mirror of
https://github.com/grafana/grafana.git
synced 2025-07-31 12:42:35 +08:00
Plugins: Add Subresource Integrity checks (#93024)
* Plugins: Pass hashes for SRI to frontend * Add SRI hashes to frontendsettings DTOs * Add docstring * TestSriHashes * Fix typo * Changed SriHashes to ModuleHash * update loader_test compareOpts * update ModuleHash error message * Add TestModuleHash/no_module.js * Add omitEmpty to moduleHash * Add ModuleHash to api/plugins/${pluginId}/settings * moved ModuleHash field * feat(plugins): add moduleHash to bootData and plugin types * feat(plugins): if moduleHash is available apply it to systemjs importmap * Calculate ModuleHash for CDN provisioned plugins * Add ModuleHash tests for TestCalculate * adjust test case name * removed .envrc * Fix signature verification failing for internal plugins * fix tests * Add pluginsFilesystemSriChecks feature togglemk * renamed FilesystemSriChecksEnabled * refactor(plugin_loader): prefer extending type declaration over ts-error * added a couple more tests * Removed unused features * Removed unused argument from signature.DefaultCalculator call * Removed unused argument from bootstrap.DefaultConstructFunc * Moved ModuleHash to pluginassets service * update docstring * lint * Removed cdn dependency from manifest.Signature * add tests * fix extra parameters in tests * "fix" tests * removed outdated test * removed unused cdn dependency in signature.DefaultCalculator * reduce diff * Cache returned values * Add support for deeply nested plugins (more than 1 hierarchy level) * simplify cache usage * refactor TestService_ModuleHash_Cache * removed unused testdata * re-generate feature toggles * use version for module hash cache * Renamed feature toggle to pluginsSriChecks and use it for both cdn and filesystem * Removed app/types/system-integrity.d.ts * re-generate feature toggles * re-generate feature toggles * feat(plugins): put systemjs integrity hash behind feature flag --------- Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
This commit is contained in:
@ -0,0 +1,33 @@
|
||||
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
{
|
||||
"manifestVersion": "2.0.0",
|
||||
"signatureType": "grafana",
|
||||
"signedByOrg": "grafana",
|
||||
"signedByOrgName": "Grafana Labs",
|
||||
"plugin": "test-app",
|
||||
"version": "1.0.0",
|
||||
"time": 1726234125061,
|
||||
"keyId": "7e4d0c6a708866e7",
|
||||
"files": {
|
||||
"datasource/module.js": "04d70db091d96c4775fb32ba5a8f84cc22893eb43afdb649726661d4425c6711",
|
||||
"datasource/plugin.json": "3fd712717a21617cc76f9043efcd43d4ebf5564dd155a28e4e3c736739f6931e",
|
||||
"datasource/panels/one/module.js": "cbd1ac2284645a0e1e9a8722a729f5bcdd2b831222728709c6360beecdd6143f",
|
||||
"datasource/panels/one/plugin.json": "b9b4556a7220ea77650ffd228da6d441e68df3405d50dab5773c10f4afae5ad3",
|
||||
"module.js": "266c19bc148b22ddef2a288fc5f8f40855bda22ccf60be53340b4931e469ae2a",
|
||||
"plugin.json": "31f04aceb2a9b14c2e501f38a4de5ab1c7a3e7306f58353fa5c1a86b716c971c"
|
||||
}
|
||||
}
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: OpenPGP.js v4.10.11
|
||||
Comment: https://openpgpjs.org
|
||||
|
||||
wrkEARMKAAYFAmbkPg0AIQkQfk0ManCIZucWIQTzOyW2kQdOhGNlcPN+TQxq
|
||||
cIhm5xTlAgkB3mG37KEdlP34nC69NbmriMpDH6PyyJ0IUwXB/SMTr4Gc2SvG
|
||||
cVHvih/0WqVjYKxxQI0QHoYpBQW2jPx0YJLFof8CCQBHpdEEXNTYOOZWG6Cg
|
||||
M3wB3AdCO+ChjXkKosbWqiMDfVqHFoLoLurwWxwOjvk/xTvX5GFbOxSfISyU
|
||||
8iW03F5/Sw==
|
||||
=wobV
|
||||
-----END PGP SIGNATURE-----
|
@ -0,0 +1 @@
|
||||
hello datasource
|
@ -0,0 +1 @@
|
||||
hello panel
|
@ -0,0 +1,13 @@
|
||||
{
|
||||
"type": "panel",
|
||||
"name": "Test Panel",
|
||||
"id": "test-panel",
|
||||
"state": "alpha",
|
||||
"info": {
|
||||
"version": "1.0.0",
|
||||
"description": "Test",
|
||||
"author": {
|
||||
"name": "Giuseppe Guerra"
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,15 @@
|
||||
{
|
||||
"type": "datasource",
|
||||
"name": "Test Datasource",
|
||||
"id": "test-datasource",
|
||||
"backend": true,
|
||||
"executable": "test",
|
||||
"state": "alpha",
|
||||
"info": {
|
||||
"version": "1.0.0",
|
||||
"description": "Test",
|
||||
"author": {
|
||||
"name": "Giuseppe Guerra"
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1 @@
|
||||
hello parent
|
@ -0,0 +1,15 @@
|
||||
{
|
||||
"type": "app",
|
||||
"name": "Test",
|
||||
"id": "test-app",
|
||||
"backend": true,
|
||||
"executable": "test",
|
||||
"state": "alpha",
|
||||
"info": {
|
||||
"version": "1.0.0",
|
||||
"description": "Test",
|
||||
"author": {
|
||||
"name": "Giuseppe Guerra"
|
||||
}
|
||||
}
|
||||
}
|
Reference in New Issue
Block a user