Fix vulnerabilities in dependencies (#4985)

* remove angular-chart * winston dependency update (3.5.1) * changelog: add PR entries * dependency: upgrade dependency pdfmake to 0.2.6 * changelog: add the pull request entry * test: updated test of reporting Co-authored-by: yenienserrano <[email protected]> Co-authored-by: Álex <[email protected]>
wazuh · Dec 20, 2022 · a33ba7e · a33ba7e
1 parent d338fa9
commit a33ba7e
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 14 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -33,6 +33,8 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Added cluster's IP and protocol as suggestions in the agent deployment wizard. [#4776](https://github.com/wazuh/wazuh-kibana-app/pull/4776) [#4954](https://github.com/wazuh/wazuh-kibana-app/pull/4954)
 - Show OS name and OS version in the agent installation wizard. [#4851](https://github.com/wazuh/wazuh-kibana-app/pull/4851)
 - Changed the endpoint that updates the plugin configuration to support multiple settings. [#4501](https://github.com/wazuh/wazuh-kibana-app/pull/4501)
+- Updated the `winston` dependency to `3.5.1` [#4985](https://github.com/wazuh/wazuh-kibana-app/pull/4985)
+- Updated the `pdfmake` dependency to `0.2.6` [#4985](https://github.com/wazuh/wazuh-kibana-app/pull/4985)
 - The button to export the app logs is now disabled when there are no results, instead of showing an error toast [#4992](https://github.com/wazuh/wazuh-kibana-app/pull/4992)
 
 ### Fixed
@@ -56,6 +58,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 ### Removed
 
 - Removed custom styles from kibana 7.9.0 [#4491](https://github.com/wazuh/wazuh-kibana-app/pull/4491)
+- Removed the `angular-chart.js` dependency [#4985](https://github.com/wazuh/wazuh-kibana-app/pull/4985)
 
 ## Wazuh v4.3.10 - OpenSearch Dashboards 1.2.0 - Revision 4311
 

diff --git a/package.json b/package.json
@@ -44,7 +44,6 @@
   },
   "dependencies": {
     "angular-animate": "1.7.8",
-    "angular-chart.js": "1.1.1",
     "angular-material": "1.1.18",
     "axios": "^0.21.1",
     "install": "^0.10.1",
@@ -56,15 +55,15 @@
     "md5": "^2.3.0",
     "needle": "^2.0.1",
     "node-cron": "^1.1.2",
-    "pdfmake": "0.1.65",
+    "pdfmake": "0.2.6",
     "pug-loader": "^2.4.0",
     "querystring-browser": "1.0.4",
     "react-codemirror": "^1.0.0",
     "react-cookie": "^4.0.3",
     "read-last-lines": "^1.7.2",
     "timsort": "^0.3.0",
     "typescript": "^4.4.2",
-    "winston": "3.0.0"
+    "winston": "3.5.1"
   },
   "devDependencies": {
     "@types/node-cron": "^2.0.3",

diff --git a/public/app.js b/public/app.js
@@ -20,9 +20,6 @@ require('./utils/dom-to-image.js');
 // EUI React components wrapper
 import './components';
 
-// angular-charts.js
-import 'angular-chart.js';
-
 // pin-wz-menu.js
 import { changeWazuhNavLogo } from './utils/wz-logo-menu';
 

diff --git a/public/get_inner_angular.ts b/public/get_inner_angular.ts
@@ -87,7 +87,6 @@ export function initializeInnerAngularModule(name = 'app/wazuh', navigation: Nav
       'ngRoute',
       'react',
       'ngMaterial',
-      'chart.js',
       'ui.bootstrap',
       'app/discover',
     ])

diff --git a/public/kibana-integrations/kibana-discover.js b/public/kibana-integrations/kibana-discover.js
@@ -17,7 +17,6 @@
  * under the License.
  */
 
-import discoverTemplate from '../templates/discover/discover.html';
 import store from '../redux/store';
 import { updateVis } from '../redux/actions/visualizationsActions';
 import { getAngularModule, getCore, getDiscoverModule, getPlugins, getToasts } from '../kibana-services';
@@ -40,7 +39,7 @@ getAngularModule().directive('kbnDis', [
     return {
       restrict: 'E',
       scope: {},
-      template: indexTemplateLegacy//discoverTemplate,
+      template: indexTemplateLegacy
     };
   }
 ]);

diff --git a/server/routes/wazuh-reporting.test.ts b/server/routes/wazuh-reporting.test.ts
@@ -175,11 +175,11 @@ describe('[endpoint] PUT /utils/configuration', () => {
   // If any of the parameters is changed this variable should be updated with the new md5
   it.each`
   footer              | header                                | responseStatusCode | expectedMD5                           | tab
-  ${null}             | ${null}                               | ${200}             | ${'9fbdebb41c6c4fe09841fc94a14de174'} | ${'pm'}
-  ${'Custom\nFooter'} | ${'[email protected]\nFake Avenue 123'}| ${200}             | ${'f01f3aa26436cca6c92e7c45da72efce'} | ${'general'}
-  ${''}               | ${''}                                 | ${200}             | ${'fa6c0527535b314aaf50d27e98fda093'} | ${'fim'}
-  ${'Custom Footer'}  | ${null}                               | ${200}             | ${'e4aba02dcb618387a4da4103ce833238'} | ${'aws'}
-  ${null}             | ${'Custom Header'}                    | ${200}             | ${'102c342384edd4796a02045e28f970cd'} | ${'gcp'}
+  ${null}             | ${null}                               | ${200}             | ${'7b6fa0e2a5911880d17168800c173f89'} | ${'pm'}
+  ${'Custom\nFooter'} | ${'[email protected]\nFake Avenue 123'}| ${200}             | ${'51b268066bb5107e5eb0a9d791a89d0c'} | ${'general'}
+  ${''}               | ${''}                                 | ${200}             | ${'23d5e0eedce38dc6df9e98e898628f68'} | ${'fim'}
+  ${'Custom Footer'}  | ${null}                               | ${200}             | ${'2b16be2ea88d3891cda7acb6075826d9'} | ${'aws'}
+  ${null}             | ${'Custom Header'}                    | ${200}             | ${'91e30564f157942718afdd97db3b4ddf'} | ${'gcp'}
 `(`Set custom report header and footer - Verify PDF output`, async ({footer, header, responseStatusCode, expectedMD5, tab}) => {
 
       // Mock PDF report parameters