ version "1.0.0"
+ resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73"
+@@ -16868,11 +16607,6 @@ js-yaml@3.13.1, js-yaml@^3.13.1, js-yaml@^3.4.6, js-yaml@^3.5.1, js-yaml@^3.5.4,
+ argparse "^1.0.7"
+ esprima "^4.0.0"
+
+-jsbn@~0.1.0:
+- version "0.1.1"
+- resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"
+- integrity sha1-peZUwuWi3rXyAdls77yoDA7y9RM=
+-
+ jsdoctypeparser@^9.0.0:
+ version "9.0.0"
+ resolved "https://registry.yarnpkg.com/jsdoctypeparser/-/jsdoctypeparser-9.0.0.tgz#8c97e2fb69315eb274b0f01377eaa5c940bd7b26"
+@@ -16982,11 +16716,6 @@ json-schema-traverse@^1.0.0:
+ resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2"
+ integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==
+
+-json-schema@0.2.3:
+- version "0.2.3"
+- resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13"
+- integrity sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=
+-
+ json-stable-stringify-without-jsonify@^1.0.1:
+ version "1.0.1"
+ resolved "https://registry.yarnpkg.com/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz#9db7b59496ad3f3cfef30a75142d2d930ad72651"
+@@ -17087,16 +16816,6 @@ jsonpointer@^4.0.0:
+ resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.1.tgz#4fd92cb34e0e9db3c89c8622ecf51f9b978c6cb9"
+ integrity sha1-T9kss04OnbPInIYi7PUfm5eMbLk=
+
+-jsprim@^1.2.2:
+- version "1.4.1"
+- resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2"
+- integrity sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=
+- dependencies:
+- assert-plus "1.0.0"
+- extsprintf "1.3.0"
+- json-schema "0.2.3"
+- verror "1.10.0"
+-
+ jsurl@^0.1.5:
+ version "0.1.5"
+ resolved "https://registry.yarnpkg.com/jsurl/-/jsurl-0.1.5.tgz#2a5c8741de39cacafc12f448908bf34e960dcee8"
+@@ -17886,15 +17605,6 @@ md5-file@^4.0.0:
+ resolved "https://registry.yarnpkg.com/md5-file/-/md5-file-4.0.0.tgz#f3f7ba1e2dd1144d5bf1de698d0e5f44a4409584"
+ integrity sha512-UC0qFwyAjn4YdPpKaDNw6gNxRf7Mcx7jC1UGCY4boCzgvU2Aoc1mOGzTtrjjLKhM5ivsnhoKpQVxKPp+1j1qwg==
+
+-md5.js@^1.3.4:
+- version "1.3.5"
+- resolved "https://registry.yarnpkg.com/md5.js/-/md5.js-1.3.5.tgz#b5d07b8e3216e3e27cd728d72f70d1e6a342005f"
+- integrity sha512-xitP+WxNPcTTOgnTJcrhM0xvdPepipPSf3I8EIpGKeFLjt3PlJLIDG3u8EX53ZIubkb+5U2+3rELYpEhHhzdkg==
+- dependencies:
+- hash-base "^3.0.0"
+- inherits "^2.0.1"
+- safe-buffer "^5.1.2"
+-
+ md5@^2.2.1:
+ version "2.2.1"
+ resolved "https://registry.yarnpkg.com/md5/-/md5-2.2.1.tgz#53ab38d5fe3c8891ba465329ea23fac0540126f9"
+@@ -18123,14 +17833,6 @@ micromatch@^4.0.0, micromatch@^4.0.2:
+ braces "^3.0.1"
+ picomatch "^2.0.5"
+
+-miller-rabin@^4.0.0:
+- version "4.0.1"
+- resolved "https://registry.yarnpkg.com/miller-rabin/-/miller-rabin-4.0.1.tgz#f080351c865b0dc562a8462966daa53543c78a4d"
+- integrity sha512-115fLhvZVqWwHPbClyntxEVfVDfl9DLLTuJvq3g2O/Oxi8AiNouAHvDSzHS0viUJc+V5vm3eq91Xwqn9dp4jRA==
+- dependencies:
+- bn.js "^4.0.0"
+- brorand "^1.0.1"
+-
+ mime-db@1.40.0:
+ version "1.40.0"
+ resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.40.0.tgz#a65057e998db090f732a68f6c276d387d4126c32"
+@@ -18217,16 +17919,11 @@ mini-svg-data-uri@^1.1.3:
+ resolved "https://registry.yarnpkg.com/mini-svg-data-uri/-/mini-svg-data-uri-1.1.3.tgz#9759ee5f4d89a4b724d089ce52eab4b623bfbc88"
+ integrity sha512-EeKOmdzekjdPe53/GdxmUpNgDQFkNeSte6XkJmOBt4BfWL6FQ9G9RtLNh+JMjFS3LhdpSICMIkZdznjiecASHQ==
+
+-minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1:
++minimalistic-assert@^1.0.0:
+ version "1.0.1"
+ resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7"
+ integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==
+
+-minimalistic-crypto-utils@^1.0.0, minimalistic-crypto-utils@^1.0.1:
+- version "1.0.1"
+- resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a"
+- integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=
+-
+ minimatch@3.0.3:
+ version "3.0.3"
+ resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.3.tgz#2a4e4090b96b2db06a9d7df01055a62a77c9b774"
+@@ -18749,11 +18446,6 @@ node-fetch@^2.5.0, node-fetch@^2.6.0, node-fetch@^2.6.1:
+ resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.1.tgz#045bd323631f76ed2e2b55573394416b639a0052"
+ integrity sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==
+
+-node-forge@^0.10.0:
+- version "0.10.0"
+- resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.10.0.tgz#32dea2afb3e9926f02ee5ce8794902691a676bf3"
+- integrity sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==
+-
+ node-gyp@^5.0.2:
+ version "5.1.1"
+ resolved "https://registry.yarnpkg.com/node-gyp/-/node-gyp-5.1.1.tgz#eb915f7b631c937d282e33aed44cb7a025f62a3e"
+@@ -19671,18 +19363,6 @@ parent-module@^1.0.0:
+ dependencies:
+ callsites "^3.0.0"
+
+-parse-asn1@^5.0.0:
+- version "5.1.5"
+- resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.5.tgz#003271343da58dc94cace494faef3d2147ecea0e"
+- integrity sha512-jkMYn1dcJqF6d5CpU689bq7w/b5ALS9ROVSpQDPrZsqqesUJii9qutvoT5ltGedNXMO2e16YUWIghG9KxaViTQ==
+- dependencies:
+- asn1.js "^4.0.0"
+- browserify-aes "^1.0.0"
+- create-hash "^1.1.0"
+- evp_bytestokey "^1.0.0"
+- pbkdf2 "^3.0.3"
+- safe-buffer "^5.1.1"
+-
+ parse-entities@^2.0.0:
+ version "2.0.0"
+ resolved "https://registry.yarnpkg.com/parse-entities/-/parse-entities-2.0.0.tgz#53c6eb5b9314a1f4ec99fa0fdf7ce01ecda0cbe8"
+@@ -19875,17 +19555,6 @@ path-type@^4.0.0:
+ resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b"
+ integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==
+
+-pbkdf2@^3.0.3:
+- version "3.0.17"
+- resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.0.17.tgz#976c206530617b14ebb32114239f7b09336e93a6"
+- integrity sha512-U/il5MsrZp7mGg3mSQfn742na2T+1/vHDCG5/iTI3X9MKUuYUZVLQhyRsg06mCgDBTd57TxzgZt7P+fYfjRLtA==
+- dependencies:
+- create-hash "^1.1.2"
+- create-hmac "^1.1.4"
+- ripemd160 "^2.0.1"
+- safe-buffer "^5.0.1"
+- sha.js "^2.4.8"
+-
+ pend@~1.2.0:
+ version "1.2.0"
+ resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50"
+@@ -21143,18 +20812,6 @@ pstree.remy@^1.1.7:
+ resolved "https://registry.yarnpkg.com/pstree.remy/-/pstree.remy-1.1.8.tgz#c242224f4a67c21f686839bbdb4ac282b8373d3a"
+ integrity sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==
+
+-public-encrypt@^4.0.0:
+- version "4.0.3"
+- resolved "https://registry.yarnpkg.com/public-encrypt/-/public-encrypt-4.0.3.tgz#4fcc9d77a07e48ba7527e7cbe0de33d0701331e0"
+- integrity sha512-zVpa8oKZSz5bTMTFClc1fQOnyyEzpl5ozpi1B5YcvBrdohMjH2rfsBtyXcuNuwjsDIXmBYlF2N5FlJYhR29t8Q==
+- dependencies:
+- bn.js "^4.1.0"
+- browserify-rsa "^4.0.0"
+- create-hash "^1.1.0"
+- parse-asn1 "^5.0.0"
+- randombytes "^2.0.1"
+- safe-buffer "^5.1.2"
+-
+ pump@^2.0.0:
+ version "2.0.1"
+ resolved "https://registry.yarnpkg.com/pump/-/pump-2.0.1.tgz#12399add6e4cf7526d973cbc8b5ce2e2908b3909"
+@@ -21306,21 +20963,13 @@ randexp@0.4.6:
+ discontinuous-range "1.0.0"
+ ret "~0.1.10"
+
+-randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5, randombytes@^2.1.0:
++randombytes@^2.1.0:
+ version "2.1.0"
+ resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a"
+ integrity sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==
+ dependencies:
+ safe-buffer "^5.1.0"
+
+-randomfill@^1.0.3:
+- version "1.0.4"
+- resolved "https://registry.yarnpkg.com/randomfill/-/randomfill-1.0.4.tgz#c92196fc86ab42be983f1bf31778224931d61458"
+- integrity sha512-87lcbR8+MhcWcUiQ+9e+Rwx8MyR2P7qnt15ynUlbm3TU/fjbgz4GsvfSUDTemtCCtVCqb4ZcEFlyPNTh9bBTLw==
+- dependencies:
+- randombytes "^2.0.5"
+- safe-buffer "^5.1.0"
+-
+ range-parser@^1.2.1, range-parser@~1.2.1:
+ version "1.2.1"
+ resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031"
+@@ -23056,14 +22705,6 @@ rimraf@~2.6.2:
+ dependencies:
+ glob "^7.1.3"
+
+-ripemd160@^2.0.0, ripemd160@^2.0.1:
+- version "2.0.2"
+- resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.2.tgz#a1c1a6f624751577ba5d07914cbc92850585890c"
+- integrity sha512-ii4iagi25WusVoiC4B4lq7pbXfAp3D9v5CwfkY33vffw2+pkDjY1D8GaN7spsxvCSx8dkPqOZCEZyfxcmJG2IA==
+- dependencies:
+- hash-base "^3.0.0"
+- inherits "^2.0.1"
+-
+ rollup-plugin-copy@3.3.0:
+ version "3.3.0"
+ resolved "https://registry.yarnpkg.com/rollup-plugin-copy/-/rollup-plugin-copy-3.3.0.tgz#5ba230047f86b9f703a29288f242948a5580e7b9"
+@@ -23248,7 +22889,7 @@ safe-regex@^1.1.0:
+ dependencies:
+ ret "~0.1.10"
+
+-"safer-buffer@>= 2.1.2 < 3", safer-buffer@^2.0.2, safer-buffer@^2.1.0, safer-buffer@~2.1.0:
++"safer-buffer@>= 2.1.2 < 3":
+ version "2.1.2"
+ resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
+ integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
+@@ -23442,13 +23083,6 @@ selection-is-backward@^1.0.0:
+ resolved "https://registry.yarnpkg.com/selection-is-backward/-/selection-is-backward-1.0.0.tgz#97a54633188a511aba6419fc5c1fa91b467e6be1"
+ integrity sha1-l6VGMxiKURq6ZBn8XB+pG0Z+a+E=
+
+-selfsigned@^1.10.8:
+- version "1.10.8"
+- resolved "https://registry.yarnpkg.com/selfsigned/-/selfsigned-1.10.8.tgz#0d17208b7d12c33f8eac85c41835f27fc3d81a30"
+- integrity sha512-2P4PtieJeEwVgTU9QEcwIRDQ/mXJLX8/+I3ur+Pg16nS8oNbrGxEso9NyYWy8NAmXiNl4dlAp5MwoNeCWzON4w==
+- dependencies:
+- node-forge "^0.10.0"
+-
+ semver-compare@^1.0.0:
+ version "1.0.0"
+ resolved "https://registry.yarnpkg.com/semver-compare/-/semver-compare-1.0.0.tgz#0dee216a1c941ab37e9efb1788f6afc5ff5537fc"
+@@ -23590,14 +23224,6 @@ setprototypeof@1.1.1:
+ resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.1.1.tgz#7e95acb24aa92f5885e0abef5ba131330d4ae683"
+ integrity sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw==
+
+-sha.js@^2.4.0, sha.js@^2.4.8:
+- version "2.4.11"
+- resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7"
+- integrity sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==
+- dependencies:
+- inherits "^2.0.1"
+- safe-buffer "^5.0.1"
+-
+ shallow-clone@^3.0.0:
+ version "3.0.1"
+ resolved "https://registry.yarnpkg.com/shallow-clone/-/shallow-clone-3.0.1.tgz#8f2981ad92531f55035b01fb230769a40e02efa3"
+@@ -24063,21 +23689,6 @@ sprintf-js@~1.0.2:
+ resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c"
+ integrity sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=
+
+-sshpk@^1.7.0:
+- version "1.16.1"
+- resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877"
+- integrity sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==
+- dependencies:
+- asn1 "~0.2.3"
+- assert-plus "^1.0.0"
+- bcrypt-pbkdf "^1.0.0"
+- dashdash "^1.12.0"
+- ecc-jsbn "~0.1.1"
+- getpass "^0.1.1"
+- jsbn "~0.1.0"
+- safer-buffer "^2.0.2"
+- tweetnacl "~0.14.0"
+-
+ ssri@^6.0.0, ssri@^6.0.1:
+ version "6.0.1"
+ resolved "https://registry.yarnpkg.com/ssri/-/ssri-6.0.1.tgz#2a3c41b28dd45b62b63676ecb74001265ae9edd8"
+@@ -25342,11 +24953,6 @@ tween-functions@^1.2.0:
+ resolved "https://registry.yarnpkg.com/tween-functions/-/tween-functions-1.2.0.tgz#1ae3a50e7c60bb3def774eac707acbca73bbc3ff"
+ integrity sha1-GuOlDnxguz3vd06scHrLynO7w/8=
+
+-tweetnacl@^0.14.3, tweetnacl@~0.14.0:
+- version "0.14.5"
+- resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.5.tgz#5ae68177f192d4456269d108afa93ff8743f4f64"
+- integrity sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=
+-
+ type-check@^0.4.0, type-check@~0.4.0:
+ version "0.4.0"
+ resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.4.0.tgz#07b8203bfa7056c0657050e3ccd2c37730bab8f1"
+@@ -25954,15 +25560,6 @@ vendors@^1.0.0:
+ resolved "https://registry.yarnpkg.com/vendors/-/vendors-1.0.4.tgz#e2b800a53e7a29b93506c3cf41100d16c4c4ad8e"
+ integrity sha512-/juG65kTL4Cy2su4P8HjtkTxk6VmJDiOPBufWniqQ6wknac6jNiXS9vU+hO3wgusiyqWlzTbVHi0dyJqRONg3w==
+
+-verror@1.10.0:
+- version "1.10.0"
+- resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400"
+- integrity sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=
+- dependencies:
+- assert-plus "^1.0.0"
+- core-util-is "1.0.2"
+- extsprintf "^1.2.0"
+-
+ vfile-location@^3.0.0, vfile-location@^3.2.0:
+ version "3.2.0"
+ resolved "https://registry.yarnpkg.com/vfile-location/-/vfile-location-3.2.0.tgz#d8e41fbcbd406063669ebf6c33d56ae8721d0f3c"
diff --git a/SOURCES/011-CVE-2021-43813.patch b/SOURCES/011-CVE-2021-43813.patch
deleted file mode 100644
index 375b364..0000000
--- a/SOURCES/011-CVE-2021-43813.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-commit ea77415cfe2cefe46ffce233076a1409abaa8df7
-Author: Will Browne <wbrowne@users.noreply.github.com>
-Date: Fri Dec 10 11:29:12 2021 +0000
-
- apply fix (#42969)
-
-diff --git a/pkg/plugins/plugins.go b/pkg/plugins/plugins.go
-index e6370a29e7..c7199c716e 100644
---- a/pkg/plugins/plugins.go
-+++ b/pkg/plugins/plugins.go
-@@ -491,15 +491,15 @@ func GetPluginMarkdown(pluginId string, name string) ([]byte, error) {
- }
-
- // nolint:gosec
-- // We can ignore the gosec G304 warning on this one because `plug.PluginDir` is based
-- // on plugin the folder structure on disk and not user input.
-- path := filepath.Join(plug.PluginDir, fmt.Sprintf("%s.md", strings.ToUpper(name)))
-+ // We can ignore the gosec G304 warning since we have cleaned the requested file path and subsequently
-+ // use this with a prefix of the plugin's directory, which is set during plugin loading
-+ path := filepath.Join(plug.PluginDir, mdFilepath(strings.ToUpper(name)))
- exists, err := fs.Exists(path)
- if err != nil {
- return nil, err
- }
- if !exists {
-- path = filepath.Join(plug.PluginDir, fmt.Sprintf("%s.md", strings.ToLower(name)))
-+ path = filepath.Join(plug.PluginDir, mdFilepath(strings.ToLower(name)))
- }
-
- exists, err = fs.Exists(path)
-@@ -511,8 +511,8 @@ func GetPluginMarkdown(pluginId string, name string) ([]byte, error) {
- }
-
- // nolint:gosec
-- // We can ignore the gosec G304 warning on this one because `plug.PluginDir` is based
-- // on plugin the folder structure on disk and not user input.
-+ // We can ignore the gosec G304 warning since we have cleaned the requested file path and subsequently
-+ // use this with a prefix of the plugin's directory, which is set during plugin loading
- data, err := ioutil.ReadFile(path)
- if err != nil {
- return nil, err
-@@ -520,6 +520,10 @@ func GetPluginMarkdown(pluginId string, name string) ([]byte, error) {
- return data, nil
- }
-
-+func mdFilepath(mdFilename string) string {
-+ return filepath.Clean(filepath.Join("/", fmt.Sprintf("%s.md", mdFilename)))
-+}
-+
- // gets plugin filenames that require verification for plugin signing
- func collectPluginFilesWithin(rootDir string) ([]string, error) {
- var files []string
diff --git a/SOURCES/011-use-hmac-sha-256-for-password-reset-tokens.patch b/SOURCES/011-use-hmac-sha-256-for-password-reset-tokens.patch
new file mode 100644
index 0000000..91b6b46
--- /dev/null
+++ b/SOURCES/011-use-hmac-sha-256-for-password-reset-tokens.patch
@@ -0,0 +1,353 @@
+commit f13c08e9f45d7776cb264b17ec41bc4ff51fc0b9
+Author: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Thu Nov 25 18:49:52 2021 +0100
+
+ notifications: use HMAC-SHA256 to generate time limit codes
+
+ * changes the time limit code generation function to use HMAC-SHA256
+ instead of SHA-1
+ * multiple new testcases
+
+diff --git a/pkg/services/notifications/codes.go b/pkg/services/notifications/codes.go
+index ea9beb30cc..1ddf05dc69 100644
+--- a/pkg/services/notifications/codes.go
++++ b/pkg/services/notifications/codes.go
+@@ -1,48 +1,53 @@
+ package notifications
+
+ import (
+- "crypto/sha1" // #nosec
++ "crypto/hmac"
++ "crypto/sha256"
+ "encoding/hex"
+ "fmt"
++ "strconv"
+ "time"
+
+- "github.com/unknwon/com"
+-
+ "github.com/grafana/grafana/pkg/models"
+ "github.com/grafana/grafana/pkg/setting"
+ )
+
+-const timeLimitCodeLength = 12 + 6 + 40
++const timeLimitStartDateLength = 12
++const timeLimitMinutesLength = 6
++const timeLimitHmacLength = 64
++const timeLimitCodeLength = timeLimitStartDateLength + timeLimitMinutesLength + timeLimitHmacLength
+
+ // create a time limit code
+-// code format: 12 length date time string + 6 minutes string + 40 sha1 encoded string
+-func createTimeLimitCode(data string, minutes int, startInf interface{}) (string, error) {
++// code format: 12 length date time string + 6 minutes string + 64 HMAC-SHA256 encoded string
++func createTimeLimitCode(payload string, minutes int, startStr string) (string, error) {
+ format := "200601021504"
+
+ var start, end time.Time
+- var startStr, endStr string
++ var endStr string
+
+- if startInf == nil {
++ if startStr == "" {
+ // Use now time create code
+ start = time.Now()
+ startStr = start.Format(format)
+ } else {
+ // use start string create code
+- startStr = startInf.(string)
+- start, _ = time.ParseInLocation(format, startStr, time.Local)
+- startStr = start.Format(format)
++ var err error
++ start, err = time.ParseInLocation(format, startStr, time.Local)
++ if err != nil {
++ return "", err
++ }
+ }
+
+ end = start.Add(time.Minute * time.Duration(minutes))
+ endStr = end.Format(format)
+
+- // create sha1 encode string
+- sh := sha1.New()
+- if _, err := sh.Write([]byte(data + setting.SecretKey + startStr + endStr +
+- com.ToStr(minutes))); err != nil {
+- return "", err
++ // create HMAC-SHA256 encoded string
++ key := []byte(setting.SecretKey)
++ h := hmac.New(sha256.New, key)
++ if _, err := h.Write([]byte(payload + startStr + endStr)); err != nil {
++ return "", fmt.Errorf("cannot create hmac: %v", err)
+ }
+- encoded := hex.EncodeToString(sh.Sum(nil))
++ encoded := hex.EncodeToString(h.Sum(nil))
+
+ code := fmt.Sprintf("%s%06d%s", startStr, minutes, encoded)
+ return code, nil
+@@ -50,30 +55,29 @@ func createTimeLimitCode(data string, minutes int, startInf interface{}) (string
+
+ // verify time limit code
+ func validateUserEmailCode(user *models.User, code string) (bool, error) {
+- if len(code) <= 18 {
++ if len(code) < timeLimitCodeLength {
+ return false, nil
+ }
+
+- minutes := setting.EmailCodeValidMinutes
+ code = code[:timeLimitCodeLength]
+
+ // split code
+- start := code[:12]
+- lives := code[12:18]
+- if d, err := com.StrTo(lives).Int(); err == nil {
+- minutes = d
++ startStr := code[:timeLimitStartDateLength]
++ minutesStr := code[timeLimitStartDateLength : timeLimitStartDateLength+timeLimitMinutesLength]
++ minutes, err := strconv.Atoi(minutesStr)
++ if err != nil {
++ return false, fmt.Errorf("invalid time limit code: %v", err)
+ }
+
+- // right active code
+- data := com.ToStr(user.Id) + user.Email + user.Login + user.Password + user.Rands
+- retCode, err := createTimeLimitCode(data, minutes, start)
++ // verify code
++ payload := strconv.FormatInt(user.Id, 10) + user.Email + user.Login + user.Password + user.Rands
++ expectedCode, err := createTimeLimitCode(payload, minutes, startStr)
+ if err != nil {
+ return false, err
+ }
+- fmt.Printf("code : %s\ncode2: %s", retCode, code)
+- if retCode == code && minutes > 0 {
++ if hmac.Equal([]byte(code), []byte(expectedCode)) && minutes > 0 {
+ // check time is expired or not
+- before, _ := time.ParseInLocation("200601021504", start, time.Local)
++ before, _ := time.ParseInLocation("200601021504", startStr, time.Local)
+ now := time.Now()
+ if before.Add(time.Minute*time.Duration(minutes)).Unix() > now.Unix() {
+ return true, nil
+@@ -94,15 +98,15 @@ func getLoginForEmailCode(code string) string {
+ return string(b)
+ }
+
+-func createUserEmailCode(u *models.User, startInf interface{}) (string, error) {
++func createUserEmailCode(user *models.User, startStr string) (string, error) {
+ minutes := setting.EmailCodeValidMinutes
+- data := com.ToStr(u.Id) + u.Email + u.Login + u.Password + u.Rands
+- code, err := createTimeLimitCode(data, minutes, startInf)
++ payload := strconv.FormatInt(user.Id, 10) + user.Email + user.Login + user.Password + user.Rands
++ code, err := createTimeLimitCode(payload, minutes, startStr)
+ if err != nil {
+ return "", err
+ }
+
+ // add tail hex username
+- code += hex.EncodeToString([]byte(u.Login))
++ code += hex.EncodeToString([]byte(user.Login))
+ return code, nil
+ }
+diff --git a/pkg/services/notifications/codes_test.go b/pkg/services/notifications/codes_test.go
+index d2b1f3a617..bea88e0bf5 100644
+--- a/pkg/services/notifications/codes_test.go
++++ b/pkg/services/notifications/codes_test.go
+@@ -1,19 +1,129 @@
+ package notifications
+
+ import (
++ "fmt"
++ "strconv"
+ "testing"
++ "time"
+
+ "github.com/grafana/grafana/pkg/models"
+ "github.com/grafana/grafana/pkg/setting"
+ . "github.com/smartystreets/goconvey/convey"
++ "github.com/stretchr/testify/require"
+ )
+
++func TestTimeLimitCodes(t *testing.T) {
++ user := &models.User{Id: 10, Email: "t@a.com", Login: "asd", Password: "1", Rands: "2"}
++
++ format := "200601021504"
++ mailPayload := strconv.FormatInt(user.Id, 10) + user.Email + user.Login + user.Password + user.Rands
++ tenMinutesAgo := time.Now().Add(-time.Minute * 10)
++
++ tests := []struct {
++ desc string
++ payload string
++ start time.Time
++ minutes int
++ valid bool
++ }{
++ {
++ desc: "code generated 10 minutes ago, 5 minutes valid",
++ payload: mailPayload,
++ start: tenMinutesAgo,
++ minutes: 5,
++ valid: false,
++ },
++ {
++ desc: "code generated 10 minutes ago, 9 minutes valid",
++ payload: mailPayload,
++ start: tenMinutesAgo,
++ minutes: 9,
++ valid: false,
++ },
++ {
++ desc: "code generated 10 minutes ago, 10 minutes valid",
++ payload: mailPayload,
++ start: tenMinutesAgo,
++ minutes: 10,
++ // code was valid exactly 10 minutes since evaluating the tenMinutesAgo assignment
++ // by the time this test is run the code is already expired
++ valid: false,
++ },
++ {
++ desc: "code generated 10 minutes ago, 11 minutes valid",
++ payload: mailPayload,
++ start: tenMinutesAgo,
++ minutes: 11,
++ valid: true,
++ },
++ {
++ desc: "code generated 10 minutes ago, 20 minutes valid",
++ payload: mailPayload,
++ start: tenMinutesAgo,
++ minutes: 20,
++ valid: true,
++ },
++ {
++ desc: "code generated 10 minutes ago, 20 minutes valid, tampered payload",
++ payload: mailPayload[:len(mailPayload)-1] + "x",
++ start: tenMinutesAgo,
++ minutes: 20,
++ valid: false,
++ },
++ }
++
++ for _, test := range tests {
++ t.Run(test.desc, func(t *testing.T) {
++ code, err := createTimeLimitCode(test.payload, test.minutes, test.start.Format(format))
++ require.NoError(t, err)
++
++ isValid, err := validateUserEmailCode(user, code)
++ require.NoError(t, err)
++ require.Equal(t, test.valid, isValid)
++ })
++ }
++
++ t.Run("tampered minutes", func(t *testing.T) {
++ code, err := createTimeLimitCode(mailPayload, 5, tenMinutesAgo.Format(format))
++ require.NoError(t, err)
++
++ // code is expired
++ isValid, err := validateUserEmailCode(user, code)
++ require.NoError(t, err)
++ require.Equal(t, false, isValid)
++
++ // let's try to extend the code by tampering the minutes
++ code = code[:12] + fmt.Sprintf("%06d", 20) + code[18:]
++ isValid, err = validateUserEmailCode(user, code)
++ require.NoError(t, err)
++ require.Equal(t, false, isValid)
++ })
++
++ t.Run("tampered start string", func(t *testing.T) {
++ code, err := createTimeLimitCode(mailPayload, 5, tenMinutesAgo.Format(format))
++ require.NoError(t, err)
++
++ // code is expired
++ isValid, err := validateUserEmailCode(user, code)
++ require.NoError(t, err)
++ require.Equal(t, false, isValid)
++
++ // let's try to extend the code by tampering the start string
++ oneMinuteAgo := time.Now().Add(-time.Minute)
++
++ code = oneMinuteAgo.Format(format) + code[12:]
++ isValid, err = validateUserEmailCode(user, code)
++ require.NoError(t, err)
++ require.Equal(t, false, isValid)
++ })
++}
++
+ func TestEmailCodes(t *testing.T) {
+ Convey("When generating code", t, func() {
+ setting.EmailCodeValidMinutes = 120
+
+ user := &models.User{Id: 10, Email: "t@a.com", Login: "asd", Password: "1", Rands: "2"}
+- code, err := createUserEmailCode(user, nil)
++ code, err := createUserEmailCode(user, "")
+ So(err, ShouldBeNil)
+
+ Convey("getLoginForCode should return login", func() {
+@@ -27,7 +137,7 @@ func TestEmailCodes(t *testing.T) {
+ So(isValid, ShouldBeTrue)
+ })
+
+- Convey("Cannot verify in-valid code", func() {
++ Convey("Cannot verify invalid code", func() {
+ code = "ASD"
+ isValid, err := validateUserEmailCode(user, code)
+ So(err, ShouldBeNil)
+diff --git a/pkg/services/notifications/notifications.go b/pkg/services/notifications/notifications.go
+index beea82f43e..5a575d1415 100644
+--- a/pkg/services/notifications/notifications.go
++++ b/pkg/services/notifications/notifications.go
+@@ -149,7 +149,7 @@ func (ns *NotificationService) sendEmailCommandHandler(cmd *models.SendEmailComm
+ }
+
+ func (ns *NotificationService) sendResetPasswordEmail(cmd *models.SendResetPasswordEmailCommand) error {
+- code, err := createUserEmailCode(cmd.User, nil)
++ code, err := createUserEmailCode(cmd.User, "")
+ if err != nil {
+ return err
+ }
+diff --git a/pkg/services/notifications/notifications_test.go b/pkg/services/notifications/notifications_test.go
+index e7680c3943..fb73e332ea 100644
+--- a/pkg/services/notifications/notifications_test.go
++++ b/pkg/services/notifications/notifications_test.go
+@@ -1,12 +1,14 @@
+ package notifications
+
+ import (
++ "regexp"
+ "testing"
+
+ "github.com/grafana/grafana/pkg/bus"
+ "github.com/grafana/grafana/pkg/models"
+ "github.com/grafana/grafana/pkg/setting"
+ . "github.com/smartystreets/goconvey/convey"
++ "github.com/stretchr/testify/require"
+ )
+
+ func TestNotifications(t *testing.T) {
+@@ -25,13 +27,28 @@ func TestNotifications(t *testing.T) {
+ So(err, ShouldBeNil)
+
+ Convey("When sending reset email password", func() {
+- err := ns.sendResetPasswordEmail(&models.SendResetPasswordEmailCommand{User: &models.User{Email: "asd@asd.com"}})
++ user := models.User{Email: "asd@asd.com", Login: "asd@asd.com"}
++ err := ns.sendResetPasswordEmail(&models.SendResetPasswordEmailCommand{User: &user})
+ So(err, ShouldBeNil)
+
+ sentMsg := <-ns.mailQueue
+ So(sentMsg.Body, ShouldContainSubstring, "body")
+ So(sentMsg.Subject, ShouldEqual, "Reset your Grafana password - asd@asd.com")
+ So(sentMsg.Body, ShouldNotContainSubstring, "Subject")
++
++ // find code in mail
++ r, _ := regexp.Compile(`code=(\w+)`)
++ match := r.FindString(sentMsg.Body)
++ code := match[len("code="):]
++
++ // verify code
++ bus.AddHandler("test", func(query *models.GetUserByLoginQuery) error {
++ query.Result = &user
++ return nil
++ })
++ query := models.ValidateResetPasswordCodeQuery{Code: code}
++ err = ns.validateResetPasswordCode(&query)
++ require.NoError(t, err)
+ })
+ })
+ }
diff --git a/SOURCES/012-support-go1.18.patch b/SOURCES/012-support-go1.18.patch
new file mode 100644
index 0000000..0a0ace4
--- /dev/null
+++ b/SOURCES/012-support-go1.18.patch
@@ -0,0 +1,315 @@
+From b8c4b70b19df84c054831823c92fbf2f3c192e78 Mon Sep 17 00:00:00 2001
+From: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Tue, 5 Apr 2022 16:16:31 +0200
+Subject: [PATCH] support Go 1.18
+
+json-iterator/go supports go1.18 since v1.1.12
+https://github.com/json-iterator/go/releases/tag/v1.1.12
+
+gonum.org/v1/gonum supports go1.18 since commit cccd8af5f6bd1539dd688c88102cb37e9117f96a
+https://github.com/gonum/gonum/pull/1729
+
+diff --git a/go.mod b/go.mod
+index c040bbaab0..cf9af7d44f 100644
+--- a/go.mod
++++ b/go.mod
+@@ -39,7 +39,7 @@ require (
+ github.com/gobwas/glob v0.2.3
+ github.com/golang/mock v1.5.0
+ github.com/golang/protobuf v1.4.3
+- github.com/google/go-cmp v0.5.4
++ github.com/google/go-cmp v0.5.7
+ github.com/google/uuid v1.2.0
+ github.com/gosimple/slug v1.9.0
+ github.com/grafana/grafana-aws-sdk v0.4.0
+@@ -55,7 +55,7 @@ require (
+ github.com/jaegertracing/jaeger v1.22.1-0.20210304164023-2fff3ca58910
+ github.com/jmespath/go-jmespath v0.4.0
+ github.com/jonboulle/clockwork v0.2.2 // indirect
+- github.com/json-iterator/go v1.1.10
++ github.com/json-iterator/go v1.1.12
+ github.com/lib/pq v1.9.0
+ github.com/linkedin/goavro/v2 v2.10.0
+ github.com/magefile/mage v1.11.0
+@@ -84,11 +84,11 @@ require (
+ github.com/yudai/gojsondiff v1.0.0
+ go.opentelemetry.io/collector v0.21.0
+ golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
+- golang.org/x/net v0.0.0-20210119194325-5f4716e94777
++ golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f
+ golang.org/x/oauth2 v0.0.0-20210113205817-d3ed898aa8a3
+- golang.org/x/sync v0.0.0-20201207232520-09787c993a3a
++ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
+ golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e
+- gonum.org/v1/gonum v0.8.2
++ gonum.org/v1/gonum v0.11.0
+ google.golang.org/api v0.40.0
+ google.golang.org/grpc v1.36.0
+ gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
+diff --git a/go.sum b/go.sum
+index 50212f12f2..1250ae409c 100644
+--- a/go.sum
++++ b/go.sum
+@@ -49,6 +49,8 @@ collectd.org v0.3.0/go.mod h1:A/8DzQBkF6abtvrT2j/AU/4tiBgJWYyh0y/oB/4MlWE=
+ contrib.go.opencensus.io/exporter/ocagent v0.6.0/go.mod h1:zmKjrJcdo0aYcVS7bmEeSEBLPA9YJp5bjrofdU3pIXs=
+ contrib.go.opencensus.io/exporter/prometheus v0.2.0/go.mod h1:TYmVAyE8Tn1lyPcltF5IYYfWp2KHu7lQGIZnj8iZMys=
+ dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
++gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8=
++git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc=
+ github.com/AndreasBriese/bbloom v0.0.0-20190306092124-e2d15f34fcf9/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8=
+ github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8=
+ github.com/Azure/azure-pipeline-go v0.2.1/go.mod h1:UGSo8XybXnIGZ3epmeBw7Jdz+HiUVpqIlpz/HKHylF4=
+@@ -138,7 +140,10 @@ github.com/VividCortex/mysqlerr v0.0.0-20170204212430-6c6b55f8796f/go.mod h1:f3H
+ github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c=
+ github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM=
+ github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY=
++github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY=
++github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk=
+ github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
++github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM=
+ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+@@ -206,6 +211,8 @@ github.com/bmatcuk/doublestar v1.2.2/go.mod h1:wiQtGV+rzVYxB7WIlirSN++5HPtPlXEo9
+ github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
+ github.com/bmizerany/pat v0.0.0-20170815010413-6226ea591a40/go.mod h1:8rLXio+WjiTceGBHIoTvn60HIbs7Hm7bcHjyrSqYB9c=
+ github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps=
++github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
++github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+ github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b h1:L/QXpzIa3pOvUGt1D1lA5KjYhPBAN/3iWdP7xeFS9F0=
+ github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA=
+ github.com/bsm/sarama-cluster v2.1.13+incompatible/go.mod h1:r7ao+4tTNXvWm+VRpRJchr2kQhqxgmAp2iEX5W96gMM=
+@@ -384,6 +391,7 @@ github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8S
+ github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+ github.com/fluent/fluent-bit-go v0.0.0-20190925192703-ea13c021720c/go.mod h1:WQX+afhrekY9rGK+WT4xvKSlzmia9gDoLYu4GGYGASQ=
+ github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
++github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
+ github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
+ github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g=
+ github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
+@@ -414,6 +422,11 @@ github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclK
+ github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
+ github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w=
+ github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
++github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g=
++github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks=
++github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY=
++github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY=
++github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY=
+ github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
+ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
+ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
+@@ -421,6 +434,8 @@ github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2
+ github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
+ github.com/go-kit/kit v0.10.0 h1:dXFJfIHVvUcpSgDOV+Ne6t7jXri8Tfv2uOLHUZ2XNuo=
+ github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
++github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U=
++github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk=
+ github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
+ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
+ github.com/go-logfmt/logfmt v0.5.0 h1:TrB8swr/68K7m9CcGut2g3UOihhbcbiMAYiuTXdEih4=
+@@ -508,6 +523,8 @@ github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+
+ github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA=
+ github.com/go-openapi/validate v0.19.3/go.mod h1:90Vh6jjkTn+OT1Eefm0ZixWNFjhtOH7vS9k0lo6zwJo=
+ github.com/go-openapi/validate v0.19.8/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4=
++github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M=
++github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M=
+ github.com/go-redis/redis/v8 v8.0.0-beta.10.0.20200905143926-df7fe4e2ce72/go.mod h1:CJP1ZIHwhosNYwIdaHPZK9vHsM3+roNBaZ7U9Of1DXc=
+ github.com/go-redis/redis/v8 v8.2.3/go.mod h1:ysgGY09J/QeDYbu3HikWEIPCwaeOkuNoTgKayTEaEOw=
+ github.com/go-sourcemap/sourcemap v2.1.3+incompatible h1:W1iEw64niKVGogNgBN3ePyLFfuisuzeidWPMPWmECqU=
+@@ -635,8 +652,9 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
+ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+-github.com/google/go-cmp v0.5.4 h1:L8R9j+yAqZuZjsqh/z+F1NCffTKKLShY6zXTItVIZ8M=
+ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
++github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
++github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
+ github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
+ github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
+ github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
+@@ -893,8 +911,9 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV
+ github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+ github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+ github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+-github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
+ github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
++github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
++github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+ github.com/jstemmer/go-junit-report v0.9.1 h1:6QPYqodiu3GuPL+7mfx+NwDdp2eTkp9IfEUpgAwUN0o=
+ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
+@@ -904,6 +923,7 @@ github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7
+ github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
+ github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
++github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
+ github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
+ github.com/jwilder/encoding v0.0.0-20170811194829-b4e1701a28ef/go.mod h1:Ct9fl0F6iIOGgxJ5npU/IUOhOhqlVrGjyIZc8/MagT0=
+ github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88 h1:uC1QfSlInpQF+M0ao65imhwqKnz3Q2z/d8PWZRMQvDM=
+@@ -1080,8 +1100,9 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
+ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+ github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+-github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
+ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
++github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
++github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+ github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc=
+ github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
+ github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
+@@ -1184,6 +1205,9 @@ github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR
+ github.com/peterh/liner v1.0.1-0.20180619022028-8c1271fcf47f/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc=
+ github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
+ github.com/philhofer/fwd v1.1.1/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
++github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY=
++github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI=
++github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI=
+ github.com/pierrec/cmdflag v0.0.2/go.mod h1:a3zKGZ3cdQUfxjd0RGMLZr8xI3nvpJOB+m6o/1X5BmU=
+ github.com/pierrec/lz4 v0.0.0-20190327172049-315a67e90e41/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
+ github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
+@@ -1310,6 +1334,8 @@ github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNue
+ github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
+ github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
+ github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
++github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w=
++github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk=
+ github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
+ github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
+ github.com/samuel/go-zookeeper v0.0.0-20190810000440-0ceca61e4d75/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
+@@ -1491,6 +1517,7 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
+ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
++github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+ github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA=
+ github.com/ziutek/mymysql v1.5.4 h1:GB0qdRGsTwQSBVYuVShFBKaXSnSnYYC2d9knnE1LHFs=
+ github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
+@@ -1587,6 +1614,7 @@ golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL
+ golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+ golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
+ golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
++golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE=
+ golang.org/x/exp v0.0.0-20191029154019-8994fa331a53/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
+ golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
+ golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
+@@ -1600,6 +1628,16 @@ golang.org/x/exp v0.0.0-20200821190819-94841d0725da/go.mod h1:3jZMyOhIsHpP37uCMk
+ golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
+ golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+ golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
++golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
++golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
++golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
++golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
++golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
++golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
++golang.org/x/image v0.0.0-20210607152325-775e3b0c77b9/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
++golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
++golang.org/x/image v0.0.0-20211028202545-6944b10bf410/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
++golang.org/x/image v0.0.0-20220302094943-723b81ca9867/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
+ golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+ golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+ golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+@@ -1621,8 +1659,9 @@ golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzB
+ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+-golang.org/x/mod v0.4.1 h1:Kvvh58BN8Y9/lBi7hTekvtMpm07eUZ0ck5pRHpsMWrY=
+ golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
++golang.org/x/mod v0.5.1 h1:OJxoQ/rynoF0dcCdI7cLPktw/hR2cueqYfjm43oqK38=
++golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
+ golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+ golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+ golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+@@ -1682,8 +1721,9 @@ golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwY
+ golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+ golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+-golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew=
+ golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
++golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f h1:OfiFi4JbukWwe3lzw+xunroH1mnC1e2Gy5cxNJApiSY=
++golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+ golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+ golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+ golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+@@ -1707,8 +1747,9 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ
+ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+ golang.org/x/sync v0.0.0-20200930132711-30421366ff76/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+-golang.org/x/sync v0.0.0-20201207232520-09787c993a3a h1:DcqTD9SDLc+1P/r1EmRBwnVsrOwW+kk2vWf9n+1sGhs=
+ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
++golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
++golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+ golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+ golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+@@ -1802,8 +1843,11 @@ golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7w
+ golang.org/x/sys v0.0.0-20201214210602-f9fddec55a1e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+-golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c h1:VwygUrnw9jn88c4u8GD3rZQbqrP/tgas88tPUbBxQrk=
+ golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
++golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
++golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
++golang.org/x/sys v0.0.0-20211019181941-9d821ace8654 h1:id054HUawV2/6IGm2IV8KZQjqtwAOo2CYlOToYqa0d0=
++golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+ golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+ golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+ golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+@@ -1814,8 +1858,10 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3
+ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+-golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ=
+ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
++golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
++golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
++golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+ golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+ golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+ golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+@@ -1860,6 +1906,7 @@ golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtn
+ golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20190918214516-5a1a30219888/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
++golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+@@ -1913,8 +1960,9 @@ golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4f
+ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+ golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+-golang.org/x/tools v0.1.0 h1:po9/4sTYwZU9lPhi1tOrb4hCv3qrhiQ77LZfGa2OjwY=
+ golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
++golang.org/x/tools v0.1.9 h1:j9KsMiaP1c3B0OTQGth0/k+miLGTgLsAFUCrF2vLcF8=
++golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU=
+ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+@@ -1923,12 +1971,15 @@ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8T
+ gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo=
+ gonum.org/v1/gonum v0.0.0-20181121035319-3f7ecaa7e8ca/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo=
+ gonum.org/v1/gonum v0.6.0/go.mod h1:9mxDZsDKxgMAuccQkewq682L+0eCu4dCN2yonUJTCLU=
+-gonum.org/v1/gonum v0.8.2 h1:CCXrcPKiGGotvnN6jfUsKk4rRqm7q09/YbKb5xCEvtM=
+ gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0=
++gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0=
++gonum.org/v1/gonum v0.11.0 h1:f1IJhK4Km5tBJmaiJXtk/PkL4cdVX6J+tGiM187uT5E=
++gonum.org/v1/gonum v0.11.0/go.mod h1:fSG4YDCxxUZQJ7rKsQrj0gMOg00Il0Z96/qMA4bVQhA=
+ gonum.org/v1/netlib v0.0.0-20181029234149-ec6d1f5cefe6/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw=
+-gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0 h1:OE9mWmgKkjJyEmDAAtGMPjXu+YNeGvK9VTSHY6+Qihc=
+ gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw=
+ gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc=
++gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY=
++gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo=
+ google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
+ google.golang.org/api v0.3.2/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
+ google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
+@@ -2136,6 +2187,7 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
+ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
+ honnef.co/go/tools v0.0.1-2020.1.6/go.mod h1:pyyisuGw24ruLjrr1ddx39WE0y9OooInRzEYLhQB2YY=
+ honnef.co/go/tools v0.1.2/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las=
++honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las=
+ howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0=
+ k8s.io/api v0.0.0-20190813020757-36bff7324fb7/go.mod h1:3Iy+myeAORNCLgjd/Xu9ebwN7Vh59Bw0vh9jhoX+V58=
+ k8s.io/api v0.0.0-20191115095533-47f6de673b26/go.mod h1:iA/8arsvelvo4IDqIhX4IbjTEKBGgvsf2OraTuRtLFU=
diff --git a/SOURCES/013-CVE-2021-23648.patch b/SOURCES/013-CVE-2021-23648.patch
new file mode 100644
index 0000000..edd9b83
--- /dev/null
+++ b/SOURCES/013-CVE-2021-23648.patch
@@ -0,0 +1,71 @@
+From 76121bc49ce1d5417202ce0a567e4f0f00c75667 Mon Sep 17 00:00:00 2001
+From: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Tue, 5 Apr 2022 17:40:30 +0200
+Subject: [PATCH] upgrade @braintree/sanitize-url to v6.0.0
+
+Resolves: CVE-2021-23648
+
+diff --git a/package.json b/package.json
+index 831586ad88..ab8b142ed9 100644
+--- a/package.json
++++ b/package.json
+@@ -209,7 +209,6 @@
+ "@sentry/utils": "5.24.2",
+ "@torkelo/react-select": "3.0.8",
+ "@types/antlr4": "^4.7.1",
+- "@types/braintree__sanitize-url": "4.0.0",
+ "@types/common-tags": "^1.8.0",
+ "@types/hoist-non-react-statics": "3.3.1",
+ "@types/jsurl": "^1.2.28",
+diff --git a/packages/grafana-data/package.json b/packages/grafana-data/package.json
+index b24b1af2f4..c3f1b4e181 100644
+--- a/packages/grafana-data/package.json
++++ b/packages/grafana-data/package.json
+@@ -22,7 +22,7 @@
+ "typecheck": "tsc --noEmit"
+ },
+ "dependencies": {
+- "@braintree/sanitize-url": "4.0.0",
++ "@braintree/sanitize-url": "6.0.0",
+ "@types/d3-interpolate": "^1.3.1",
+ "apache-arrow": "0.16.0",
+ "eventemitter3": "4.0.7",
+@@ -36,7 +36,6 @@
+ "@rollup/plugin-commonjs": "16.0.0",
+ "@rollup/plugin-json": "4.1.0",
+ "@rollup/plugin-node-resolve": "10.0.0",
+- "@types/braintree__sanitize-url": "4.0.0",
+ "@types/jest": "26.0.15",
+ "@types/jquery": "3.3.38",
+ "@types/lodash": "4.14.123",
+diff --git a/yarn.lock b/yarn.lock
+index 3f5e5b80d6..a84bfebaa7 100644
+--- a/yarn.lock
++++ b/yarn.lock
+@@ -3030,10 +3030,10 @@
+ resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
+ integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
+
+-"@braintree/sanitize-url@4.0.0":
+- version "4.0.0"
+- resolved "https://registry.yarnpkg.com/@braintree/sanitize-url/-/sanitize-url-4.0.0.tgz#2cda79ffd67b6ea919a63b5e1a883b92d636e844"
+- integrity sha512-bOoFoTxuEUuri/v1q0OXN0HIrZ2EiZlRSKdveU8vS5xf2+g0TmpXhmxkTc1s+XWR5xZNoVU4uvf/Mher98tfLw==
++"@braintree/sanitize-url@6.0.0":
++ version "6.0.0"
++ resolved "https://registry.yarnpkg.com/@braintree/sanitize-url/-/sanitize-url-6.0.0.tgz#fe364f025ba74f6de6c837a84ef44bdb1d61e68f"
++ integrity sha512-mgmE7XBYY/21erpzhexk4Cj1cyTQ9LzvnTxtzM17BJ7ERMNE6W72mQRo0I1Ud8eFJ+RVVIcBNhLFZ3GX4XFz5w==
+
+ "@cnakazawa/watch@^1.0.3":
+ version "1.0.3"
+@@ -5752,11 +5752,6 @@
+ resolved "https://registry.yarnpkg.com/@types/braces/-/braces-3.0.0.tgz#7da1c0d44ff1c7eb660a36ec078ea61ba7eb42cb"
+ integrity sha512-TbH79tcyi9FHwbyboOKeRachRq63mSuWYXOflsNO9ZyE5ClQ/JaozNKl+aWUq87qPNsXasXxi2AbgfwIJ+8GQw==
+
+-"@types/braintree__sanitize-url@4.0.0":
+- version "4.0.0"
+- resolved "https://registry.yarnpkg.com/@types/braintree__sanitize-url/-/braintree__sanitize-url-4.0.0.tgz#0e8a834501f8c375d4b3fb8dcf9398a08ebe068d"
+- integrity sha512-69eGJ8808/WfTJGsvMi1pxQ9UG5Z+llD1x9ash5QX+qvxElDD+eYNAn19cTEVTq6WwUqrqlaTWVCKaTRFTuGmA==
+-
+ "@types/cheerio@*":
+ version "0.22.13"
+ resolved "https://registry.yarnpkg.com/@types/cheerio/-/cheerio-0.22.13.tgz#5eecda091a24514185dcba99eda77e62bf6523e6"
diff --git a/SOURCES/014-CVE-2022-21698.patch b/SOURCES/014-CVE-2022-21698.patch
new file mode 100644
index 0000000..0f26391
--- /dev/null
+++ b/SOURCES/014-CVE-2022-21698.patch
@@ -0,0 +1,102 @@
+From 72cfe3ee850b1e3e00e138d87bd369eabab31697 Mon Sep 17 00:00:00 2001
+From: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Tue, 5 Apr 2022 18:55:29 +0200
+Subject: [PATCH] upgrade prometheus/client_golang to v1.11.1
+
+
+diff --git a/go.mod b/go.mod
+index cf9af7d44f..e7d89f6c76 100644
+--- a/go.mod
++++ b/go.mod
+@@ -65,9 +65,9 @@ require (
+ github.com/opentracing/opentracing-go v1.2.0
+ github.com/patrickmn/go-cache v2.1.0+incompatible
+ github.com/pkg/errors v0.9.1
+- github.com/prometheus/client_golang v1.9.0
++ github.com/prometheus/client_golang v1.11.1
+ github.com/prometheus/client_model v0.2.0
+- github.com/prometheus/common v0.18.0
++ github.com/prometheus/common v0.26.0
+ github.com/robfig/cron v0.0.0-20180505203441-b41be1df6967
+ github.com/robfig/cron/v3 v3.0.1
+ github.com/russellhaering/goxmldsig v1.1.0
+diff --git a/go.sum b/go.sum
+index 1250ae409c..149c317b36 100644
+--- a/go.sum
++++ b/go.sum
+@@ -434,6 +434,7 @@ github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2
+ github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
+ github.com/go-kit/kit v0.10.0 h1:dXFJfIHVvUcpSgDOV+Ne6t7jXri8Tfv2uOLHUZ2XNuo=
+ github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
++github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
+ github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U=
+ github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk=
+ github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
+@@ -653,6 +654,7 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
+ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
++github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+ github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
+ github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
+ github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
+@@ -912,6 +914,7 @@ github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/u
+ github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+ github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+ github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
++github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
+ github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+@@ -1249,8 +1252,9 @@ github.com/prometheus/client_golang v1.4.1/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3O
+ github.com/prometheus/client_golang v1.5.1/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
+ github.com/prometheus/client_golang v1.6.0/go.mod h1:ZLOG9ck3JLRdB5MgO8f+lLTe83AXG6ro35rLTxvnIl4=
+ github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
+-github.com/prometheus/client_golang v1.9.0 h1:Rrch9mh17XcxvEu9D9DEpb4isxjGBtcevQjKvxPRQIU=
+ github.com/prometheus/client_golang v1.9.0/go.mod h1:FqZLKOZnGdFAhOK4nqGHa7D66IdsO+O441Eve7ptJDU=
++github.com/prometheus/client_golang v1.11.1 h1:+4eQaD7vAZ6DsfsxB15hbE0odUjGI5ARs9yskGu1v4s=
++github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
+ github.com/prometheus/client_model v0.0.0-20170216185247-6f3806018612/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+ github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+ github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+@@ -1275,8 +1279,8 @@ github.com/prometheus/common v0.12.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16
+ github.com/prometheus/common v0.14.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
+ github.com/prometheus/common v0.15.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
+ github.com/prometheus/common v0.17.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
+-github.com/prometheus/common v0.18.0 h1:WCVKW7aL6LEe1uryfI9dnEc2ZqNB1Fn0ok930v0iL1Y=
+-github.com/prometheus/common v0.18.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
++github.com/prometheus/common v0.26.0 h1:iMAkS2TDoNWnKM+Kopnx/8tnEStIfpYA0ur0xQzzhMQ=
++github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
+ github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289 h1:dTUS1vaLWq+Y6XKOTnrFpoVsQKLCbCp1OLj24TDi7oM=
+ github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289/go.mod h1:FGbBv5OPKjch+jNUJmEQpMZytIdyW0NdBtWFcfSKusc=
+ github.com/prometheus/procfs v0.0.0-20180612222113-7d6f385de8be/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
+@@ -1292,8 +1296,9 @@ github.com/prometheus/procfs v0.0.6/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+Gx
+ github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
+ github.com/prometheus/procfs v0.0.11/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
+ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
+-github.com/prometheus/procfs v0.2.0 h1:wH4vA7pcjKuZzjF7lM8awk4fnuJO6idemZXoKnULUx4=
+ github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
++github.com/prometheus/procfs v0.6.0 h1:mxy4L2jP6qMonqmq+aTtOx1ifVWUgG/TAmntgbh3xv4=
++github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
+ github.com/prometheus/prometheus v0.0.0-20180315085919-58e2a31db8de/go.mod h1:oAIUtOny2rjMX0OWN5vPR5/q/twIROJvdqnQKDdil/s=
+ github.com/prometheus/prometheus v0.0.0-20190818123050-43acd0e2e93f/go.mod h1:rMTlmxGCvukf2KMu3fClMDKLLoJ5hl61MhcJ7xKakf0=
+ github.com/prometheus/prometheus v1.8.2-0.20200107122003-4708915ac6ef/go.mod h1:7U90zPoLkWjEIQcy/rweQla82OCTUzxVHE51G3OhJbI=
+@@ -1846,6 +1851,7 @@ golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7w
+ golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
++golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+ golang.org/x/sys v0.0.0-20211019181941-9d821ace8654 h1:id054HUawV2/6IGm2IV8KZQjqtwAOo2CYlOToYqa0d0=
+ golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+ golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+@@ -2108,8 +2114,9 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
+ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
+-google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
+ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
++google.golang.org/protobuf v1.26.0-rc.1 h1:7QnIQpGRHE5RnLKnESfDoxm2dTapTZua5a0kS0A+VXQ=
++google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+ gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
+ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
+ gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk=
diff --git a/SOURCES/015-CVE-2022-21698.vendor.patch b/SOURCES/015-CVE-2022-21698.vendor.patch
new file mode 100644
index 0000000..c80937a
--- /dev/null
+++ b/SOURCES/015-CVE-2022-21698.vendor.patch
@@ -0,0 +1,20 @@
+From 16b1f5dec2596a1529a31a43389ed3089ee63b73 Mon Sep 17 00:00:00 2001
+From: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Tue, 5 Apr 2022 18:55:29 +0200
+Subject: [PATCH] adjust vendored loki dependency for prometheus/client_golang
+ v1.11.1
+
+
+diff --git a/vendor/github.com/grafana/loki/pkg/logcli/client/client.go b/vendor/github.com/grafana/loki/pkg/logcli/client/client.go
+index ec8cd02eff..7e76792005 100644
+--- a/vendor/github.com/grafana/loki/pkg/logcli/client/client.go
++++ b/vendor/github.com/grafana/loki/pkg/logcli/client/client.go
+@@ -183,7 +183,7 @@ func (c *DefaultClient) doRequest(path, query string, quiet bool, out interface{
+ TLSConfig: c.TLSConfig,
+ }
+
+- client, err := config.NewClientFromConfig(clientConfig, "logcli", false, false)
++ client, err := config.NewClientFromConfig(clientConfig, "logcli", config.WithHTTP2Disabled())
+ if err != nil {
+ return err
+ }
diff --git a/SOURCES/016-fix-CVE-2022-31107.patch b/SOURCES/016-fix-CVE-2022-31107.patch
new file mode 100644
index 0000000..2c69752
--- /dev/null
+++ b/SOURCES/016-fix-CVE-2022-31107.patch
@@ -0,0 +1,353 @@
+From 41a9a27cf0767828f38a390bbe7cf43f613b882e Mon Sep 17 00:00:00 2001
+From: Andreas Gerstmayr <agerstmayr@redhat.com>
+Date: Fri, 15 Jul 2022 14:05:14 +0200
+Subject: [PATCH] fix CVE-2022-31107
+
+backport 967e17d7ef6bc62a108add33ea699710f0e15870 from v8.4.10
+
+Co-authored-by: Karl Persson <kalle.persson@grafana.com>
+Co-authored-by: Jguer <joao.guerreiro@grafana.com>
+
+diff --git a/pkg/api/ldap_debug.go b/pkg/api/ldap_debug.go
+index 126e760b67..c9e2b606c5 100644
+--- a/pkg/api/ldap_debug.go
++++ b/pkg/api/ldap_debug.go
+@@ -215,6 +215,11 @@ func (hs *HTTPServer) PostSyncUserWithLDAP(c *models.ReqContext) response.Respon
+ ReqContext: c,
+ ExternalUser: user,
+ SignupAllowed: hs.Cfg.LDAPAllowSignup,
++ UserLookupParams: models.UserLookupParams{
++ UserID: &query.Result.Id, // Upsert by ID only
++ Email: nil,
++ Login: nil,
++ },
+ }
+
+ err = bus.Dispatch(upsertCmd)
+diff --git a/pkg/api/login_oauth.go b/pkg/api/login_oauth.go
+index 1fce9b6f61..611d51444f 100644
+--- a/pkg/api/login_oauth.go
++++ b/pkg/api/login_oauth.go
+@@ -250,6 +250,11 @@ func syncUser(
+ ReqContext: ctx,
+ ExternalUser: extUser,
+ SignupAllowed: connect.IsSignupAllowed(),
++ UserLookupParams: models.UserLookupParams{
++ Email: &extUser.Email,
++ UserID: nil,
++ Login: nil,
++ },
+ }
+ if err := bus.Dispatch(cmd); err != nil {
+ return nil, err
+diff --git a/pkg/login/ldap_login.go b/pkg/login/ldap_login.go
+index cb5d984e73..82dac2ee9e 100644
+--- a/pkg/login/ldap_login.go
++++ b/pkg/login/ldap_login.go
+@@ -56,9 +56,13 @@ var loginUsingLDAP = func(query *models.LoginUserQuery) (bool, error) {
+ ReqContext: query.ReqContext,
+ ExternalUser: externalUser,
+ SignupAllowed: setting.LDAPAllowSignup,
++ UserLookupParams: models.UserLookupParams{
++ Login: &externalUser.Login,
++ Email: &externalUser.Email,
++ UserID: nil,
++ },
+ }
+- err = bus.Dispatch(upsert)
+- if err != nil {
++ if err = bus.Dispatch(upsert); err != nil {
+ return true, err
+ }
+ query.User = upsert.Result
+diff --git a/pkg/models/user_auth.go b/pkg/models/user_auth.go
+index 2061cf048b..a98efe659e 100644
+--- a/pkg/models/user_auth.go
++++ b/pkg/models/user_auth.go
+@@ -54,11 +54,11 @@ type RequestURIKey struct{}
+ // COMMANDS
+
+ type UpsertUserCommand struct {
+- ReqContext *ReqContext
+- ExternalUser *ExternalUserInfo
++ ReqContext *ReqContext
++ ExternalUser *ExternalUserInfo
++ UserLookupParams
++ Result *User
+ SignupAllowed bool
+-
+- Result *User
+ }
+
+ type SetAuthInfoCommand struct {
+@@ -95,13 +95,18 @@ type LoginUserQuery struct {
+ type GetUserByAuthInfoQuery struct {
+ AuthModule string
+ AuthId string
+- UserId int64
+- Email string
+- Login string
++ UserLookupParams
+
+ Result *User
+ }
+
++type UserLookupParams struct {
++ // Describes lookup order as well
++ UserID *int64 // if set, will try to find the user by id
++ Email *string // if set, will try to find the user by email
++ Login *string // if set, will try to find the user by login
++}
++
+ type GetExternalUserInfoByLoginQuery struct {
+ LoginOrEmail string
+
+diff --git a/pkg/services/contexthandler/authproxy/authproxy.go b/pkg/services/contexthandler/authproxy/authproxy.go
+index 80e5a5b9e0..0d834748a7 100644
+--- a/pkg/services/contexthandler/authproxy/authproxy.go
++++ b/pkg/services/contexthandler/authproxy/authproxy.go
+@@ -246,6 +246,11 @@ func (auth *AuthProxy) LoginViaLDAP() (int64, error) {
+ ReqContext: auth.ctx,
+ SignupAllowed: auth.cfg.LDAPAllowSignup,
+ ExternalUser: extUser,
++ UserLookupParams: models.UserLookupParams{
++ Login: &extUser.Login,
++ Email: &extUser.Email,
++ UserID: nil,
++ },
+ }
+ if err := bus.Dispatch(upsert); err != nil {
+ return 0, err
+@@ -288,6 +293,11 @@ func (auth *AuthProxy) LoginViaHeader() (int64, error) {
+ ReqContext: auth.ctx,
+ SignupAllowed: auth.cfg.AuthProxyAutoSignUp,
+ ExternalUser: extUser,
++ UserLookupParams: models.UserLookupParams{
++ UserID: nil,
++ Login: &extUser.Login,
++ Email: &extUser.Email,
++ },
+ }
+
+ err := bus.Dispatch(upsert)
+diff --git a/pkg/services/login/login.go b/pkg/services/login/login.go
+index 9e08a36b06..b74d1d3e8f 100644
+--- a/pkg/services/login/login.go
++++ b/pkg/services/login/login.go
+@@ -37,11 +37,9 @@ func (ls *LoginService) UpsertUser(cmd *models.UpsertUserCommand) error {
+ extUser := cmd.ExternalUser
+
+ userQuery := &models.GetUserByAuthInfoQuery{
+- AuthModule: extUser.AuthModule,
+- AuthId: extUser.AuthId,
+- UserId: extUser.UserId,
+- Email: extUser.Email,
+- Login: extUser.Login,
++ AuthModule: extUser.AuthModule,
++ AuthId: extUser.AuthId,
++ UserLookupParams: cmd.UserLookupParams,
+ }
+ if err := bus.Dispatch(userQuery); err != nil {
+ if !errors.Is(err, models.ErrUserNotFound) {
+diff --git a/pkg/services/login/login_test.go b/pkg/services/login/login_test.go
+index 04953b567a..dd84ee29c8 100644
+--- a/pkg/services/login/login_test.go
++++ b/pkg/services/login/login_test.go
+@@ -82,10 +82,12 @@ func Test_teamSync(t *testing.T) {
+ QuotaService: "a.QuotaService{},
+ }
+
+- upserCmd := &models.UpsertUserCommand{ExternalUser: &models.ExternalUserInfo{Email: "test_user@example.org"}}
++ email := "test_user@example.org"
++ upserCmd := &models.UpsertUserCommand{ExternalUser: &models.ExternalUserInfo{Email: email},
++ UserLookupParams: models.UserLookupParams{Email: &email}}
+ expectedUser := &models.User{
+ Id: 1,
+- Email: "test_user@example.org",
++ Email: email,
+ Name: "test_user",
+ Login: "test_user",
+ }
+diff --git a/pkg/services/sqlstore/user_auth.go b/pkg/services/sqlstore/user_auth.go
+index 9605ccce76..f6f0e510bc 100644
+--- a/pkg/services/sqlstore/user_auth.go
++++ b/pkg/services/sqlstore/user_auth.go
+@@ -40,11 +40,12 @@ func GetUserByAuthInfo(query *models.GetUserByAuthInfoQuery) error {
+ }
+
+ // if user id was specified and doesn't match the user_auth entry, remove it
+- if query.UserId != 0 && query.UserId != authQuery.Result.UserId {
+- err = DeleteAuthInfo(&models.DeleteAuthInfoCommand{
++ if query.UserLookupParams.UserID != nil &&
++ *query.UserLookupParams.UserID != 0 &&
++ *query.UserLookupParams.UserID != authQuery.Result.UserId {
++ if err := DeleteAuthInfo(&models.DeleteAuthInfoCommand{
+ UserAuth: authQuery.Result,
+- })
+- if err != nil {
++ }); err != nil {
+ sqlog.Error("Error removing user_auth entry", "error", err)
+ }
+
+@@ -70,17 +71,18 @@ func GetUserByAuthInfo(query *models.GetUserByAuthInfoQuery) error {
+ }
+ }
+
++ params := query.UserLookupParams
+ // If not found, try to find the user by id
+- if !has && query.UserId != 0 {
+- has, err = x.Id(query.UserId).Get(user)
++ if !has && params.UserID != nil && *params.UserID != 0 {
++ has, err = x.Id(*params.UserID).Get(user)
+ if err != nil {
+ return err
+ }
+ }
+
+ // If not found, try to find the user by email address
+- if !has && query.Email != "" {
+- user = &models.User{Email: query.Email}
++ if !has && params.Email != nil && *params.Email != "" {
++ user = &models.User{Email: *params.Email}
+ has, err = x.Get(user)
+ if err != nil {
+ return err
+@@ -88,8 +90,8 @@ func GetUserByAuthInfo(query *models.GetUserByAuthInfoQuery) error {
+ }
+
+ // If not found, try to find the user by login
+- if !has && query.Login != "" {
+- user = &models.User{Login: query.Login}
++ if !has && params.Login != nil && *params.Login != "" {
++ user = &models.User{Login: *params.Login}
+ has, err = x.Get(user)
+ if err != nil {
+ return err
+diff --git a/pkg/services/sqlstore/user_auth_test.go b/pkg/services/sqlstore/user_auth_test.go
+index e5bb2379e5..d94ce34edb 100644
+--- a/pkg/services/sqlstore/user_auth_test.go
++++ b/pkg/services/sqlstore/user_auth_test.go
+@@ -45,7 +45,7 @@ func TestUserAuth(t *testing.T) {
+ // By Login
+ login := "loginuser0"
+
+- query := &models.GetUserByAuthInfoQuery{Login: login}
++ query := &models.GetUserByAuthInfoQuery{UserLookupParams: models.UserLookupParams{Login: &login}}
+ err = GetUserByAuthInfo(query)
+
+ So(err, ShouldBeNil)
+@@ -54,7 +54,7 @@ func TestUserAuth(t *testing.T) {
+ // By ID
+ id := query.Result.Id
+
+- query = &models.GetUserByAuthInfoQuery{UserId: id}
++ query = &models.GetUserByAuthInfoQuery{UserLookupParams: models.UserLookupParams{UserID: &id}}
+ err = GetUserByAuthInfo(query)
+
+ So(err, ShouldBeNil)
+@@ -63,7 +63,7 @@ func TestUserAuth(t *testing.T) {
+ // By Email
+ email := "user1@test.com"
+
+- query = &models.GetUserByAuthInfoQuery{Email: email}
++ query = &models.GetUserByAuthInfoQuery{UserLookupParams: models.UserLookupParams{Email: &email}}
+ err = GetUserByAuthInfo(query)
+
+ So(err, ShouldBeNil)
+@@ -72,7 +72,7 @@ func TestUserAuth(t *testing.T) {
+ // Don't find nonexistent user
+ email = "nonexistent@test.com"
+
+- query = &models.GetUserByAuthInfoQuery{Email: email}
++ query = &models.GetUserByAuthInfoQuery{UserLookupParams: models.UserLookupParams{Email: &email}}
+ err = GetUserByAuthInfo(query)
+
+ So(err, ShouldEqual, models.ErrUserNotFound)
+@@ -90,7 +90,7 @@ func TestUserAuth(t *testing.T) {
+ // create user_auth entry
+ login := "loginuser0"
+
+- query.Login = login
++ query.UserLookupParams.Login = &login
+ err = GetUserByAuthInfo(query)
+
+ So(err, ShouldBeNil)
+@@ -104,9 +104,9 @@ func TestUserAuth(t *testing.T) {
+ So(query.Result.Login, ShouldEqual, login)
+
+ // get with non-matching id
+- id := query.Result.Id
++ idPlusOne := query.Result.Id + 1
+
+- query.UserId = id + 1
++ query.UserLookupParams.UserID = &idPlusOne
+ err = GetUserByAuthInfo(query)
+
+ So(err, ShouldBeNil)
+@@ -143,7 +143,7 @@ func TestUserAuth(t *testing.T) {
+ login := "loginuser0"
+
+ // Calling GetUserByAuthInfoQuery on an existing user will populate an entry in the user_auth table
+- query := &models.GetUserByAuthInfoQuery{Login: login, AuthModule: "test", AuthId: "test"}
++ query := &models.GetUserByAuthInfoQuery{AuthModule: "test", AuthId: "test", UserLookupParams: models.UserLookupParams{Login: &login}}
+ err = GetUserByAuthInfo(query)
+
+ So(err, ShouldBeNil)
+@@ -178,7 +178,7 @@ func TestUserAuth(t *testing.T) {
+ // Calling GetUserByAuthInfoQuery on an existing user will populate an entry in the user_auth table
+ // Make the first log-in during the past
+ getTime = func() time.Time { return time.Now().AddDate(0, 0, -2) }
+- query := &models.GetUserByAuthInfoQuery{Login: login, AuthModule: "test1", AuthId: "test1"}
++ query := &models.GetUserByAuthInfoQuery{AuthModule: "test1", AuthId: "test1", UserLookupParams: models.UserLookupParams{Login: &login}}
+ err = GetUserByAuthInfo(query)
+ getTime = time.Now
+
+@@ -188,7 +188,7 @@ func TestUserAuth(t *testing.T) {
+ // Add a second auth module for this user
+ // Have this module's last log-in be more recent
+ getTime = func() time.Time { return time.Now().AddDate(0, 0, -1) }
+- query = &models.GetUserByAuthInfoQuery{Login: login, AuthModule: "test2", AuthId: "test2"}
++ query = &models.GetUserByAuthInfoQuery{AuthModule: "test2", AuthId: "test2", UserLookupParams: models.UserLookupParams{Login: &login}}
+ err = GetUserByAuthInfo(query)
+ getTime = time.Now
+
+diff --git a/pkg/services/sqlstore/user_test.go b/pkg/services/sqlstore/user_test.go
+index 7da19f0ef4..aa796ffb02 100644
+--- a/pkg/services/sqlstore/user_test.go
++++ b/pkg/services/sqlstore/user_test.go
+@@ -455,7 +455,7 @@ func TestUserDataAccess(t *testing.T) {
+ // Calling GetUserByAuthInfoQuery on an existing user will populate an entry in the user_auth table
+ // Make the first log-in during the past
+ getTime = func() time.Time { return time.Now().AddDate(0, 0, -2) }
+- query := &models.GetUserByAuthInfoQuery{Login: login, AuthModule: "ldap", AuthId: "ldap0"}
++ query := &models.GetUserByAuthInfoQuery{AuthModule: "ldap", AuthId: "ldap0", UserLookupParams: models.UserLookupParams{Login: &login}}
+ err := GetUserByAuthInfo(query)
+ getTime = time.Now
+
+@@ -465,7 +465,7 @@ func TestUserDataAccess(t *testing.T) {
+ // Add a second auth module for this user
+ // Have this module's last log-in be more recent
+ getTime = func() time.Time { return time.Now().AddDate(0, 0, -1) }
+- query = &models.GetUserByAuthInfoQuery{Login: login, AuthModule: "oauth", AuthId: "oauth0"}
++ query = &models.GetUserByAuthInfoQuery{AuthModule: "oauth", AuthId: "oauth0", UserLookupParams: models.UserLookupParams{Login: &login}}
+ err = GetUserByAuthInfo(query)
+ getTime = time.Now
+
+@@ -511,7 +511,7 @@ func TestUserDataAccess(t *testing.T) {
+ // Calling GetUserByAuthInfoQuery on an existing user will populate an entry in the user_auth table
+ // Make the first log-in during the past
+ getTime = func() time.Time { return time.Now().AddDate(0, 0, -2) }
+- query := &models.GetUserByAuthInfoQuery{Login: login, AuthModule: "ldap", AuthId: fmt.Sprint("ldap", i)}
++ query := &models.GetUserByAuthInfoQuery{AuthModule: "ldap", AuthId: fmt.Sprint("ldap", i), UserLookupParams: models.UserLookupParams{Login: &login}}
+ err := GetUserByAuthInfo(query)
+ getTime = time.Now
+
+@@ -522,7 +522,7 @@ func TestUserDataAccess(t *testing.T) {
+ // Log in first user with oauth
+ login := "loginuser0"
+ getTime = func() time.Time { return time.Now().AddDate(0, 0, -1) }
+- query := &models.GetUserByAuthInfoQuery{Login: login, AuthModule: "oauth", AuthId: "oauth0"}
++ query := &models.GetUserByAuthInfoQuery{AuthModule: "oauth", AuthId: "oauth0", UserLookupParams: models.UserLookupParams{Login: &login}}
+ err := GetUserByAuthInfo(query)
+ getTime = time.Now
+
diff --git a/SOURCES/Makefile b/SOURCES/Makefile
index dab531d..9389d7b 100644
--- a/SOURCES/Makefile
+++ b/SOURCES/Makefile
@@ -1,5 +1,7 @@
VERSION := $(shell rpm --specfile *.spec --qf '%{VERSION}\n' | head -1)
RELEASE := $(shell rpm --specfile *.spec --qf '%{RELEASE}\n' | head -1 | cut -d. -f1)
+CHANGELOGTIME := $(shell rpm --specfile *.spec --qf '%{CHANGELOGTIME}\n' | head -1)
+SOURCE_DATE_EPOCH := $(shell echo $$(( $(CHANGELOGTIME) - $(CHANGELOGTIME) % 86400 )))
NAME := grafana
RPM_NAME := $(NAME)
@@ -13,11 +15,15 @@ WEBPACK_TAR := $(RPM_NAME)-webpack-$(VERSION)-$(RELEASE).tar.gz
# - changes in Go module imports (which affect the vendored Go modules)
PATCHES_PRE_VENDOR := \
005-remove-unused-dependencies.patch \
- 008-remove-unused-frontend-crypto.patch
+ 008-remove-unused-frontend-crypto.patch \
+ 012-support-go1.18.patch \
+ 013-CVE-2021-23648.patch \
+ 014-CVE-2022-21698.patch
# patches which must be applied before creating the webpack, for example:
# - changes in Node.js sources or vendored dependencies
-PATCHES_PRE_WEBPACK :=
+PATCHES_PRE_WEBPACK := \
+ 008-remove-unused-frontend-crypto.patch
all: $(SOURCE_TAR) $(VENDOR_TAR) $(WEBPACK_TAR)
@@ -26,9 +32,9 @@ $(SOURCE_TAR):
spectool -g $(RPM_NAME).spec
$(VENDOR_TAR): $(SOURCE_TAR)
- # start with a clean state
+ # Start with a clean state
rm -rf $(SOURCE_DIR)
- tar xf $(SOURCE_TAR)
+ tar pxf $(SOURCE_TAR)
# Patches to apply before vendoring
for patch in $(PATCHES_PRE_VENDOR); do echo applying $$patch ...; patch -d $(SOURCE_DIR) -p1 --fuzz=0 < $$patch; done
@@ -46,7 +52,7 @@ $(VENDOR_TAR): $(SOURCE_TAR)
sed -E 's/=(.*)-(.*)-(.*)/=\1-\2.\3/g' > $@.manifest
# Node.js
- cd $(SOURCE_DIR) && yarn install --pure-lockfile
+ cd $(SOURCE_DIR) && yarn install --frozen-lockfile
# Remove files with licensing issues
find $(SOURCE_DIR) -type d -name 'node-notifier' -prune -exec rm -r {} \;
find $(SOURCE_DIR) -type d -name 'property-information' -prune -exec rm -r {} \;
@@ -55,23 +61,36 @@ $(VENDOR_TAR): $(SOURCE_TAR)
./list_bundled_nodejs_packages.py $(SOURCE_DIR) >> $@.manifest
# Create tarball
- XZ_OPT=-9 time -p tar cJf $@ \
+ XZ_OPT=-9 tar \
+ --sort=name \
+ --mtime="@$(SOURCE_DATE_EPOCH)" --clamp-mtime \
+ --owner=0 --group=0 --numeric-owner \
+ -cJf $@ \
$(SOURCE_DIR)/vendor \
- $$(find $(SOURCE_DIR) -type d -name "node_modules" -prune)
+ $$(find $(SOURCE_DIR) -type d -name "node_modules" -prune | LC_ALL=C sort)
$(WEBPACK_TAR): $(VENDOR_TAR)
- # start with a clean state
+ # Start with a clean state
rm -rf $(SOURCE_DIR)
- tar xf $(SOURCE_TAR)
- tar xf $(VENDOR_TAR)
+ tar pxf $(SOURCE_TAR)
+ tar pxf $(VENDOR_TAR)
# Patches to apply before creating the webpack
for patch in $(PATCHES_PRE_WEBPACK); do echo applying $$patch ...; patch -d $(SOURCE_DIR) -p1 --fuzz=0 < $$patch; done
+ # Build frontend
cd $(SOURCE_DIR) && \
../build_frontend.sh
- tar cfz $@ $(SOURCE_DIR)/public/build $(SOURCE_DIR)/public/views $(SOURCE_DIR)/plugins-bundled
+ # Create tarball
+ tar \
+ --sort=name \
+ --mtime="@$(SOURCE_DATE_EPOCH)" --clamp-mtime \
+ --owner=0 --group=0 --numeric-owner \
+ -czf $@ \
+ $(SOURCE_DIR)/public/build \
+ $(SOURCE_DIR)/public/views \
+ $(SOURCE_DIR)/plugins-bundled
clean:
rm -rf *.tar.gz *.tar.xz *.manifest *.rpm $(NAME)-*/
diff --git a/SOURCES/create_bundles_in_container.sh b/SOURCES/create_bundles_in_container.sh
new file mode 100755
index 0000000..c3a1ce4
--- /dev/null
+++ b/SOURCES/create_bundles_in_container.sh
@@ -0,0 +1,19 @@
+#!/bin/bash -eu
+#
+# create vendor and webpack bundles inside a container for reproducibility
+#
+
+cat <<EOF | podman build -t grafana-build -f - .
+FROM fedora:35
+
+RUN dnf upgrade -y && \
+ dnf install -y rpmdevtools python3-packaging make golang nodejs yarnpkg
+
+WORKDIR /tmp/grafana-build
+COPY Makefile grafana.spec *.patch build_frontend.sh list_bundled_nodejs_packages.py .
+RUN mkdir bundles
+CMD make && mv *.tar.* bundles
+EOF
+
+podman run --name grafana-build --replace "$@" grafana-build
+podman cp grafana-build:bundles/. .
diff --git a/SOURCES/list_bundled_nodejs_packages.py b/SOURCES/list_bundled_nodejs_packages.py
index 3158c2c..76fe443 100755
--- a/SOURCES/list_bundled_nodejs_packages.py
+++ b/SOURCES/list_bundled_nodejs_packages.py
@@ -2,25 +2,38 @@
#
# generates Provides: bundled(npm(...)) = ... lines for each declared dependency and devDependency of package.json
#
+import os
import sys
import json
import re
from packaging import version
+def scan_package_json(package_dir):
+ for root, dirs, files in os.walk(package_dir, topdown=True):
+ dirs[:] = [d for d in dirs if d not in ["node_modules", "vendor"]]
+ if "package.json" in files:
+ yield os.path.join(root, "package.json")
+
+
def read_declared_pkgs(package_json_path):
with open(package_json_path) as f:
package_json = json.load(f)
- return list(package_json['dependencies'].keys()) + list(package_json['devDependencies'].keys())
+ return list(package_json.get("dependencies", {}).keys()) + list(
+ package_json.get("devDependencies", {}).keys()
+ )
def read_installed_pkgs(yarn_lock_path):
with open(yarn_lock_path) as f:
lockfile = f.read()
- return re.findall(r'^"?' # can start with a "
- r'(.+?)@.+(?:,.*)?:\n' # characters up to @
- r' version "(.+)"', # and the version
- lockfile, re.MULTILINE)
+ return re.findall(
+ r'^"?' # can start with a "
+ r"(.+?)@.+(?:,.*)?:\n" # characters up to @
+ r' version "(.+)"', # and the version
+ lockfile,
+ re.MULTILINE,
+ )
def list_provides(declared_pkgs, installed_pkgs):
@@ -28,8 +41,16 @@ def list_provides(declared_pkgs, installed_pkgs):
# there can be multiple versions installed of one package (transitive dependencies)
# but rpm doesn't support Provides: with a single package and multiple versions
# so let's declare the oldest version here
- versions = [version.parse(pkg_version)
- for pkg_name, pkg_version in installed_pkgs if pkg_name == declared_pkg]
+ versions = [
+ version.parse(pkg_version)
+ for pkg_name, pkg_version in installed_pkgs
+ if pkg_name == declared_pkg
+ ]
+
+ if not versions:
+ print(f"warning: {declared_pkg} missing in yarn.lock", file=sys.stderr)
+ continue
+
oldest_version = sorted(versions)[0]
yield f"Provides: bundled(npm({declared_pkg})) = {oldest_version}"
@@ -40,7 +61,9 @@ if __name__ == "__main__":
sys.exit(1)
package_dir = sys.argv[1]
- declared_pkgs = read_declared_pkgs(f"{package_dir}/package.json")
+ declared_pkgs = []
+ for package_json_path in scan_package_json(package_dir):
+ declared_pkgs.extend(read_declared_pkgs(package_json_path))
installed_pkgs = read_installed_pkgs(f"{package_dir}/yarn.lock")
provides = list_provides(declared_pkgs, installed_pkgs)
for provide in sorted(provides):
diff --git a/SPECS/grafana.spec b/SPECS/grafana.spec
index 218af28..0a96dc0 100644
--- a/SPECS/grafana.spec
+++ b/SPECS/grafana.spec
@@ -29,8 +29,8 @@ end}
%endif
Name: grafana
-Version: 7.5.11
-Release: 2%{?dist}
+Version: 7.5.15
+Release: 3%{?dist}
Summary: Metrics dashboard and graph editor
License: ASL 2.0
URL: https://grafana.org
@@ -53,7 +53,7 @@ Source2: grafana-webpack-%{version}-1.tar.gz
# Source3 contains Grafana configuration defaults for distributions
Source3: distro-defaults.ini
-# Source4 contains the Makefile to create the required bundles
+# Source4 contains the Makefile to create the vendor and webpack bundles
Source4: Makefile
# Source5 contains the script to build the frontend
@@ -62,6 +62,9 @@ Source5: build_frontend.sh
# Source6 contains the script to generate the list of bundled nodejs packages
Source6: list_bundled_nodejs_packages.py
+# Source7 contains the script to create the vendor and webpack bundles in a container
+Source7: create_bundles_in_container.sh
+
# Patches
Patch1: 001-wrappers-grafana-cli.patch
Patch2: 002-manpages.patch
@@ -91,7 +94,15 @@ Patch9: 009-patch-unused-backend-crypto.patch
# if FIPS mode is enabled.
Patch10: 010-fips.patch
-Patch11: 011-CVE-2021-43813.patch
+Patch11: 011-use-hmac-sha-256-for-password-reset-tokens.patch
+
+Patch12: 012-support-go1.18.patch
+
+Patch13: 013-CVE-2021-23648.patch
+
+Patch14: 014-CVE-2022-21698.patch
+Patch15: 015-CVE-2022-21698.vendor.patch
+Patch16: 016-fix-CVE-2022-31107.patch
# Intersection of go_arches and nodejs_arches
ExclusiveArch: %{grafana_arches}
@@ -177,7 +188,7 @@ Provides: bundled(golang(github.com/go-stack/stack)) = 1.8.0
Provides: bundled(golang(github.com/gobwas/glob)) = 0.2.3
Provides: bundled(golang(github.com/golang/mock)) = 1.5.0
Provides: bundled(golang(github.com/golang/protobuf)) = 1.4.3
-Provides: bundled(golang(github.com/google/go-cmp)) = 0.5.4
+Provides: bundled(golang(github.com/google/go-cmp)) = 0.5.7
Provides: bundled(golang(github.com/google/uuid)) = 1.2.0
Provides: bundled(golang(github.com/gosimple/slug)) = 1.9.0
Provides: bundled(golang(github.com/grafana/grafana-aws-sdk)) = 0.4.0
@@ -192,7 +203,7 @@ Provides: bundled(golang(github.com/inconshreveable/log15)) = 0.0.0-201808181646
Provides: bundled(golang(github.com/influxdata/influxdb-client-go/v2)) = 2.2.0
Provides: bundled(golang(github.com/jaegertracing/jaeger)) = 1.22.1-0.20210304164023.2fff3ca58910
Provides: bundled(golang(github.com/jmespath/go-jmespath)) = 0.4.0
-Provides: bundled(golang(github.com/json-iterator/go)) = 1.1.10
+Provides: bundled(golang(github.com/json-iterator/go)) = 1.1.12
Provides: bundled(golang(github.com/lib/pq)) = 1.9.0
Provides: bundled(golang(github.com/linkedin/goavro/v2)) = 2.10.0
Provides: bundled(golang(github.com/magefile/mage)) = 1.11.0
@@ -202,9 +213,9 @@ Provides: bundled(golang(github.com/mwitkow/go-conntrack)) = 0.0.0-2019071606494
Provides: bundled(golang(github.com/opentracing/opentracing-go)) = 1.2.0
Provides: bundled(golang(github.com/patrickmn/go-cache)) = 2.1.0+incompatible
Provides: bundled(golang(github.com/pkg/errors)) = 0.9.1
-Provides: bundled(golang(github.com/prometheus/client_golang)) = 1.9.0
+Provides: bundled(golang(github.com/prometheus/client_golang)) = 1.11.1
Provides: bundled(golang(github.com/prometheus/client_model)) = 0.2.0
-Provides: bundled(golang(github.com/prometheus/common)) = 0.18.0
+Provides: bundled(golang(github.com/prometheus/common)) = 0.26.0
Provides: bundled(golang(github.com/robfig/cron)) = 0.0.0-20180505203441.b41be1df6967
Provides: bundled(golang(github.com/robfig/cron/v3)) = 3.0.1
Provides: bundled(golang(github.com/russellhaering/goxmldsig)) = 1.1.0
@@ -221,11 +232,11 @@ Provides: bundled(golang(github.com/xorcare/pointer)) = 1.1.0
Provides: bundled(golang(github.com/yudai/gojsondiff)) = 1.0.0
Provides: bundled(golang(go.opentelemetry.io/collector)) = 0.21.0
Provides: bundled(golang(golang.org/x/crypto)) = 0.0.0-20201221181555.eec23a3978ad
-Provides: bundled(golang(golang.org/x/net)) = 0.0.0-20210119194325.5f4716e94777
+Provides: bundled(golang(golang.org/x/net)) = 0.0.0-20211015210444.4f30a5c0130f
Provides: bundled(golang(golang.org/x/oauth2)) = 0.0.0-20210113205817.d3ed898aa8a3
-Provides: bundled(golang(golang.org/x/sync)) = 0.0.0-20201207232520.09787c993a3a
+Provides: bundled(golang(golang.org/x/sync)) = 0.0.0-20210220032951.036812b2e83c
Provides: bundled(golang(golang.org/x/time)) = 0.0.0-20200630173020.3af7569d3a1e
-Provides: bundled(golang(gonum.org/v1/gonum)) = 0.8.2
+Provides: bundled(golang(gonum.org/v1/gonum)) = 0.11.0
Provides: bundled(golang(google.golang.org/api)) = 0.40.0
Provides: bundled(golang(google.golang.org/grpc)) = 1.36.0
Provides: bundled(golang(gopkg.in/ini.v1)) = 1.62.0
@@ -238,79 +249,184 @@ Provides: bundled(golang(gopkg.in/yaml.v2)) = 2.4.0
Provides: bundled(golang(xorm.io/core)) = 0.7.3
Provides: bundled(golang(xorm.io/xorm)) = 0.8.2
Provides: bundled(npm(@babel/core)) = 7.6.4
+Provides: bundled(npm(@babel/core)) = 7.6.4
Provides: bundled(npm(@babel/plugin-proposal-nullish-coalescing-operator)) = 7.8.3
Provides: bundled(npm(@babel/plugin-proposal-optional-chaining)) = 7.8.3
Provides: bundled(npm(@babel/plugin-syntax-dynamic-import)) = 7.7.4
Provides: bundled(npm(@babel/preset-env)) = 7.7.4
+Provides: bundled(npm(@babel/preset-env)) = 7.7.4
Provides: bundled(npm(@babel/preset-react)) = 7.8.3
Provides: bundled(npm(@babel/preset-typescript)) = 7.8.3
+Provides: bundled(npm(@braintree/sanitize-url)) = 6.0.0
+Provides: bundled(npm(@cypress/webpack-preprocessor)) = 4.1.3
+Provides: bundled(npm(@emotion/core)) = 10.0.21
Provides: bundled(npm(@emotion/core)) = 10.0.21
Provides: bundled(npm(@grafana/api-documenter)) = 7.11.2
Provides: bundled(npm(@grafana/api-extractor)) = 7.10.1
Provides: bundled(npm(@grafana/aws-sdk)) = 0.0.3
+Provides: bundled(npm(@grafana/aws-sdk)) = 0.0.3
Provides: bundled(npm(@grafana/eslint-config)) = 2.3.0
+Provides: bundled(npm(@grafana/eslint-config)) = 2.3.0
+Provides: bundled(npm(@grafana/slate-react)) = 0.22.9-grafana
Provides: bundled(npm(@grafana/slate-react)) = 0.22.9-grafana
+Provides: bundled(npm(@grafana/tsconfig)) = 1.0.0rc1
+Provides: bundled(npm(@grafana/tsconfig)) = 1.0.0rc1
+Provides: bundled(npm(@grafana/tsconfig)) = 1.0.0rc1
+Provides: bundled(npm(@grafana/tsconfig)) = 1.0.0rc1
+Provides: bundled(npm(@grafana/tsconfig)) = 1.0.0rc1
+Provides: bundled(npm(@grafana/tsconfig)) = 1.0.0rc1
+Provides: bundled(npm(@iconscout/react-unicons)) = 1.1.4
+Provides: bundled(npm(@mochajs/json-file-reporter)) = 1.2.0
+Provides: bundled(npm(@popperjs/core)) = 2.5.4
Provides: bundled(npm(@popperjs/core)) = 2.5.4
Provides: bundled(npm(@reduxjs/toolkit)) = 1.5.0
+Provides: bundled(npm(@rollup/plugin-commonjs)) = 16.0.0
+Provides: bundled(npm(@rollup/plugin-commonjs)) = 16.0.0
+Provides: bundled(npm(@rollup/plugin-commonjs)) = 16.0.0
+Provides: bundled(npm(@rollup/plugin-commonjs)) = 16.0.0
+Provides: bundled(npm(@rollup/plugin-commonjs)) = 16.0.0
+Provides: bundled(npm(@rollup/plugin-image)) = 2.0.5
+Provides: bundled(npm(@rollup/plugin-json)) = 4.1.0
+Provides: bundled(npm(@rollup/plugin-node-resolve)) = 10.0.0
+Provides: bundled(npm(@rollup/plugin-node-resolve)) = 10.0.0
+Provides: bundled(npm(@rollup/plugin-node-resolve)) = 10.0.0
+Provides: bundled(npm(@rollup/plugin-node-resolve)) = 10.0.0
+Provides: bundled(npm(@rollup/plugin-node-resolve)) = 10.0.0
Provides: bundled(npm(@rtsao/plugin-proposal-class-properties)) = 7.0.1-patch.1
Provides: bundled(npm(@sentry/browser)) = 5.25.0
+Provides: bundled(npm(@sentry/browser)) = 5.25.0
Provides: bundled(npm(@sentry/types)) = 5.24.2
Provides: bundled(npm(@sentry/utils)) = 5.24.2
+Provides: bundled(npm(@storybook/addon-controls)) = 6.1.15
+Provides: bundled(npm(@storybook/addon-essentials)) = 6.1.15
+Provides: bundled(npm(@storybook/addon-knobs)) = 6.1.15
+Provides: bundled(npm(@storybook/addon-storysource)) = 6.1.15
+Provides: bundled(npm(@storybook/react)) = 6.1.15
+Provides: bundled(npm(@storybook/theming)) = 6.1.15
+Provides: bundled(npm(@testing-library/jest-dom)) = 5.11.5
Provides: bundled(npm(@testing-library/jest-dom)) = 5.11.5
Provides: bundled(npm(@testing-library/react)) = 11.1.2
Provides: bundled(npm(@testing-library/react-hooks)) = 3.2.1
Provides: bundled(npm(@testing-library/user-event)) = 12.1.3
Provides: bundled(npm(@torkelo/react-select)) = 3.0.8
+Provides: bundled(npm(@torkelo/react-select)) = 3.0.8
Provides: bundled(npm(@types/angular)) = 1.6.56
Provides: bundled(npm(@types/angular-route)) = 1.7.0
Provides: bundled(npm(@types/antlr4)) = 4.7.1
-Provides: bundled(npm(@types/braintree__sanitize-url)) = 4.0.0
+Provides: bundled(npm(@types/classnames)) = 2.2.7
+Provides: bundled(npm(@types/classnames)) = 2.2.7
Provides: bundled(npm(@types/classnames)) = 2.2.7
Provides: bundled(npm(@types/clipboard)) = 2.0.1
+Provides: bundled(npm(@types/command-exists)) = 1.2.0
Provides: bundled(npm(@types/common-tags)) = 1.8.0
+Provides: bundled(npm(@types/common-tags)) = 1.8.0
+Provides: bundled(npm(@types/d3)) = 5.7.2
Provides: bundled(npm(@types/d3)) = 5.7.2
Provides: bundled(npm(@types/d3-force)) = 1.2.1
+Provides: bundled(npm(@types/d3-interpolate)) = 1.3.1
Provides: bundled(npm(@types/d3-scale-chromatic)) = 1.3.1
Provides: bundled(npm(@types/debounce-promise)) = 3.1.3
+Provides: bundled(npm(@types/deep-freeze)) = 0.1.2
Provides: bundled(npm(@types/enzyme)) = 3.10.3
Provides: bundled(npm(@types/enzyme-adapter-react-16)) = 1.0.6
+Provides: bundled(npm(@types/expect-puppeteer)) = 3.3.1
Provides: bundled(npm(@types/file-saver)) = 2.0.1
+Provides: bundled(npm(@types/fs-extra)) = 8.1.0
+Provides: bundled(npm(@types/hoist-non-react-statics)) = 3.3.1
+Provides: bundled(npm(@types/hoist-non-react-statics)) = 3.3.1
Provides: bundled(npm(@types/hoist-non-react-statics)) = 3.3.1
+Provides: bundled(npm(@types/inquirer)) = 6.5.0
Provides: bundled(npm(@types/is-hotkey)) = 0.1.1
Provides: bundled(npm(@types/jest)) = 26.0.12
+Provides: bundled(npm(@types/jest)) = 26.0.12
+Provides: bundled(npm(@types/jest)) = 26.0.12
+Provides: bundled(npm(@types/jest)) = 26.0.12
+Provides: bundled(npm(@types/jest)) = 26.0.12
+Provides: bundled(npm(@types/jquery)) = 3.3.38
+Provides: bundled(npm(@types/jquery)) = 3.3.38
Provides: bundled(npm(@types/jquery)) = 3.3.38
Provides: bundled(npm(@types/jsurl)) = 1.2.28
Provides: bundled(npm(@types/lodash)) = 4.14.123
+Provides: bundled(npm(@types/lodash)) = 4.14.123
+Provides: bundled(npm(@types/lodash)) = 4.14.123
+Provides: bundled(npm(@types/lodash)) = 4.14.123
Provides: bundled(npm(@types/lru-cache)) = 5.1.0
+Provides: bundled(npm(@types/marked)) = 1.1.0
Provides: bundled(npm(@types/md5)) = 2.1.33
+Provides: bundled(npm(@types/mock-raf)) = 1.0.2
+Provides: bundled(npm(@types/moment)) = 2.13.0
Provides: bundled(npm(@types/moment-timezone)) = 0.5.13
Provides: bundled(npm(@types/mousetrap)) = 1.6.3
Provides: bundled(npm(@types/node)) = 10.14.1
+Provides: bundled(npm(@types/node)) = 10.14.1
+Provides: bundled(npm(@types/node)) = 10.14.1
+Provides: bundled(npm(@types/node)) = 10.14.1
+Provides: bundled(npm(@types/node)) = 10.14.1
+Provides: bundled(npm(@types/node)) = 10.14.1
+Provides: bundled(npm(@types/papaparse)) = 5.2.0
Provides: bundled(npm(@types/papaparse)) = 5.2.0
+Provides: bundled(npm(@types/papaparse)) = 5.2.0
+Provides: bundled(npm(@types/prettier)) = 1.18.3
Provides: bundled(npm(@types/prismjs)) = 1.16.0
+Provides: bundled(npm(@types/puppeteer-core)) = 1.9.0
+Provides: bundled(npm(@types/react)) = 16.9.9
Provides: bundled(npm(@types/react)) = 16.9.9
+Provides: bundled(npm(@types/react)) = 16.9.9
+Provides: bundled(npm(@types/react-beautiful-dnd)) = 12.1.2
Provides: bundled(npm(@types/react-beautiful-dnd)) = 12.1.2
+Provides: bundled(npm(@types/react-color)) = 3.0.1
+Provides: bundled(npm(@types/react-custom-scrollbars)) = 4.0.5
+Provides: bundled(npm(@types/react-dev-utils)) = 9.0.4
Provides: bundled(npm(@types/react-dom)) = 16.9.2
Provides: bundled(npm(@types/react-grid-layout)) = 1.1.1
+Provides: bundled(npm(@types/react-icons)) = 2.2.7
Provides: bundled(npm(@types/react-loadable)) = 5.5.2
Provides: bundled(npm(@types/react-redux)) = 7.1.7
Provides: bundled(npm(@types/react-select)) = 3.0.8
+Provides: bundled(npm(@types/react-select)) = 3.0.8
+Provides: bundled(npm(@types/react-table)) = 7.0.12
+Provides: bundled(npm(@types/react-test-renderer)) = 16.9.1
Provides: bundled(npm(@types/react-test-renderer)) = 16.9.1
Provides: bundled(npm(@types/react-transition-group)) = 4.2.3
+Provides: bundled(npm(@types/react-transition-group)) = 4.2.3
Provides: bundled(npm(@types/react-virtualized-auto-sizer)) = 1.0.0
Provides: bundled(npm(@types/react-window)) = 1.8.1
+Provides: bundled(npm(@types/recompose)) = 0.30.7
Provides: bundled(npm(@types/redux-logger)) = 3.0.7
Provides: bundled(npm(@types/redux-mock-store)) = 1.0.2
Provides: bundled(npm(@types/reselect)) = 2.2.0
+Provides: bundled(npm(@types/rimraf)) = 2.0.3
+Provides: bundled(npm(@types/rollup-plugin-visualizer)) = 2.6.0
+Provides: bundled(npm(@types/rollup-plugin-visualizer)) = 2.6.0
+Provides: bundled(npm(@types/rollup-plugin-visualizer)) = 2.6.0
+Provides: bundled(npm(@types/rollup-plugin-visualizer)) = 2.6.0
+Provides: bundled(npm(@types/rollup-plugin-visualizer)) = 2.6.0
+Provides: bundled(npm(@types/semver)) = 6.0.2
+Provides: bundled(npm(@types/sinon)) = 7.5.2
+Provides: bundled(npm(@types/slate)) = 0.47.1
Provides: bundled(npm(@types/slate)) = 0.47.1
Provides: bundled(npm(@types/slate-plain-serializer)) = 0.6.1
Provides: bundled(npm(@types/slate-react)) = 0.22.5
+Provides: bundled(npm(@types/slate-react)) = 0.22.5
+Provides: bundled(npm(@types/slate-react)) = 0.22.5
+Provides: bundled(npm(@types/systemjs)) = 0.20.6
+Provides: bundled(npm(@types/systemjs)) = 0.20.6
Provides: bundled(npm(@types/testing-library__jest-dom)) = 5.9.5
Provides: bundled(npm(@types/testing-library__react-hooks)) = 3.1.0
Provides: bundled(npm(@types/tinycolor2)) = 1.4.1
+Provides: bundled(npm(@types/tinycolor2)) = 1.4.1
+Provides: bundled(npm(@types/tmp)) = 0.1.0
Provides: bundled(npm(@types/uuid)) = 8.3.0
+Provides: bundled(npm(@types/webpack)) = 4.39.3
Provides: bundled(npm(@typescript-eslint/eslint-plugin)) = 4.15.0
+Provides: bundled(npm(@typescript-eslint/eslint-plugin)) = 4.15.0
+Provides: bundled(npm(@typescript-eslint/parser)) = 4.15.0
Provides: bundled(npm(@typescript-eslint/parser)) = 4.15.0
+Provides: bundled(npm(@visx/event)) = 1.3.0
+Provides: bundled(npm(@visx/gradient)) = 1.0.0
+Provides: bundled(npm(@visx/scale)) = 1.4.0
+Provides: bundled(npm(@visx/shape)) = 1.4.0
+Provides: bundled(npm(@visx/tooltip)) = 1.3.0
Provides: bundled(npm(@welldone-software/why-did-you-render)) = 4.0.6
Provides: bundled(npm(@wojtekmaj/enzyme-adapter-react-17)) = 0.3.1
Provides: bundled(npm(abortcontroller-polyfill)) = 1.4.0
@@ -320,75 +436,147 @@ Provides: bundled(npm(angular-mocks)) = 1.6.6
Provides: bundled(npm(angular-route)) = 1.8.2
Provides: bundled(npm(angular-sanitize)) = 1.8.2
Provides: bundled(npm(antlr4)) = 4.8.0
+Provides: bundled(npm(apache-arrow)) = 0.16.0
Provides: bundled(npm(autoprefixer)) = 9.7.4
Provides: bundled(npm(axios)) = 0.21.1
+Provides: bundled(npm(axios)) = 0.21.1
Provides: bundled(npm(babel-core)) = 7.0.0-bridge.0
Provides: bundled(npm(babel-jest)) = 26.6.3
+Provides: bundled(npm(babel-jest)) = 26.6.3
Provides: bundled(npm(babel-loader)) = 8.0.6
+Provides: bundled(npm(babel-loader)) = 8.0.6
+Provides: bundled(npm(babel-plugin-angularjs-annotate)) = 0.10.0
Provides: bundled(npm(babel-plugin-angularjs-annotate)) = 0.10.0
Provides: bundled(npm(baron)) = 3.0.3
+Provides: bundled(npm(blink-diff)) = 1.0.13
Provides: bundled(npm(brace)) = 0.11.1
Provides: bundled(npm(calculate-size)) = 1.1.1
Provides: bundled(npm(centrifuge)) = 2.6.4
+Provides: bundled(npm(chalk)) = 1.1.3
+Provides: bundled(npm(chance)) = 1.1.4
+Provides: bundled(npm(classnames)) = 2.2.6
+Provides: bundled(npm(classnames)) = 2.2.6
Provides: bundled(npm(classnames)) = 2.2.6
Provides: bundled(npm(clean-webpack-plugin)) = 3.0.0
Provides: bundled(npm(clipboard)) = 2.0.4
+Provides: bundled(npm(combokeys)) = 3.0.1
+Provides: bundled(npm(command-exists)) = 1.2.8
+Provides: bundled(npm(commander)) = 2.17.1
+Provides: bundled(npm(commander)) = 2.17.1
+Provides: bundled(npm(commander)) = 2.17.1
Provides: bundled(npm(common-tags)) = 1.8.0
+Provides: bundled(npm(common-tags)) = 1.8.0
+Provides: bundled(npm(concurrently)) = 4.1.0
+Provides: bundled(npm(copy-to-clipboard)) = 3.3.1
+Provides: bundled(npm(copy-webpack-plugin)) = 5.1.2
Provides: bundled(npm(core-js)) = 1.2.7
Provides: bundled(npm(css-loader)) = 3.4.2
+Provides: bundled(npm(css-loader)) = 3.4.2
+Provides: bundled(npm(cypress)) = 6.3.0
+Provides: bundled(npm(cypress-file-upload)) = 4.0.7
+Provides: bundled(npm(d3)) = 5.15.0
Provides: bundled(npm(d3)) = 5.15.0
Provides: bundled(npm(d3-force)) = 1.2.1
Provides: bundled(npm(d3-scale-chromatic)) = 1.5.0
Provides: bundled(npm(dangerously-set-html-content)) = 1.0.6
Provides: bundled(npm(debounce-promise)) = 3.1.2
+Provides: bundled(npm(deep-freeze)) = 0.0.1
+Provides: bundled(npm(emotion)) = 10.0.27
Provides: bundled(npm(emotion)) = 10.0.27
+Provides: bundled(npm(emotion)) = 10.0.27
+Provides: bundled(npm(enzyme)) = 3.11.0
Provides: bundled(npm(enzyme)) = 3.11.0
+Provides: bundled(npm(enzyme-adapter-react-16)) = 1.15.2
Provides: bundled(npm(enzyme-to-json)) = 3.4.4
Provides: bundled(npm(es-abstract)) = 1.18.0-next.1
Provides: bundled(npm(es6-promise)) = 4.2.8
Provides: bundled(npm(es6-shim)) = 0.35.5
Provides: bundled(npm(eslint)) = 2.13.1
+Provides: bundled(npm(eslint)) = 2.13.1
Provides: bundled(npm(eslint-config-prettier)) = 7.2.0
+Provides: bundled(npm(eslint-config-prettier)) = 7.2.0
+Provides: bundled(npm(eslint-plugin-jsdoc)) = 31.6.1
Provides: bundled(npm(eslint-plugin-jsdoc)) = 31.6.1
Provides: bundled(npm(eslint-plugin-no-only-tests)) = 2.4.0
Provides: bundled(npm(eslint-plugin-prettier)) = 3.3.1
+Provides: bundled(npm(eslint-plugin-prettier)) = 3.3.1
Provides: bundled(npm(eslint-plugin-react)) = 7.22.0
Provides: bundled(npm(eslint-plugin-react-hooks)) = 4.2.0
+Provides: bundled(npm(eslint-plugin-react-hooks)) = 4.2.0
Provides: bundled(npm(eventemitter3)) = 3.1.2
+Provides: bundled(npm(eventemitter3)) = 3.1.2
+Provides: bundled(npm(execa)) = 0.7.0
+Provides: bundled(npm(execa)) = 0.7.0
+Provides: bundled(npm(execa)) = 0.7.0
+Provides: bundled(npm(expect-puppeteer)) = 4.1.1
Provides: bundled(npm(expect.js)) = 0.3.1
Provides: bundled(npm(expose-loader)) = 0.7.5
Provides: bundled(npm(fast-text-encoding)) = 1.0.0
Provides: bundled(npm(file-loader)) = 5.0.2
+Provides: bundled(npm(file-loader)) = 5.0.2
Provides: bundled(npm(file-saver)) = 2.0.2
Provides: bundled(npm(fork-ts-checker-webpack-plugin)) = 1.0.0
+Provides: bundled(npm(fork-ts-checker-webpack-plugin)) = 1.0.0
+Provides: bundled(npm(fs-extra)) = 0.30.0
+Provides: bundled(npm(fuzzy)) = 0.1.3
Provides: bundled(npm(gaze)) = 1.1.3
Provides: bundled(npm(glob)) = 7.1.3
+Provides: bundled(npm(globby)) = 6.1.0
+Provides: bundled(npm(hoist-non-react-statics)) = 2.5.5
Provides: bundled(npm(hoist-non-react-statics)) = 2.5.5
+Provides: bundled(npm(hoist-non-react-statics)) = 2.5.5
+Provides: bundled(npm(html-loader)) = 0.5.5
Provides: bundled(npm(html-loader)) = 0.5.5
Provides: bundled(npm(html-webpack-harddisk-plugin)) = 1.0.1
Provides: bundled(npm(html-webpack-plugin)) = 3.2.0
+Provides: bundled(npm(html-webpack-plugin)) = 3.2.0
Provides: bundled(npm(husky)) = 4.2.1
Provides: bundled(npm(immutable)) = 3.8.2
+Provides: bundled(npm(immutable)) = 3.8.2
+Provides: bundled(npm(inquirer)) = 0.12.0
Provides: bundled(npm(is-hotkey)) = 0.1.4
Provides: bundled(npm(jest)) = 26.6.3
+Provides: bundled(npm(jest)) = 26.6.3
+Provides: bundled(npm(jest-canvas-mock)) = 2.3.0
Provides: bundled(npm(jest-canvas-mock)) = 2.3.0
+Provides: bundled(npm(jest-coverage-badges)) = 1.1.2
Provides: bundled(npm(jest-date-mock)) = 1.0.8
+Provides: bundled(npm(jest-environment-jsdom-fifteen)) = 1.0.2
+Provides: bundled(npm(jest-junit)) = 6.4.0
Provides: bundled(npm(jest-matcher-utils)) = 26.0.0
Provides: bundled(npm(jquery)) = 3.5.1
+Provides: bundled(npm(jquery)) = 3.5.1
+Provides: bundled(npm(json-markup)) = 1.1.3
Provides: bundled(npm(jsurl)) = 0.1.5
Provides: bundled(npm(lerna)) = 3.22.1
+Provides: bundled(npm(less)) = 3.11.1
+Provides: bundled(npm(less-loader)) = 5.0.0
Provides: bundled(npm(lint-staged)) = 10.0.7
Provides: bundled(npm(load-grunt-tasks)) = 5.1.0
Provides: bundled(npm(lodash)) = 4.17.21
+Provides: bundled(npm(lodash)) = 4.17.21
+Provides: bundled(npm(lodash)) = 4.17.21
+Provides: bundled(npm(lodash)) = 4.17.21
+Provides: bundled(npm(lodash)) = 4.17.21
+Provides: bundled(npm(lodash)) = 4.17.21
Provides: bundled(npm(lru-cache)) = 4.1.5
+Provides: bundled(npm(lru-memoize)) = 1.1.0
+Provides: bundled(npm(marked)) = 2.0.1
Provides: bundled(npm(md5)) = 2.2.1
+Provides: bundled(npm(md5-file)) = 4.0.0
Provides: bundled(npm(memoize-one)) = 4.1.0
+Provides: bundled(npm(memoize-one)) = 4.1.0
+Provides: bundled(npm(mini-css-extract-plugin)) = 0.7.0
Provides: bundled(npm(mini-css-extract-plugin)) = 0.7.0
Provides: bundled(npm(mocha)) = 7.0.1
+Provides: bundled(npm(mock-raf)) = 1.0.1
Provides: bundled(npm(module-alias)) = 2.2.2
Provides: bundled(npm(moment)) = 2.24.0
+Provides: bundled(npm(moment)) = 2.24.0
+Provides: bundled(npm(moment)) = 2.24.0
Provides: bundled(npm(moment-timezone)) = 0.5.28
Provides: bundled(npm(monaco-editor)) = 0.20.0
+Provides: bundled(npm(monaco-editor)) = 0.20.0
Provides: bundled(npm(monaco-editor-webpack-plugin)) = 1.9.0
Provides: bundled(npm(mousetrap)) = 1.6.5
Provides: bundled(npm(mousetrap-global-bind)) = 1.1.0
@@ -396,70 +584,174 @@ Provides: bundled(npm(mutationobserver-shim)) = 0.3.3
Provides: bundled(npm(ngtemplate-loader)) = 2.0.1
Provides: bundled(npm(nodemon)) = 2.0.2
Provides: bundled(npm(optimize-css-assets-webpack-plugin)) = 5.0.4
+Provides: bundled(npm(optimize-css-assets-webpack-plugin)) = 5.0.4
+Provides: bundled(npm(ora)) = 4.0.3
Provides: bundled(npm(papaparse)) = 5.3.0
+Provides: bundled(npm(papaparse)) = 5.3.0
+Provides: bundled(npm(pixelmatch)) = 5.1.0
+Provides: bundled(npm(pngjs)) = 2.3.1
Provides: bundled(npm(postcss-browser-reporter)) = 0.6.0
+Provides: bundled(npm(postcss-flexbugs-fixes)) = 4.2.0
+Provides: bundled(npm(postcss-loader)) = 3.0.0
Provides: bundled(npm(postcss-loader)) = 3.0.0
+Provides: bundled(npm(postcss-preset-env)) = 6.7.0
Provides: bundled(npm(postcss-reporter)) = 6.0.1
Provides: bundled(npm(prettier)) = 2.0.5
+Provides: bundled(npm(prettier)) = 2.0.5
+Provides: bundled(npm(pretty-format)) = 21.2.1
+Provides: bundled(npm(pretty-format)) = 21.2.1
+Provides: bundled(npm(pretty-format)) = 21.2.1
+Provides: bundled(npm(pretty-format)) = 21.2.1
Provides: bundled(npm(prismjs)) = 1.21.0
Provides: bundled(npm(prop-types)) = 15.7.2
+Provides: bundled(npm(puppeteer-core)) = 1.18.1
+Provides: bundled(npm(rc-cascader)) = 1.0.1
Provides: bundled(npm(rc-cascader)) = 1.0.1
+Provides: bundled(npm(rc-drawer)) = 3.1.3
+Provides: bundled(npm(rc-slider)) = 9.6.4
+Provides: bundled(npm(rc-time-picker)) = 3.7.3
Provides: bundled(npm(re-resizable)) = 6.2.0
Provides: bundled(npm(react)) = 16.13.1
+Provides: bundled(npm(react)) = 16.13.1
Provides: bundled(npm(react-beautiful-dnd)) = 13.0.0
+Provides: bundled(npm(react-beautiful-dnd)) = 13.0.0
+Provides: bundled(npm(react-calendar)) = 2.19.2
+Provides: bundled(npm(react-color)) = 2.18.0
+Provides: bundled(npm(react-custom-scrollbars)) = 4.2.1
+Provides: bundled(npm(react-dev-utils)) = 10.2.1
+Provides: bundled(npm(react-docgen-typescript-loader)) = 3.7.2
+Provides: bundled(npm(react-dom)) = 17.0.1
Provides: bundled(npm(react-dom)) = 17.0.1
Provides: bundled(npm(react-grid-layout)) = 1.2.0
Provides: bundled(npm(react-highlight-words)) = 0.16.0
+Provides: bundled(npm(react-highlight-words)) = 0.16.0
+Provides: bundled(npm(react-hook-form)) = 5.1.3
Provides: bundled(npm(react-hot-loader)) = 4.8.0
+Provides: bundled(npm(react-icons)) = 2.2.7
+Provides: bundled(npm(react-is)) = 16.8.0
Provides: bundled(npm(react-loadable)) = 5.5.0
+Provides: bundled(npm(react-monaco-editor)) = 0.36.0
+Provides: bundled(npm(react-popper)) = 2.2.4
Provides: bundled(npm(react-popper)) = 2.2.4
Provides: bundled(npm(react-redux)) = 7.2.0
Provides: bundled(npm(react-reverse-portal)) = 2.0.1
Provides: bundled(npm(react-select-event)) = 5.1.0
Provides: bundled(npm(react-sizeme)) = 2.6.12
Provides: bundled(npm(react-split-pane)) = 0.1.89
+Provides: bundled(npm(react-storybook-addon-props-combinations)) = 1.1.0
+Provides: bundled(npm(react-table)) = 7.0.0
Provides: bundled(npm(react-test-renderer)) = 16.10.2
+Provides: bundled(npm(react-test-renderer)) = 16.10.2
+Provides: bundled(npm(react-transition-group)) = 4.3.0
Provides: bundled(npm(react-transition-group)) = 4.3.0
Provides: bundled(npm(react-use)) = 13.27.0
Provides: bundled(npm(react-virtualized-auto-sizer)) = 1.0.2
Provides: bundled(npm(react-window)) = 1.8.5
+Provides: bundled(npm(recompose)) = 0.25.1
Provides: bundled(npm(redux)) = 3.7.2
Provides: bundled(npm(redux-logger)) = 3.0.6
Provides: bundled(npm(redux-mock-store)) = 1.5.4
Provides: bundled(npm(redux-thunk)) = 2.3.0
Provides: bundled(npm(regenerator-runtime)) = 0.11.1
Provides: bundled(npm(regexp-replace-loader)) = 1.0.1
+Provides: bundled(npm(replace-in-file)) = 4.1.3
+Provides: bundled(npm(replace-in-file-webpack-plugin)) = 1.0.6
Provides: bundled(npm(reselect)) = 4.0.0
+Provides: bundled(npm(resolve-as-bin)) = 2.1.0
Provides: bundled(npm(rimraf)) = 2.6.3
+Provides: bundled(npm(rimraf)) = 2.6.3
+Provides: bundled(npm(rollup)) = 0.63.5
+Provides: bundled(npm(rollup)) = 0.63.5
+Provides: bundled(npm(rollup)) = 0.63.5
+Provides: bundled(npm(rollup)) = 0.63.5
+Provides: bundled(npm(rollup)) = 0.63.5
+Provides: bundled(npm(rollup-plugin-copy)) = 3.3.0
+Provides: bundled(npm(rollup-plugin-sourcemaps)) = 0.6.3
+Provides: bundled(npm(rollup-plugin-sourcemaps)) = 0.6.3
+Provides: bundled(npm(rollup-plugin-sourcemaps)) = 0.6.3
+Provides: bundled(npm(rollup-plugin-sourcemaps)) = 0.6.3
+Provides: bundled(npm(rollup-plugin-sourcemaps)) = 0.6.3
+Provides: bundled(npm(rollup-plugin-terser)) = 7.0.2
+Provides: bundled(npm(rollup-plugin-terser)) = 7.0.2
+Provides: bundled(npm(rollup-plugin-terser)) = 7.0.2
+Provides: bundled(npm(rollup-plugin-terser)) = 7.0.2
+Provides: bundled(npm(rollup-plugin-terser)) = 7.0.2
+Provides: bundled(npm(rollup-plugin-typescript2)) = 0.29.0
+Provides: bundled(npm(rollup-plugin-typescript2)) = 0.29.0
+Provides: bundled(npm(rollup-plugin-typescript2)) = 0.29.0
+Provides: bundled(npm(rollup-plugin-typescript2)) = 0.29.0
+Provides: bundled(npm(rollup-plugin-typescript2)) = 0.29.0
+Provides: bundled(npm(rollup-plugin-visualizer)) = 4.2.0
+Provides: bundled(npm(rollup-plugin-visualizer)) = 4.2.0
+Provides: bundled(npm(rollup-plugin-visualizer)) = 4.2.0
+Provides: bundled(npm(rollup-plugin-visualizer)) = 4.2.0
+Provides: bundled(npm(rollup-plugin-visualizer)) = 4.2.0
Provides: bundled(npm(rst2html)) = 1.0.4
Provides: bundled(npm(rxjs)) = 6.5.5
+Provides: bundled(npm(rxjs)) = 6.5.5
Provides: bundled(npm(rxjs-spy)) = 7.5.1
Provides: bundled(npm(sass)) = 1.27.0
+Provides: bundled(npm(sass)) = 1.27.0
Provides: bundled(npm(sass-lint)) = 1.12.1
Provides: bundled(npm(sass-loader)) = 8.0.2
+Provides: bundled(npm(sass-loader)) = 8.0.2
Provides: bundled(npm(search-query-parser)) = 1.5.4
+Provides: bundled(npm(semver)) = 5.7.1
+Provides: bundled(npm(simple-git)) = 1.132.0
Provides: bundled(npm(sinon)) = 8.1.1
+Provides: bundled(npm(sinon)) = 8.1.1
+Provides: bundled(npm(slate)) = 0.47.8
Provides: bundled(npm(slate)) = 0.47.8
Provides: bundled(npm(slate-plain-serializer)) = 0.7.10
+Provides: bundled(npm(storybook-dark-mode)) = 1.0.4
Provides: bundled(npm(style-loader)) = 1.1.3
+Provides: bundled(npm(style-loader)) = 1.1.3
+Provides: bundled(npm(systemjs)) = 0.20.19
+Provides: bundled(npm(systemjs-plugin-css)) = 0.1.37
+Provides: bundled(npm(terser-webpack-plugin)) = 1.4.5
Provides: bundled(npm(terser-webpack-plugin)) = 1.4.5
Provides: bundled(npm(tether)) = 1.4.7
Provides: bundled(npm(tether-drop)) = 1.5.0
Provides: bundled(npm(tinycolor2)) = 1.4.1
+Provides: bundled(npm(tinycolor2)) = 1.4.1
+Provides: bundled(npm(tinycolor2)) = 1.4.1
+Provides: bundled(npm(ts-jest)) = 26.4.4
Provides: bundled(npm(ts-jest)) = 26.4.4
+Provides: bundled(npm(ts-loader)) = 6.2.1
+Provides: bundled(npm(ts-loader)) = 6.2.1
+Provides: bundled(npm(ts-loader)) = 6.2.1
+Provides: bundled(npm(ts-loader)) = 6.2.1
+Provides: bundled(npm(ts-node)) = 9.0.0
+Provides: bundled(npm(ts-node)) = 9.0.0
Provides: bundled(npm(ts-node)) = 9.0.0
Provides: bundled(npm(tslib)) = 1.10.0
+Provides: bundled(npm(tslib)) = 1.10.0
Provides: bundled(npm(tti-polyfill)) = 0.2.2
+Provides: bundled(npm(tween-functions)) = 1.2.0
+Provides: bundled(npm(typescript)) = 3.9.7
+Provides: bundled(npm(typescript)) = 3.9.7
+Provides: bundled(npm(typescript)) = 3.9.7
Provides: bundled(npm(typescript)) = 3.9.7
+Provides: bundled(npm(typescript)) = 3.9.7
+Provides: bundled(npm(typescript)) = 3.9.7
+Provides: bundled(npm(typescript)) = 3.9.7
+Provides: bundled(npm(typescript)) = 3.9.7
+Provides: bundled(npm(uplot)) = 1.6.9
+Provides: bundled(npm(url-loader)) = 2.2.0
Provides: bundled(npm(uuid)) = 3.3.3
Provides: bundled(npm(visjs-network)) = 4.25.0
Provides: bundled(npm(webpack)) = 4.41.5
+Provides: bundled(npm(webpack)) = 4.41.5
Provides: bundled(npm(webpack-bundle-analyzer)) = 3.6.0
Provides: bundled(npm(webpack-cleanup-plugin)) = 0.5.1
Provides: bundled(npm(webpack-cli)) = 3.3.10
Provides: bundled(npm(webpack-dev-server)) = 3.11.1
+Provides: bundled(npm(webpack-filter-warnings-plugin)) = 1.2.1
Provides: bundled(npm(webpack-merge)) = 4.2.2
Provides: bundled(npm(whatwg-fetch)) = 3.0.0
+Provides: bundled(npm(xss)) = 1.0.6
+Provides: bundled(npm(yaml)) = 1.7.2
+Provides: bundled(npm(yaml)) = 1.7.2
Provides: bundled(npm(zone.js)) = 0.7.8
@@ -491,7 +783,14 @@ rm -r plugins-bundled
%if %{enable_fips_mode}
%patch10 -p1
%endif
+%if 0%{?fedora} || 0%{?rhel} > 8
%patch11 -p1
+%endif
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
# Set up build subdirs and links
mkdir -p %{_builddir}/src/github.com/grafana
@@ -626,7 +925,7 @@ rm -r pkg/macaron
%gotest ./pkg/...
%if %{enable_fips_mode}
-GOLANG_FIPS=1 go test -v ./pkg/util -run TestEncryption
+OPENSSL_FORCE_FIPS_MODE=1 GOLANG_FIPS=1 go test -v ./pkg/util -run TestEncryption
%endif
%files
@@ -674,6 +973,31 @@ GOLANG_FIPS=1 go test -v ./pkg/util -run TestEncryption
%changelog
+* Wed Aug 10 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-3
+- resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
+- resolve CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
+- resolve CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
+- resolve CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
+- resolve CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
+- resolve CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
+- resolve CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
+- resolve CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
+- resolve CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal
+
+* Wed Jul 20 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-2
+- resolve CVE-2022-31107 grafana: OAuth account takeover
+
+* Fri Apr 22 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-1
+- update to 7.5.15 tagged upstream community sources, see CHANGELOG
+- resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
+- resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
+- resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
+- resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
+- resolve CVE-2021-23648 sanitize-url: XSS
+- resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
+- declare Node.js dependencies of subpackages
+- make vendor and webpack tarballs reproducible
+
* Thu Dec 16 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-2
- resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
- resolve CVE-2021-43813 grafana: directory traversal vulnerability for *.md files