Merge branch '7.15' into backport/7.15/pr-109540

docs/CHANGELOG.asciidoc

@@ -74,6 +74,63 @@ coming::[7.15.0]
 
 For information about the 7.14.1 release, review the following information.
 
+[float]
+[[security-updates-v7.14.1]]
+=== Security updates
+
+Review the security updates that were found in previous versions of {kib}.
+
+[discrete]
+[[code-execution-issue]]
+.Code execution issue
+[%collapsible]
+====
+*Details* +
+In {kib} 7.10.2 to 7.14.0, users with Fleet admin privileges could insecurely upload malicious packages. Due to an older version of the js-yaml library, attackers were able to execute commands on the {kib} server. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22150[CVE-2021-22150]
+*Solution* +
+Upgrade to {kib} 7.14.1.
+====    
+
+[discrete]
+[[path-traversal-issue]]
+.Path traversal issue
+[%collapsible]
+====
+*Details* +
+In {kib} 7.13.4 and earlier, {kib} was not validating the user supplied paths that upload .pbf files, allowing malicious users to arbitrarily traverse the {kib} host to load internal files that end in the .pbf extension. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22151[CVE-2021-22151]
+Thanks to Luat Nguyen of CyberJutsu for reporting this issue.
+*Solution* +
+Upgrade to {kib} 7.14.1.
+====    
+
+[discrete]
+[[html-injection-issue]]
+.HTML injection issue
+[%collapsible]
+====
+*Details* +
+In {kib} 7.14.0, {kib} was not sanitizing document fields that contain HTML snippets, allowing attackers with the ability to write documents to an {es} index to inject HTML. When *Discover* highlighted a search term that contained the HTML, the term was rendered. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37936[CVE-2021-37936]
+*Solution* +
+In <<advanced-options,*Advanced Settings*>>, set `doc_table:highlight` to `false`. If you do not want to change the *Advanced Settings*, upgrade to {kib} 7.14.1.
+====    
+
+[discrete]
+[[nodejs-security-vulnerabilities]]
+.Node.js security vulnerabilities
+[%collapsible]
+====
+*Details* +
+In {kib} 7.14.0 and earlier, Node.js 14.17.3 is affected by the following security vulnerabilities: 
+* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930[CVE-2021-22930]
+* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672[CVE-2021-3672]
+* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22931[CVE-2021-22931]
+* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930[CVE-2021-22930]
+* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939[CVE-2021-22939]
+We do not believe an attacker can exploit the security vulnerabilities against {kib}, but are upgrading Node.js out of an abudance of caution. To resolve the security vulnerabilities, {kib} 7.14.1 upgrades Node.js to 14.17.5.
+*Solution* +
+Upgrade to {kib} 7.14.1.
+====    
+
 [float]
 [[breaking-changes-v7.14.1]]
 === Breaking changes

docs/developer/index.asciidoc

@@ -31,7 +31,6 @@ include::advanced/index.asciidoc[]
 
 include::plugin-list.asciidoc[]
 
-include::plugin-api-changes/plugin-api-changes-7_12.asciidoc[]
+include::plugin-api-changes/plugin-api-changes.asciidoc[]
 
 include::telemetry.asciidoc[]
-

docs/developer/plugin-api-changes/plugin-api-changes.asciidoc

@@ -0,0 +1,151 @@
+[[plugin-api-changes]]
+== Plugin API changes in {minor-version}
+++++
+<titleabbrev>Plugin API changes</titleabbrev>
+++++
+
+This page discusses the plugin API changes that you need to be aware of when migrating
+your application to {kib} {minor-version}.
+
+Other versions: {kibana-ref-all}/7.14/plugin-api-changes.html[7.14] |
+{kibana-ref-all}/7.13/plugin-api-changes.html[7.13] |
+{kibana-ref-all}/7.12/plugin-api-changes.html[7.12] |
+{kibana-ref-all}/7.11/plugin-api-changes-7-11.html[7.11] |
+{kibana-ref-all}/7.10/breaking-changes-7.10.html#general-plugin-API-changes-7-10[7.10] |
+{kibana-ref-all}/7.9/breaking-changes-7.9.html#general-plugin-API-changes-79[7.9] |
+{kibana-ref-all}/7.8/breaking-changes-7.8.html#general-plugin-API-changes-78[7.8]
+
+[[breaking_plugin_v7.15.0_107173]]
+.`fieldFormats` extracted from `data` plugin
+[%collapsible]
+====
+
+`fieldFormats` were extracted from the `data` plugin into a separate plugin.
+For an example on how to use them, check `examples/field_formats_example`.
+
+Refer to https://github.com/elastic/kibana/pull/107173[#107173].
+
+====
+
+[[breaking_plugin_v7.15.0_106973]]
+.@kbn/field-types extracted to a package
+[%collapsible]
+====
+
+`kbn_field_types` were extracted from the `data` plugin into a separate `@kbn/field-types` package.
+
+*via https://github.com/elastic/kibana/pull/106973[#106973]*
+
+====
+
+[[breaking_plugin_v7.15.0_106828]]
+.Start contract for field formatters fixed
+[%collapsible]
+====
+
+Previously, the field formatter start contract exposed the `register` method.
+Now, it is available only on the setup contract.
+
+Refer to https://github.com/elastic/kibana/pull/106828[#106828].
+
+====
+
+[[breaking_plugin_v7.15.0_103744]]
+.Warnings handled inside of headers
+[%collapsible]
+====
+
+The `data.search` service now returns a `warning` property that
+includes any warnings returned from {es} in the headers.
+
+Refer to https://github.com/elastic/kibana/pull/103744[#103744].
+
+====
+
+[[breaking_plugin_v7.15.0_103727]]
+.Scoring support added to KQL
+[%collapsible]
+====
+
+`buildEsQuery` (and in turn, `fromKuery`) now support an additional option,
+`filtersInMustClause`, which will generate KQL queries in the
+`must` clause rather than the `filter` clause.
+This change supports use cases such as sorting by `_score`.
+
+`SearchSource` now automatically sets `filtersInMustClause` to `true` when
+`_score` is included in the `sort` clause.
+
+Refer to https://github.com/elastic/kibana/pull/103727[#103727].
+
+====
+
+[[breaking_plugin_v7.15.0_103530]]
+.Key types and functions related to query generation moved to a package
+[%collapsible]
+====
+
+Import the following types and functions from `@kbn/es-query`.
+Importing them from the `data` plugin is deprecated and support will be removed in `v8.0`.
+
+ * *Index Pattern base types* (New types, not re-exported from the `data` plugin)
+    ** `IndexPatternBase`
+    ** `IndexPatternFieldBase`
+    ** `IFieldSubType`
+ * *Filter Types*
+    ** `RangeFilter`
+    ** `RangeFilterMeta`
+    ** `RangeFilterParams`
+    ** `ExistsFilter`
+    ** `PhrasesFilter`
+    ** `PhraseFilter`
+    ** `CustomFilter`
+    ** `MatchAllFilter`
+ * *Filter type guards*
+    ** `isExistsFilter`
+    ** `isFilterPinned`
+    ** `isMatchAllFilter`
+    ** `isMissingFilter`
+    ** `isPhraseFilter`
+    ** `isPhrasesFilter`
+    ** `isQueryStringFilter`
+    ** `isRangeFilter`
+ * *Filter generators*
+    ** `buildEmptyFilter`
+    ** `buildExistsFilter`
+    ** `buildPhraseFilter`
+    ** `buildPhrasesFilter`
+    ** `buildQueryFilter`
+    ** `buildRangeFilter`
+ * *Filter utilities*
+    ** `getPhraseFilterField`
+    ** `getPhraseFilterValue`
+    ** `toggleFilterNegated`
+    ** `disableFilter`
+ * *KQL helpers*
+    ** `KueryNode`
+    ** `fromKueryExpression`
+    ** `toElasticsearchQuery`
+    ** `nodeTypes`
+    ** `buildEsQuery`
+    ** `buildQueryFromFilters`
+    ** `luceneStringToDsl`
+    ** `decorateQuery`
+    ** `EsQueryConfig`
+
+Refer to https://github.com/elastic/kibana/pull/103530[#103530].
+
+====
+
+[[breaking_plugin_v7.15.0_103494]]
+.Expression functions that generate an aggregation configuration were updated
+[%collapsible]
+====
+
+These expression no longer take
+JSON blobs as arguments. Corresponding expression functions
+were added to generate any complex argument types. Update
+your expressions if you use aggregation functions.
+
+Refer to https://github.com/elastic/kibana/pull/103494[#103494].
+
+====

docs/discover/search-for-relevance.asciidoc

@@ -1,6 +1,5 @@
 [[discover-search-for-relevance]]
 == Search for relevance
-Sometimes you might be unsure which documents best match your search.
 {es} assigns a relevancy, or score to each document, so you can
 can narrow your search to the documents with the most relevant results.
 The higher the score, the better it matches your query.
@@ -12,25 +11,23 @@ the <<gs-get-data-into-kibana, sample flights data set>>, or you can use your ow
 .  In *Discover*, open the index pattern dropdown, and select that data you want to work with.
 +
 For the sample flights data, set the index pattern to *kibana_sample_data_flights*.
-.  In the query bar, click  *KQL*, and then turn it off.
-+
-You're now using the <<lucene-query, Lucene query syntax>>.
+
 .  Run your search.  For the sample data, try:
 +
 ```ts
 Warsaw OR Venice OR Clear
 ```
 . If you don't see any results, expand the <<set-time-filter,time range>>, for example to *Last 7 days*.
 . From the list of *Available fields*, add `_score` and any other fields you want to the document table.
-. To sort the `_score` column in descending order, hover over its header, and then click twice on
-the arrow icon
-image:images/double-arrow.png[Double arrow icon to indicate sorting] so it changes to
+. To sort the `_score` column in descending order, hover over its header, and set
+the sort icon to
 image:images/downward-arrow.png[Downward pointing arrow to indicate descending sorting].
 +
 At this point, you're doing a multi-column sort: first by `Time`, and then by `_score`.
-. To turn off sorting for the `Time` field, hover over its header, and then click the down arrow.
+. To turn off sorting for the `Time` field, hover over its header, and set the sort icon to
+image:images/double-arrow.png[Arrow on both ends of the icon indicates sorting is off].
 +
 Your table now sorts documents from most to least relevant.
 +
 [role="screenshot"]
-image::images/discover-search-for-relevance.png["Example of a search for relevance"]
+image::images/discover-search-for-relevance.png["Documents are sorted from most relevant to least relevant."]

docs/management/connectors/action-types/email.asciidoc

@@ -107,7 +107,7 @@ For other email servers, you can check the list of well-known services that Node
 [[elasticcloud]]
 ==== Sending email from Elastic Cloud
 
-IMPORTANT: These instructions require you to link:{cloud}/ec-watcher.html#ec-watcher-whitelist[whitelist] the email addresses that notifications get sent first.
+IMPORTANT: These instructions require you to link:{cloud}/ec-watcher.html#ec-watcher-whitelist[allowlist] the email addresses that notifications get sent.
 
 Use the following connector settings to send email from Elastic Cloud: 
 

docs/spaces/index.asciidoc

@@ -8,29 +8,18 @@ the dashboards and saved objects that belong to that space.
 
 {kib} creates a default space for you.
 After you create your own
-spaces, you're asked to choose a space when you log in to Kibana. You can change your
+spaces, you're asked to choose a space when you log in to {kib}. You can change your
 current space at any time by using the menu.
 
 [role="screenshot"]
 image::images/change-space.png["Change current space menu"]
 
-Kibana supports spaces in several ways.  You can:
-
-[[spaces-getting-started]]
-
-* <<spaces-managing, View&comma; create&comma; and delete spaces>>
-* <<spaces-control-feature-visibility, Control feature access based on user needs>>
-* <<spaces-control-user-access, Control feature access based on user privileges>>
-* <<spaces-moving-objects, Move objects between spaces>>
-* <<spaces-default-route, Configure a Space-level landing page>>
-* <<spaces-delete-started, Disable the Spaces feature>>
-
 [float]
-==== Required permissions
+==== Required privileges
 
 The `kibana_admin` role or equivalent is required to manage **Spaces**.
 
-TIP: Looking to support multiple tenants? See <<xpack-security-multiple-tenants, the Security documentation>> for more information.
+TIP: Looking to support multiple tenants? Refer to <<xpack-security-multiple-tenants, the Security documentation>> for more information.
 
 [float]
 [[spaces-managing]]
@@ -71,14 +60,14 @@ You can't delete the default space, but you can customize it to your liking.
 === Control feature access based on user needs
 
 You have control over which features are visible in each space.
-For example, you might hide Dev Tools
-in your "Executive" space or show Stack Monitoring only in your "Admin" space.
+For example, you might hide *Dev Tools*
+in your "Executive" space or show *Stack Monitoring* only in your "Admin" space.
 You can define which features to show or hide when you add or edit a space.
 
 Controlling feature
 visibility is not a security feature. To secure access
 to specific features on a per-user basis, you must configure
-<<xpack-security-authorization, Kibana Security>>.
+<<xpack-security-authorization, {kib} Security>>.
 
 [role="screenshot"]
 image::images/edit-space-feature-visibility.png["Controlling features visiblity"]
@@ -87,12 +76,12 @@ image::images/edit-space-feature-visibility.png["Controlling features visiblity"
 [[spaces-control-user-access]]
 === Control feature access based on user privileges
 
-When using Kibana with security, you can configure applications and features
+When using {kib} with security, you can configure applications and features
 based on your users’ privileges. This means different roles can have access
 to different features in the same space.
 Power users might have privileges to create and edit visualizations and dashboards,
-while analysts or executives might have Dashboard and Canvas with read-only privileges.
-See <<adding_kibana_privileges>> for details.
+while analysts or executives might have read-only privileges for *Dashboard* and *Canvas*.
+Refer to <<adding_kibana_privileges>> for details.
 
 [role="screenshot"]
 image::images/spaces-roles.png["Controlling features visiblity"]
@@ -105,7 +94,7 @@ To move saved objects between spaces, you can <<managing-saved-objects-copy-to-s
 
 [float]
 [[spaces-default-route]]
-=== Configure a Space-level landing page
+=== Configure a space-level landing page
 
 You can create a custom experience for users by configuring the {kib} landing page on a per-space basis.
 The landing page can route users to a specific dashboard, application, or saved object as they enter each space.
@@ -123,9 +112,8 @@ image::images/spaces-configure-landing-page.png["Configure space-level landing p
 === Disable and version updates
 
 Spaces are automatically enabled in {kib}. If you don't want use this feature,
-you can disable it
-by setting `xpack.spaces.enabled` to `false` in your
-`kibana.yml` configuration file.
+you can disable it. For more information, refer to <<spaces-settings-kb,Spaces settings in {kib}>>.
+
+When you upgrade {kib}, the default space contains all of your existing saved objects.
+
 
-If you are upgrading your
-version of {kib}, the default space will contain all of your existing saved objects.