Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Deprecation] Deprecate the Blacklist / Whitelist nomenclature #1808

Merged
merged 24 commits into from
Aug 4, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 36 additions & 4 deletions config/opensearch_dashboards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -131,8 +131,9 @@
# Set the allowlist to check input graphite Url. Allowlist is the default check list.
#vis_type_timeline.graphiteAllowedUrls: ['https://www.hostedgraphite.com/UID/ACCESS_KEY/graphite']

# Set the blocklist to check input graphite Url. Blocklist is an IP list.
# Set the denylist to check input graphite Url. Denylist is an IP list.
# Below is an example for reference

# vis_type_timeline.graphiteBlockedIPs: [
# //Loopback
# '127.0.0.0/8',
Expand Down Expand Up @@ -161,7 +162,37 @@
# '2001:db8::/32',
# 'ff00::/8',
# ]
#vis_type_timeline.graphiteBlockedIPs: []

# vis_type_timeline.graphiteDeniedIPs: []

# vis_type_timeline.graphiteDeniedIPs: [
kaddy645 marked this conversation as resolved.
Show resolved Hide resolved
# //Loopback
# '127.0.0.0/8',
# '::1/128',
# //Link-local Address for IPv6
# 'fe80::/10',
# //Private IP address for IPv4
# '10.0.0.0/8',
# '172.16.0.0/12',
# '192.168.0.0/16',
# //Unique local address (ULA)
# 'fc00::/7',
# //Reserved IP address
# '0.0.0.0/8',
# '100.64.0.0/10',
# '192.0.0.0/24',
# '192.0.2.0/24',
# '198.18.0.0/15',
# '192.88.99.0/24',
# '198.51.100.0/24',
# '203.0.113.0/24',
# '224.0.0.0/4',
# '240.0.0.0/4',
# '255.255.255.255/32',
# '::/128',
# '2001:db8::/32',
# 'ff00::/8',
# ]

# opensearchDashboards.branding:
# logo:
Expand All @@ -177,9 +208,10 @@
# applicationTitle: ""
# useExpandedHeader: false

# Set the value of this setting to true to capture region blocked warnings and errors
# Set the value of this setting to true to capture region denied warnings and errors
# for your map rendering services.
# map.showRegionBlockedWarning: false
kaddy645 marked this conversation as resolved.
Show resolved Hide resolved

# map.showRegionDeniedWarning: false

# Set the value of this setting to false to suppress search usage telemetry
# for reducing the load of OpenSearch cluster.
Expand Down
2 changes: 1 addition & 1 deletion packages/opensearch-safer-lodash-set/scripts/update.sh
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ all_files=$(cd lodash && ls)
modified_lodash_files=(_baseSet.js)

# Get fresh copies of all the files that was originally copied from lodash,
# expect the ones in the whitelist
# expect the ones in the allowlist
for file in $all_files
do
if [[ ! "${modified_lodash_files[@]}" =~ "${file}" ]]
Expand Down
4 changes: 2 additions & 2 deletions packages/osd-pm/dist/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -86225,7 +86225,7 @@ module.exports = ProgressEmitter;
"use strict";


const blacklist = [
const denylist = [
// # All
'^npm-debug\\.log$', // Error log for npm
'^\\..*\\.swp$', // Swap file for vim state
Expand Down Expand Up @@ -86254,7 +86254,7 @@ exports.re = () => {
throw new Error('`junk.re` was renamed to `junk.regex`');
};

exports.regex = new RegExp(blacklist.join('|'));
exports.regex = new RegExp(denylist.join('|'));

exports.is = filename => exports.regex.test(filename);

Expand Down
4 changes: 2 additions & 2 deletions src/core/server/http/http_server.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -869,7 +869,7 @@ describe('conditional compression', () => {
expect(response.header).toHaveProperty('content-encoding', 'gzip');
});

test('enables compression for whitelisted referer', async () => {
test('enables compression for whitelisted (deprecated) or allowlisted referer', async () => {
const response = await supertest(listener)
.get('/')
.set('accept-encoding', 'gzip')
Expand All @@ -878,7 +878,7 @@ describe('conditional compression', () => {
expect(response.header).toHaveProperty('content-encoding', 'gzip');
});

test('disables compression for non-whitelisted referer', async () => {
test('disables compression for non-whitelisted (deprecated) or non-allowlisted referer', async () => {
const response = await supertest(listener)
.get('/')
.set('accept-encoding', 'gzip')
Expand Down
4 changes: 4 additions & 0 deletions src/core/server/opensearch/opensearch_config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,10 @@ const deprecations: ConfigDeprecationProvider = ({ renameFromRoot, renameFromRoo
'opensearch.requestHeadersWhitelist',
'opensearch.requestHeadersAllowlist'
),
renameFromRootWithoutMap(
'opensearch.requestHeadersWhitelistConfigured',
'opensearch.requestHeadersAllowlistConfigured'
),
renameFromRoot('elasticsearch.customHeaders', 'opensearch.customHeaders'),
renameFromRoot('elasticsearch.shardTimeout', 'opensearch.shardTimeout'),
renameFromRoot('elasticsearch.requestTimeout', 'opensearch.requestTimeout'),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -179,7 +179,7 @@ test(`includes one object with type === 'object' and excludes one object without
});
});

test('excludes references and migrationVersion which are part of the blacklist', () => {
test('excludes references and migrationVersion which are part of the denylist', () => {
const mappings = {
properties: {
references: {
Expand Down
4 changes: 2 additions & 2 deletions src/dev/license_checker/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@

// The following list applies to packages both
// used as dependencies or dev dependencies
export const LICENSE_WHITELIST = [
export const LICENSE_ALLOWLIST = [
ananzh marked this conversation as resolved.
Show resolved Hide resolved
'Elastic-License',
'0BSD',
'(BSD-2-Clause OR MIT OR Apache-2.0)',
Expand Down Expand Up @@ -86,7 +86,7 @@ export const LICENSE_WHITELIST = [

// The following list only applies to licenses that
// we wanna allow in packages only used as dev dependencies
export const DEV_ONLY_LICENSE_WHITELIST = ['MPL-2.0'];
export const DEV_ONLY_LICENSE_ALLOWLIST = ['MPL-2.0'];

// Globally overrides a license for a given package@version
export const LICENSE_OVERRIDES = {
Expand Down
2 changes: 1 addition & 1 deletion src/dev/license_checker/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -28,5 +28,5 @@
* under the License.
*/

export { LICENSE_WHITELIST, DEV_ONLY_LICENSE_WHITELIST, LICENSE_OVERRIDES } from './config';
export { LICENSE_ALLOWLIST, DEV_ONLY_LICENSE_ALLOWLIST, LICENSE_OVERRIDES } from './config';
export { assertLicensesValid } from './valid';
6 changes: 3 additions & 3 deletions src/dev/license_checker/run_check_licenses_cli.ts
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ import { REPO_ROOT } from '@osd/utils';
import { run } from '@osd/dev-utils';
import { getInstalledPackages } from '../npm';

import { LICENSE_WHITELIST, DEV_ONLY_LICENSE_WHITELIST, LICENSE_OVERRIDES } from './config';
import { LICENSE_ALLOWLIST, DEV_ONLY_LICENSE_ALLOWLIST, LICENSE_OVERRIDES } from './config';
import { assertLicensesValid } from './valid';

run(
Expand All @@ -47,7 +47,7 @@ run(
// packages are valid
assertLicensesValid({
packages: packages.filter((pkg) => !pkg.isDevOnly),
validLicenses: LICENSE_WHITELIST,
validLicenses: LICENSE_ALLOWLIST,
});
log.success('All production dependency licenses are allowed');

Expand All @@ -56,7 +56,7 @@ run(
if (flags.dev) {
assertLicensesValid({
packages: packages.filter((pkg) => pkg.isDevOnly),
validLicenses: LICENSE_WHITELIST.concat(DEV_ONLY_LICENSE_WHITELIST),
validLicenses: LICENSE_ALLOWLIST.concat(DEV_ONLY_LICENSE_ALLOWLIST),
});
log.success('All development dependency licenses are allowed');
}
Expand Down
2 changes: 1 addition & 1 deletion src/legacy/server/config/schema.js
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ export default () =>
map: Joi.object({
includeOpenSearchMapsService: Joi.boolean().default(true),
proxyOpenSearchMapsServiceInMaps: Joi.boolean().default(false),
showRegionBlockedWarning: Joi.boolean().default(false),
showRegionDeniedWarning: Joi.boolean().default(false),
tilemap: Joi.object({
url: Joi.string(),
options: Joi.object({
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,9 @@ import React from 'react';
import PropTypes from 'prop-types';
import { Markdown } from '../../../../../opensearch_dashboards_react/public';

/** @deprecated use allowListedRules: */
const whiteListedRules = ['backticks', 'emphasis', 'link', 'list'];
const allowListedRules = ['backticks', 'emphasis', 'link', 'list'];

export function Content({ text }) {
return (
Expand All @@ -41,6 +43,7 @@ export function Content({ text }) {
markdown={text}
openLinksInNewTab={true}
whiteListedRules={whiteListedRules}
allowListedRules={allowListedRules}
/>
);
}
Expand Down
2 changes: 1 addition & 1 deletion src/plugins/home/server/tutorials/santa_logs/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ export function santaLogsSpecProvider(context: TutorialContext): TutorialSchema
longDescription: i18n.translate('home.tutorials.santaLogs.longDescription', {
defaultMessage:
'The module collects and parses logs from [Google Santa](https://github.com/google/santa), \
a security tool for macOS that monitors process executions and can blacklist/whitelist binaries. \
a security tool for macOS that monitors process executions and can denylist/allowlist binaries. \
[Learn more]({learnMoreLink}).',
values: {
learnMoreLink: '{config.docs.beats.filebeat}/filebeat-module-santa.html',
Expand Down
2 changes: 1 addition & 1 deletion src/plugins/maps_legacy/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ import { configSchema as regionmapSchema } from '../region_map/config';
export const configSchema = schema.object({
includeOpenSearchMapsService: schema.boolean({ defaultValue: true }),
proxyOpenSearchMapsServiceInMaps: schema.boolean({ defaultValue: false }),
showRegionBlockedWarning: schema.boolean({ defaultValue: false }),
showRegionDeniedWarning: schema.boolean({ defaultValue: false }),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for this we should still use deprecations within the index file like the other instances of deprecating.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed!

tilemap: tilemapSchema,
regionmap: regionmapSchema,
manifestServiceUrl: schema.string({ defaultValue: '' }),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -205,13 +205,13 @@ export function BaseMapsVisualizationProvider() {
isDarkMode
);
const showZoomMessage = serviceSettings.shouldShowZoomMessage(tmsLayer);
const showRegionBlockedWarning = serviceSettings.shouldShowRegionBlockedWarning();
const showRegionDeniedWarning = serviceSettings.shouldShowRegionDeniedWarning();
const options = { ...tmsLayer };
delete options.id;
delete options.subdomains;
this._opensearchDashboardsMap.setBaseLayer({
baseLayerType: 'tms',
options: { ...options, showZoomMessage, showRegionBlockedWarning, ...meta },
options: { ...options, showZoomMessage, showRegionDeniedWarning, ...meta },
});
}

Expand Down
8 changes: 4 additions & 4 deletions src/plugins/maps_legacy/public/map/map_messages.js
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,9 @@ import { FormattedMessage } from '@osd/i18n/react';
import { EuiSpacer, EuiButtonEmpty, EuiEmptyPrompt } from '@elastic/eui';
import { toMountPoint } from '../../../opensearch_dashboards_react/public';

export const createRegionBlockedWarning = (function () {
export const createRegionDeniedWarning = (function () {
/* eslint-disable react/prefer-stateless-function */
class RegionBlockedWarningOverlay extends React.Component {
class RegionDeniedWarningOverlay extends React.Component {
constructor(props) {
super(props);
}
Expand Down Expand Up @@ -71,7 +71,7 @@ export const createRegionBlockedWarning = (function () {
document.getElementsByClassName('leaflet-container'),
(leafletDom) => {
ReactDOM.render(
new RegionBlockedWarningOverlay().render(),
new RegionDeniedWarningOverlay().render(),
leafletDom.appendChild(messageBlock)
);
}
kaddy645 marked this conversation as resolved.
Show resolved Hide resolved
Expand All @@ -80,7 +80,7 @@ export const createRegionBlockedWarning = (function () {
};
})();

export const removeRegionBlockedWarning = (function () {
export const removeRegionDeniedWarning = (function () {
return () => {
const childEle = document.getElementById('blocker-div');
if (childEle) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@
import { EventEmitter } from 'events';
import {
createZoomWarningMsg,
createRegionBlockedWarning,
removeRegionBlockedWarning,
createRegionDeniedWarning,
removeRegionDeniedWarning,
} from './map_messages';
import $ from 'jquery';
import { get, isEqual, escape } from 'lodash';
Expand Down Expand Up @@ -609,8 +609,8 @@ export class OpenSearchDashboardsMap extends EventEmitter {
this.emit('baseLayer:loading');
});
baseLayer.on('tileerror', () => {
if (settings.options.showRegionBlockedWarning) {
createRegionBlockedWarning();
if (settings.options.showRegionDeniedWarning) {
createRegionDeniedWarning();
}
});

Expand Down Expand Up @@ -691,7 +691,7 @@ export class OpenSearchDashboardsMap extends EventEmitter {
}

_updateDesaturation() {
removeRegionBlockedWarning();
removeRegionDeniedWarning();
const tiles = $('img.leaflet-tile-loaded');
// Don't apply client-side styling to EMS basemaps
if (get(this._baseLayerSettings, 'options.origin') === ORIGIN.EMS) {
Expand Down
6 changes: 3 additions & 3 deletions src/plugins/maps_legacy/public/map/service_settings.js
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ export class ServiceSettings {
this._hasTmsConfigured = typeof tilemapsConfig.url === 'string' && tilemapsConfig.url !== '';

this._showZoomMessage = true;
this._showRegionBlockedWarning = this._mapConfig.showRegionBlockedWarning;
this._showRegionDeniedWarning = this._mapConfig.showRegionDeniedWarning;
this._emsClient = null;
this._opensearchMapsClient = new OpenSearchMapsClient({
language: i18n.getLocale(),
Expand Down Expand Up @@ -89,8 +89,8 @@ export class ServiceSettings {
});
}

shouldShowRegionBlockedWarning() {
return this._showRegionBlockedWarning;
shouldShowRegionDeniedWarning() {
return this._showRegionDeniedWarning;
}

shouldShowZoomMessage({ origin }) {
Expand Down
3 changes: 2 additions & 1 deletion src/plugins/maps_legacy/server/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ export const config: PluginConfigDescriptor<MapsLegacyConfig> = {
exposeToBrowser: {
includeOpenSearchMapsService: true,
proxyOpenSearchMapsServiceInMaps: true,
showRegionBlockedWarning: true,
showRegionDeniedWarning: true,
tilemap: true,
regionmap: true,
manifestServiceUrl: true,
Expand All @@ -57,6 +57,7 @@ export const config: PluginConfigDescriptor<MapsLegacyConfig> = {
'map.regionmap.includeElasticMapsService',
'map.regionmap.includeOpenSearchMapsService'
),
renameFromRoot('map.showRegionBlockedWarning', 'map.showRegionDeniedWarning'),
],
};

Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading