Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove bluebird dependency #49602

Closed
watson opened this issue Oct 29, 2019 · 3 comments · Fixed by #118097
Closed

Remove bluebird dependency #49602

watson opened this issue Oct 29, 2019 · 3 comments · Fixed by #118097
Assignees
@watson
Labels
chore Feature:Hardening Harding of Kibana from a security perspective impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. loe:small Small Level of Effort Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@watson
Copy link
Contributor

watson commented Oct 29, 2019
edited
Loading

The bluebird module is one of the modules we depend on that uses eval (and friends). While this particular module is not a known security risk, we're working on reducing the number of places that uses eval, and removing bluebird is considered a low hanging fruit that would also benefit us in general.
@watson watson added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! Feature:Hardening Harding of Kibana from a security perspective labels Oct 29, 2019
@watson watson self-assigned this Oct 29, 2019
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@kobelb kobelb added the chore label Jan 14, 2020
@exalate-issue-sync exalate-issue-sync bot added impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. loe:small Small Level of Effort labels Aug 5, 2021
@watson watson mentioned this issue Nov 9, 2021
Merged
@elasticdog elasticdog reopened this Nov 15, 2021
@legrego
Copy link
Member

legrego commented Nov 15, 2021

@elasticdog is there something that we failed to address in #118097 that caused you to re-open this?

@elasticdog
Copy link
Contributor

Apologies, I believe this was re-opened by some flaky test integration of Exalate/Jira that is currently linked through my GitHub account. That is being addressed and this should be fine to close out as intended.

@exalate-issue-sync exalate-issue-sync bot reopened this Nov 17, 2021
@legrego legrego closed this as completed Nov 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@watson watson

Labels
chore Feature:Hardening Harding of Kibana from a security perspective impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. loe:small Small Level of Effort Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove bluebird dependency watson/kibana
5 participants
@elasticdog @watson @kobelb @legrego @elasticmachine