Skip to content

Backlog/v12 alerts fixes#2313

Merged
AlexSanchez-bit merged 4 commits into
release/v12.0.0from
backlog/v12_alerts_fixes
Jul 9, 2026
Merged

Backlog/v12 alerts fixes#2313
AlexSanchez-bit merged 4 commits into
release/v12.0.0from
backlog/v12_alerts_fixes

Conversation

@AlexSanchez-bit

Copy link
Copy Markdown
Contributor

No description provided.

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

✅ AI review — Minor findings

Only minor (medium/low) issues were found. Consider addressing them.

architecture (gemini-3-flash-lite) — clean

Summary: Frontend UI layout updates (removing max-width constraints) and addition of alert deep-linking functionality.

No findings.

bugs (gemini-3-flash-lite) — clean

Summary: UI layout changes across multiple pages and addition of deep-linking for alerts.

No findings.

⚠️ security (gemini-3-flash-lite) — minor findings

Summary: Potential XSS via unvalidated URL parameter in deep-linking logic.

  • medium frontend/src/features/alerts/pages/AlertsPage.tsx:77 — The 'id' parameter from the URL is decoded and used to set a filter value. If this value is later rendered in the UI without proper sanitization, it could lead to XSS. Ensure the filter value is treated as plain text.

🔴 go-deps — pending updates

🔍 Discovered 25 Go projects

📦 Dependencies with updates available:

  📁 ./agent/updater:
     - github.com/kardianos/service: v1.2.4 → v1.3.0

  📁 ./agent:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - golang.org/x/sys: v0.46.0 → v0.47.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./collectors/as400:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./collectors/utmstack:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./collectors/forwarder:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./installer:
     - github.com/cloudfoundry/gosigar: v1.3.122 → v1.3.123
     - github.com/kardianos/service: v1.2.4 → v1.3.0

  📁 ./backend:
     - cloud.google.com/go/pubsub: v1.50.2 → v1.50.4
     - github.com/aws/aws-sdk-go-v2/config: v1.32.25 → v1.32.29
     - github.com/aws/aws-sdk-go-v2/credentials: v1.19.24 → v1.19.28
     - github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs: v1.78.0 → v1.79.0
     - github.com/aws/aws-sdk-go-v2/service/sts: v1.43.3 → v1.44.0
     - golang.org/x/crypto: v0.53.0 → v0.54.0
     - google.golang.org/api: v0.286.0 → v0.287.1
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./plugins/inputs:
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./plugins/sophos:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/gcp:
     - cloud.google.com/go/pubsub: v1.50.2 → v1.50.4
     - golang.org/x/crypto: v0.53.0 → v0.54.0
     - google.golang.org/api: v0.286.0 → v0.287.1

  📁 ./plugins/crowdstrike:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/bitdefender:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/azure:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/aws:
     - github.com/aws/aws-sdk-go-v2: v1.42.0 → v1.42.1
     - github.com/aws/aws-sdk-go-v2/config: v1.32.25 → v1.32.29
     - github.com/aws/aws-sdk-go-v2/credentials: v1.19.24 → v1.19.28
     - github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs: v1.78.0 → v1.79.0
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/soc-ai:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/feeds:
     - golang.org/x/sync: v0.21.0 → v0.22.0

  📁 ./plugins/o365:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./agent-manager:
     - golang.org/x/sync: v0.21.0 → v0.22.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

❌ Please update dependencies before merging.

@utmstackprapprover utmstackprapprover Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes requested — AI review found blocking issues (high/critical, or engineer review required). See above.

Signed-off-by: Alex Sánchez  <alex.sanchez@utmstack.com>
@AlexSanchez-bit AlexSanchez-bit merged commit b50ac1a into release/v12.0.0 Jul 9, 2026
1 check passed
@AlexSanchez-bit AlexSanchez-bit deleted the backlog/v12_alerts_fixes branch July 9, 2026 15:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant