PMM-15117 Grafana 12.4.3+security-02#905
Open
matejkubinec wants to merge 8367 commits into
Open
Conversation
…d the play dashboads (grafana#117637) * updated readme and added links to video and the play dashboads Added video tutorial and Grafana Play demo links to MySQL datasource README. * removed extra line Removed unnecessary line break and adjusted formatting. * Fix prettier --------- Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
trim .git for repo url
* Provisioning: Check App permissions in tester * using app data, not installation * rollback changes * formatting * using already existing PEM * add permissions * fixing integration tests * fixing integration tests
…afana#117769) add folderUid to restoreDashboardVersion
* refactor: decouple migrators * refactor: decouple * refactor: add shorturl * fix: tests * fix: remove count resources
…y schemas) (grafana#117874) * Remove registry flow to push schemas to kind-registry * Fix codeowners * Update workspaces
…#117854) Co-authored-by: Dana Axinte <dana.axinte@grafana.com>
Co-authored-by: =?UTF-8?q?Piotr=20Jamr=C3=B3z?= <pm.jamroz@gmail.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Fix: don't reuse plugin config * Clean up unused named return
…rafana#117775) * Dashboard: Hide version restore for repository-managed dashboards When a dashboard is managed by a repository, disable the version restore functionality and show a warning message directing users to use the repository's Git history instead. * i18n: Fix plural forms for dashboard restore messages * i18n * i18n * Update public/app/features/dashboard-scene/settings/VersionsEditView.tsx Co-authored-by: Roberto Jiménez Sánchez <roberto.jimenez@grafana.com> * Fix message * i18n --------- Co-authored-by: Roberto Jiménez Sánchez <roberto.jimenez@grafana.com>
Remove redundant code
* unified-storage: add small rv fix migration
Fix flaky tests
…erimental feature toggle" (grafana#117900) Revert "docs(alerting): Document `alertRuleUseFiredAtForStartsAt` experimenta…" This reverts commit d36ec3b.
also run the feature toggles CI action conditionally
…117729) * Provisioning Badge: FolderRepo display repo name in tooltip
* add extra route as managed route to alertmanager configuration * make sure identifier and managed routes are unique
…7024) * Alerting: Add pending period to NoData and Error alerts * remove unnecessary changes * cleanup * remove redundant tests * resolve pending(NoData/Error) immediately * fix reason changes during pending making the alert fire immediately * cross-reason pending tests, wipe out error * trigger CI
* feat: initialRowIndex sets data grid selected rows
Do not set frame names in Graphite
Add dedicated feature flag for Secrets Keeper management UI to enable granular control over feature rollout. The flag is configured as: - Stage: Experimental - FrontendOnly: true - Owner: grafanaOperatorExperienceSquad - Default: false (disabled) This allows the Keeper UI to be enabled independently from the base secrets management features (secretsManagementAppPlatformUI). Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
…ting wrapper (grafana#117627) * Alerting: Refactor model layer AlertRule.NotificationSettings Previous model was a slice even though only one setting was validated and allowed. This was for legacy storage reasons that are no longer relevant. Since we want to add a new method of notification routing, this model should be represented differently to allow a new optional nested struct to be added. * Rename ListNotificationSettingsQuery & ListNotificationSettings
…lays (grafana#117819) Alerting: Fix alert rule last evaluation time durations Captured EvaluationTime durations were being incorrectly affected by scheduler jitter and retries.
…a#122443) Chore: Upgrade storybook to fix CVE Semver-compatible upgrade of storybook to >= 10.2.10.
) fix: use xz compression in deb packages (grafana#122448) use xz compression deb (cherry picked from commit 29a79d4) Co-authored-by: Kevin Minehart Tenorio <5140827+kminehart@users.noreply.github.com>
grafana#122510) Chore: Upgrade serialize-javascript dependencies to fix CVE Direct upgrade of parent packages to pull in serialize-javascript >= 7.0.3: - terser-webpack-plugin 5.3.14 → 5.4.0 (drops serialize-javascript dep) - copy-webpack-plugin 13.0.0 → 14.0.0 (requires ^7.0.3) - css-minimizer-webpack-plugin 7.0.2 → 8.0.0 (requires ^7.0.3) - @rollup/plugin-terser 0.4.4 → 1.0.0 (requires ^7.0.3) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Update changelog * Update version to 12.4.3 * retrigger CI --------- Co-authored-by: grafana-delivery-bot[bot] <grafana-delivery-bot[bot]@users.noreply.github.com> Co-authored-by: Kevin Minehart <5140827+kminehart@users.noreply.github.com>
(cherry picked from commit d539059)
…le and Ubuntu image (grafana#122661) Packaging: Fix packaging issues with windows .exe file and Ubuntu image (grafana#122650) Packaging: Fix packaging issues with windows .exe file and Ubuntu Dockerfile (cherry picked from commit f6fcb93) (cherry picked from commit ff44482)
…grafana#122890) Update Tempo data source docs to address user issues (grafana#121517) (cherry picked from commit 2a26f82)
GL-Vuln: VUL-2026-0018 GL-Public-After: 2026-05-12 GL-Partner-Rel: 2026-04-27 GL-Partner-Ack: 2026-02-17
…ot delete handler - 12.4.2 GL-Vuln: VUL-2026-0044 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/76 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-03-31
…parsing (main) GL-Vuln: VUL-2026-0045 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/77 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-03-30
…xy paths GL-Vuln: VUL-2026-0050 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/82 GL-Partner-Rel: CLOUD-ONLY GL-Partner-Ack: CLOUD-ONLY
GL-Vuln: VUL-2026-0049 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/81 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-03-18
GL-Vuln: VUL-2026-0058 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/90 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-03-24
…ut resource sizes GL-Vuln: VUL-2026-0032 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/64 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-02-25T14:02:00Z
GL-Vuln: VUL-2026-0057 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/89 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-03-20
…route handlers GL-Vuln: VUL-2026-0054 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/86 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-03-26
GL-Vuln: VUL-2026-0031 https://ops.grafana-ops.net/a/grafana-vulnerabilityobs-app/first-party/63 GL-Partner-Rel: 2026-04-09 GL-Public-After: 2026-05-12 GL-Partner-Ack: 2026-02-25T14:02:00Z
…r bypasses GL-Vuln: VUL-2026-0064 GL-Public-After: 2026-05-12 GL-Partner-Rel: 2026-04-27 GL-Partner-Ack: 2026-04-11
…ion changes GL-Vuln: VUL-2026-0061 GL-Public-After: 2026-05-12 GL-Partner-Rel: 2026-04-15 GL-Partner-Ack: 2026-04-06
* Update changelog * docs: update changelog --------- Co-authored-by: grafana-delivery-bot[bot] <grafana-delivery-bot[bot]@users.noreply.github.com> Co-authored-by: Mariell Hoversholm <mariell.hoversholm@grafana.com>
matejkubinec
changed the title
mattiasimonato
approved these changes
Jun 3, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PMM-15117
SUBMODULES-4385
PMM PR: percona/pmm#5444