Reduce default session cookie timeout #321

gonzaarancibia · 2025-06-26T16:10:29Z

Description

Set default session and cookie TTL to 15 minutes (900000 ms) . Previously, the session expired after 1 hour.
If no opensearch_security config for session ttl and cookie ttl, it will use the 15-minute default value

What is the old behavior before changes and new behavior after changes?

Previously, the session and cookie expired after 1 hour.

Issues Resolved

#739

Evidence

After 15 minutes of inactivity, the session log out:

Screen.Recording.2025-06-26.at.4.37.34.PM.mov

Testing the changes

Use this repo and the 4.13.1 wazuh-dashboard repository
Start the environment:
```
./dev.sh up security
```
Once the dashboard is running, log in.
Remain inactive for 15 minutes.
Confirm that the session expires and you are redirected to the login screen.

Check List

New functionality includes testing
New functionality has been documented
Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

… minutes (900000 ms) If no opensearch_security config for session ttl and cookie ttl, it will use the 15-minute default value Signed-off-by: gonzaarancibia <[email protected]>

asteriscos

CR: 🟢
Test: 🟢

Logged in at 17:02

As a consecuent of trying to navigate to another plugin after 30 minutes of inactivity, the application logged me out

guidomodarelli

LGTM! 🟢

🟢 Test Legend

Symbol	Meaning
⚫	The test hasn't started yet.
🟢	All checks passed.
🟡	There is at least one expected fail or skipped test and no failures.
🔴	There is at least one failed check.
⚪	Doesn't apply.
🔧	Request changes.
❓	Needs more information.

🧪 Test 2025/07/01

CR 🟢
TEST 🟢

Logged in at 10:36

As a consecuent of trying to navigate to another plugin after 30 minutes of inactivity, the application logged me out

… minutes (900000 ms) (#321) If no opensearch_security config for session ttl and cookie ttl, it will use the 15-minute default value Signed-off-by: gonzaarancibia <[email protected]>

* Migrate 4.14.0 to 2.19.3.0 (#347) * Compatibility with opensearch 2.19.0 (#191) (#205) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump version 4.10.0 revision 00 (#53) * Merge 4.9.1 into 4.10.0 (#102) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * chore(bump): 4.10.0 rev01 (#103) * chore(bump): 4.10.1 rev 00 (#105) * Bump 4.10.2 00 (#109) * Merge 4.10.0 into 4.10.1 (#143) (#144) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * fix: conflict * fix: typo --------- * Bump version to 4.10.3 revision 00 (#149) * Support Wazuh 4.12.0 rev 00 (#159) * Bump version 4.12.0 * Bump version 4.12.0 * Merge 4.11.0 into 4.12.0 (#177) * Merge 4.10.0 into 4.10.1 (#143) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * fix: conflict * fix: typo --------- * Bump version 4.11.0 (#158) * Bump revision to 4.11.0-01 (#174) * Merge 4.10.2 into 4.11.0 (#176) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * Bump revision to 07 (#147) * Bump version 4.10.1 (#157) * chore(bump): 4.10.1 rev 01 (#165) * Bump version to 4.10.2-00 (#169) * Replace the SAML default embedded route redirects with a new default route redirect. (#171) * Saml url default path changes to wz-home * Added pretier * Resolve test * Repair tests --------- --------- * Change the version of cypress to opensearch dashboard version * Fix saml_aut_test.spec.js * Update dev-environment.yml * Update manual-build.yml * Add VERSION.json (#192) --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: Tostti <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Bump version 4.13.0 (#213) * Merge 4.11.2 into 4.12.0 (#224) (#225) * chore(bump): 4.11.1 rev 01 (#203) * Bump revision to 02 (#209) * Bump version 4.11.2 (#217) * Bump version 4.11.2 * Bump version 4.11.2 * chore(bump): 4.11.2 rev 01 (#219) * chore(bump): 4.11.2 rev 02 (#221) --------- Co-authored-by: Antonio <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> * Repository bumper script development (#234) * add gitignore entry for repository bumper logs Prevents repository bumper log files from being tracked by Git. Improves repository cleanliness and avoids unnecessary clutter. * add repository version bumper script Introduces a shell script to automate version and stage updates across the repository. Includes argument parsing, input validation, version comparison, and file updates for consistent version management. * update manual build workflow version reference Adds a function to update the default version in the manual build workflow file. Logs changes and handles cases where the workflow file is missing. Enhances version consistency across repository workflows. * add stage extraction from VERSION.json Enhances pre-update checks by extracting the 'stage' field from VERSION.json using sed. Validates the extracted value and handles errors, ensuring robustness against missing or null fields. * improve version file update logic Adds conditional checks to update version and stage fields only if changes are detected. Prevents unnecessary modifications and improves logging clarity. * extract revision from package.json in repository bumper Adds logic to retrieve the current revision from package.json using sed. Logs errors if the revision is missing, null, or improperly formatted, and terminates the script to ensure data integrity. * improve version and revision update logic in package.json Adds conditional checks to update version and revision only when changes are needed. Introduces a flag to track modifications and logs success messages only when updates occur. Enhances code reliability and reduces redundant operations. * add conditional check when updating default reference Prevents redundant updates by adding a check to ensure the current version differs from the target version before making changes. Improves script reliability and avoids unnecessary operations. * add README for versioning tools Introduces a README file documenting the usage, functionality, and affected files of the `repository_bumper.sh` script. Provides examples, parameter details, and notes for users. Enhances clarity and usability of versioning tools. * Compatibility with opensearch 2.19.2.0 (#241) * Bump version to 4.14.0 (#258) * Adds automated repository version bumping workflow (#277) * Adds automated repository version bumping workflow * Simplifies workflow by removing tag option and adding push trigger * Removes push trigger from repository bumper workflow * Simplifies repository bumper workflow configuration * Fix repository bumper workflow environment secret (#298) * fix: fixed env secret Signed-off-by: Raul Del Pozo Moreno <[email protected]> * chore: abstracted version Signed-off-by: Raul Del Pozo Moreno <[email protected]> --------- Signed-off-by: Raul Del Pozo Moreno <[email protected]> * Restrict GitHub actions permissions (#299) * Restrict ALL action permissions in the package build workflows * Add content read permission * fix: added admin privilege to PR merge (#310) Signed-off-by: Raul Del Pozo Moreno <[email protected]> * Fix pr permission write (#312) * Fix test * Fix test --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Signed-off-by: Raul Del Pozo Moreno <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: Tostti <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Raul Del Pozo Moreno <[email protected]> * feat(session-cookie): Change set default session and cookie TTL to 15 minutes (900000 ms) (#321) If no opensearch_security config for session ttl and cookie ttl, it will use the 15-minute default value Signed-off-by: gonzaarancibia <[email protected]> --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Signed-off-by: Raul Del Pozo Moreno <[email protected]> Signed-off-by: gonzaarancibia <[email protected]> Co-authored-by: Ian Yenien Serrano <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Raul Del Pozo Moreno <[email protected]> Co-authored-by: Gonzalo Arancibia <[email protected]>

* Migrate main to 3.0.0.0 (#268) * Compatibility with opensearch 2.19.0 (#191) (#205) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump version 4.10.0 revision 00 (#53) * Merge 4.9.1 into 4.10.0 (#102) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * chore(bump): 4.10.0 rev01 (#103) * chore(bump): 4.10.1 rev 00 (#105) * Bump 4.10.2 00 (#109) * Merge 4.10.0 into 4.10.1 (#143) (#144) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * fix: conflict * fix: typo --------- * Bump version to 4.10.3 revision 00 (#149) * Support Wazuh 4.12.0 rev 00 (#159) * Bump version 4.12.0 * Bump version 4.12.0 * Merge 4.11.0 into 4.12.0 (#177) * Merge 4.10.0 into 4.10.1 (#143) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * fix: conflict * fix: typo --------- * Bump version 4.11.0 (#158) * Bump revision to 4.11.0-01 (#174) * Merge 4.10.2 into 4.11.0 (#176) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * Bump revision to 07 (#147) * Bump version 4.10.1 (#157) * chore(bump): 4.10.1 rev 01 (#165) * Bump version to 4.10.2-00 (#169) * Replace the SAML default embedded route redirects with a new default route redirect. (#171) * Saml url default path changes to wz-home * Added pretier * Resolve test * Repair tests --------- --------- * Change the version of cypress to opensearch dashboard version * Fix saml_aut_test.spec.js * Update dev-environment.yml * Update manual-build.yml * Add VERSION.json (#192) --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: Tostti <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Bump version 4.13.0 (#213) * Merge 4.11.2 into 4.12.0 (#224) (#225) * chore(bump): 4.11.1 rev 01 (#203) * Bump revision to 02 (#209) * Bump version 4.11.2 (#217) * Bump version 4.11.2 * Bump version 4.11.2 * chore(bump): 4.11.2 rev 01 (#219) * chore(bump): 4.11.2 rev 02 (#221) --------- Co-authored-by: Antonio <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> * Repository bumper script development (#234) * add gitignore entry for repository bumper logs Prevents repository bumper log files from being tracked by Git. Improves repository cleanliness and avoids unnecessary clutter. * add repository version bumper script Introduces a shell script to automate version and stage updates across the repository. Includes argument parsing, input validation, version comparison, and file updates for consistent version management. * update manual build workflow version reference Adds a function to update the default version in the manual build workflow file. Logs changes and handles cases where the workflow file is missing. Enhances version consistency across repository workflows. * add stage extraction from VERSION.json Enhances pre-update checks by extracting the 'stage' field from VERSION.json using sed. Validates the extracted value and handles errors, ensuring robustness against missing or null fields. * improve version file update logic Adds conditional checks to update version and stage fields only if changes are detected. Prevents unnecessary modifications and improves logging clarity. * extract revision from package.json in repository bumper Adds logic to retrieve the current revision from package.json using sed. Logs errors if the revision is missing, null, or improperly formatted, and terminates the script to ensure data integrity. * improve version and revision update logic in package.json Adds conditional checks to update version and revision only when changes are needed. Introduces a flag to track modifications and logs success messages only when updates occur. Enhances code reliability and reduces redundant operations. * add conditional check when updating default reference Prevents redundant updates by adding a check to ensure the current version differs from the target version before making changes. Improves script reliability and avoids unnecessary operations. * add README for versioning tools Introduces a README file documenting the usage, functionality, and affected files of the `repository_bumper.sh` script. Provides examples, parameter details, and notes for users. Enhances clarity and usability of versioning tools. * Bump version to 5.0.0 (#252) * Bump version to 5.0.0 * Fix repository_bumper.sh * Optimizes CI workflows to run only on ready PRs Removes push triggers and adds draft PR filtering to prevent unnecessary CI runs. Changes workflow triggers from push/pull_request to only pull_request with specific types (opened, synchronize, reopened, ready_for_review) and adds conditional checks to skip execution when PRs are in draft state. Reduces CI resource usage and improves development workflow efficiency by avoiding test runs on incomplete work. * Add force: true --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: Tostti <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Adds automated repository version bumping workflow (#277) * Adds automated repository version bumping workflow * Simplifies workflow by removing tag option and adding push trigger * Removes push trigger from repository bumper workflow * Simplifies repository bumper workflow configuration * Fix repository bumper workflow environment secret (#298) * fix: fixed env secret Signed-off-by: Raul Del Pozo Moreno <[email protected]> * chore: abstracted version Signed-off-by: Raul Del Pozo Moreno <[email protected]> --------- Signed-off-by: Raul Del Pozo Moreno <[email protected]> * Restrict GitHub actions permissions (#299) * Restrict ALL action permissions in the package build workflows * Add content read permission * ci(workflows): Add workflows from 6.0.0 to main (#302) Signed-off-by: gonzaarancibia <[email protected]> * fix: added admin privilege to PR merge (#310) Signed-off-by: Raul Del Pozo Moreno <[email protected]> * Fix pr permission write (#312) * Adds repository version bumper workflows and improves portability (#319) * Enhance GitHub workflows to include Wazuh version retrieval * Merge 4.14.1 into main (#361) * Migrate 4.14.0 to 2.19.3.0 (#347) * Compatibility with opensearch 2.19.0 (#191) (#205) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump version 4.10.0 revision 00 (#53) * Merge 4.9.1 into 4.10.0 (#102) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * chore(bump): 4.10.0 rev01 (#103) * chore(bump): 4.10.1 rev 00 (#105) * Bump 4.10.2 00 (#109) * Merge 4.10.0 into 4.10.1 (#143) (#144) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * fix: conflict * fix: typo --------- * Bump version to 4.10.3 revision 00 (#149) * Support Wazuh 4.12.0 rev 00 (#159) * Bump version 4.12.0 * Bump version 4.12.0 * Merge 4.11.0 into 4.12.0 (#177) * Merge 4.10.0 into 4.10.1 (#143) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * fix: conflict * fix: typo --------- * Bump version 4.11.0 (#158) * Bump revision to 4.11.0-01 (#174) * Merge 4.10.2 into 4.11.0 (#176) * Bump revision (#116) * chore: bump 4.10.0 rev 03 (#123) * Bump revision 04 (#133) * Update the actions' version (#131) * Support Wazuh 5.0.0 * Merge 4.9.1 into 4.10.0 (#102) (#121) * 2.13 release notes (opensearch-project#1832) (opensearch-project#1837) * 2.13 release notes * Fix style and package * Fix style and package * Fix link --------- (cherry picked from commit 7c8058f) * Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844) * Add required ml permissions to support new roles * Add ml permissions * Remove internal ml action permissions * Add back internal ml action permissions --------- (cherry picked from commit f0cd1cf) * Add compatibility with OpenSearch 2.11.0 (#31) * Bump version Security Dashboards Plugin 2.9.0.0 (#21) * Upgrade to version 2.8.0 of Security Dashboards Plugin (#20) * Patch actions and workflows. Skip integration tests that fail (#4) * Change plugin name in actions and workflows * Patch install-dashboards action * Change jest config path * Skip tests --------- * Change Wazuh logo and titles (#3) * Change Wazuh logo and titles * Don't force custom logo to have 100% width * Add comment * Fix lint * Fix prettier * Update snapshots --------- * Disable tenant popup (#5) * Replace readme (#16) * Replace readme * Replace Opensearch to Wazuh * Update README.md --------- * Add GitHub workflow for automated build (#15) * Manual build * Workflow for automated build * Update .github/workflows/dev-environment.yml --------- * Create codeql.yml * Revert changes in cypress-test.yml * Revert changes in integration-test.yml * Fix integration test * Fix cypress test tenancy disabled --------- * Skip overview page test * Skip test for issue * Skip test for issue --------- * Fix home image and lint * Fix lint * Fix snapshot * Fix integration test * Revert selector --------- * Update of the GitHub actions to create the packages (#33) * Update Build manual Github action * Add wazuh version in package.json * Update package.json --------- * Change order of security in left menu (#36) * Change order of security in left menu * Fix cypress test * Fix repository tests (#46) * Initial commit * Removed Windows and Mac tests * Fix oidc test * Fix SAML test * Bump 4.9.0 to revision 01 (#56) * chore: bump 4.9.0 revision 02 (#64) * Bump revision 03 (#74) * chore: bump to 4.9.1 revision 00 (#76) * Update the security policy (#95) * change: update the security policy * fix: security policy * Update repository security policy (#97) * chore(bump): revision 4.9.1 01 (#99) --------- * Update all workflows to use actions/checkout@v4 for improved compatibility and performance * Update GitHub workflows to use actions/setup-java@v4 with Temurin distribution for better support and performance * Update workflows to use derek-ho/start-opensearch@v6 for enhanced features and compatibility across all GitHub actions * Update workflows to use derek-ho/setup-opensearch-dashboards@v3 for better features and compatibility across all GitHub actions * Update workflows to use tibdex/[email protected] for improved installation retrieval method and enhanced functionality * Update workflows to use actions/upload-artifact@v4 for improved artifact upload and added overwrite functionality * Update run-cypress-tests action to use Wandalen/wretry.action@v3 for improved reliability in test retries * Update backport workflow to use VachaShah/backport@v2 for enhanced features and improved functionality in backporting changes * Update Wazuh version to 4.10.0 with revision 03 * Update Wazuh revision to "00" in package.json * Fix missing newline at end of package.json file * Update SECURITY.md to redirect vulnerability reports to OpenSearch Security via email * Revise SECURITY.md to establish Wazuh's formal security policy and guidelines for reporting vulnerabilities --------- * chore: bump 4.10.0 rev 05 (#137) * Apply reference name change (#138) * chore(bump): 4.10.0 rev 06 (#141) * Bump revision to 07 (#147) * Bump version 4.10.1 (#157) * chore(bump): 4.10.1 rev 01 (#165) * Bump version to 4.10.2-00 (#169) * Replace the SAML default embedded route redirects with a new default route redirect. (#171) * Saml url default path changes to wz-home * Added pretier * Resolve test * Repair tests --------- --------- * Change the version of cypress to opensearch dashboard version * Fix saml_aut_test.spec.js * Update dev-environment.yml * Update manual-build.yml * Add VERSION.json (#192) --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: Tostti <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> * Bump version 4.13.0 (#213) * Merge 4.11.2 into 4.12.0 (#224) (#225) * chore(bump): 4.11.1 rev 01 (#203) * Bump revision to 02 (#209) * Bump version 4.11.2 (#217) * Bump version 4.11.2 * Bump version 4.11.2 * chore(bump): 4.11.2 rev 01 (#219) * chore(bump): 4.11.2 rev 02 (#221) --------- Co-authored-by: Antonio <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> * Repository bumper script development (#234) * add gitignore entry for repository bumper logs Prevents repository bumper log files from being tracked by Git. Improves repository cleanliness and avoids unnecessary clutter. * add repository version bumper script Introduces a shell script to automate version and stage updates across the repository. Includes argument parsing, input validation, version comparison, and file updates for consistent version management. * update manual build workflow version reference Adds a function to update the default version in the manual build workflow file. Logs changes and handles cases where the workflow file is missing. Enhances version consistency across repository workflows. * add stage extraction from VERSION.json Enhances pre-update checks by extracting the 'stage' field from VERSION.json using sed. Validates the extracted value and handles errors, ensuring robustness against missing or null fields. * improve version file update logic Adds conditional checks to update version and stage fields only if changes are detected. Prevents unnecessary modifications and improves logging clarity. * extract revision from package.json in repository bumper Adds logic to retrieve the current revision from package.json using sed. Logs errors if the revision is missing, null, or improperly formatted, and terminates the script to ensure data integrity. * improve version and revision update logic in package.json Adds conditional checks to update version and revision only when changes are needed. Introduces a flag to track modifications and logs success messages only when updates occur. Enhances code reliability and reduces redundant operations. * add conditional check when updating default reference Prevents redundant updates by adding a check to ensure the current version differs from the target version before making changes. Improves script reliability and avoids unnecessary operations. * add README for versioning tools Introduces a README file documenting the usage, functionality, and affected files of the `repository_bumper.sh` script. Provides examples, parameter details, and notes for users. Enhances clarity and usability of versioning tools. * Compatibility with opensearch 2.19.2.0 (#241) * Bump version to 4.14.0 (#258) * Adds automated repository version bumping workflow (#277) * Adds automated repository version bumping workflow * Simplifies workflow by removing tag option and adding push trigger * Removes push trigger from repository bumper workflow * Simplifies repository bumper workflow configuration * Fix repository bumper workflow environment secret (#298) * fix: fixed env secret Signed-off-by: Raul Del Pozo Moreno <[email protected]> * chore: abstracted version Signed-off-by: Raul Del Pozo Moreno <[email protected]> --------- Signed-off-by: Raul Del Pozo Moreno <[email protected]> * Restrict GitHub actions permissions (#299) * Restrict ALL action permissions in the package build workflows * Add content read permission * fix: added admin privilege to PR merge (#310) Signed-off-by: Raul Del Pozo Moreno <[email protected]> * Fix pr permission write (#312) * Fix test * Fix test --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Signed-off-by: Raul Del Pozo Moreno <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: Tostti <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Raul Del Pozo Moreno <[email protected]> * feat(session-cookie): Change set default session and cookie TTL to 15 minutes (900000 ms) (#321) If no opensearch_security config for session ttl and cookie ttl, it will use the 15-minute default value Signed-off-by: gonzaarancibia <[email protected]> --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Signed-off-by: Raul Del Pozo Moreno <[email protected]> Signed-off-by: gonzaarancibia <[email protected]> Co-authored-by: Ian Yenien Serrano <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Raul Del Pozo Moreno <[email protected]> Co-authored-by: Gonzalo Arancibia <[email protected]> * Adds version-specific dashboard build workflows (main) (#365) * Adds version-specific dashboard build workflows * Updates workflow defaults and names * Adds compatibility request issue template --------- Signed-off-by: Ian Yenien Serrano <[email protected]> Signed-off-by: Álex Ruiz <[email protected]> Signed-off-by: Nicolas Agustin Guevara Pihen <[email protected]> Signed-off-by: Raul Del Pozo Moreno <[email protected]> Signed-off-by: gonzaarancibia <[email protected]> Co-authored-by: Álex Ruiz <[email protected]> Co-authored-by: Federico Rodriguez <[email protected]> Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]> Co-authored-by: Antonio <[email protected]> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Sicheng Song <[email protected]> Co-authored-by: Guido Modarelli <[email protected]> Co-authored-by: Tostti <[email protected]> Co-authored-by: JuanGarriuz <[email protected]> Co-authored-by: Raul Del Pozo Moreno <[email protected]> Co-authored-by: Gonzalo Arancibia <[email protected]>

feat(session-cookie): Change set default session and cookie TTL to 15…

6f8fbb1

… minutes (900000 ms) If no opensearch_security config for session ttl and cookie ttl, it will use the 15-minute default value Signed-off-by: gonzaarancibia <[email protected]>

gonzaarancibia self-assigned this Jun 26, 2025

asteriscos linked an issue Jun 26, 2025 that may be closed by this pull request

Reduce default session cookie timeout wazuh/wazuh-dashboard#739

Closed

2 tasks

asteriscos approved these changes Jun 30, 2025

View reviewed changes

guidomodarelli approved these changes Jul 1, 2025

View reviewed changes

asteriscos merged commit 2ba7ff4 into 4.13.1 Jul 1, 2025
2 of 14 checks passed

asteriscos deleted the change/739-reduce-default-session-cookie-timeout branch July 1, 2025 14:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Reduce default session cookie timeout #321

Reduce default session cookie timeout #321

Uh oh!

gonzaarancibia commented Jun 26, 2025 •

edited

Loading

Uh oh!

asteriscos left a comment

Uh oh!

guidomodarelli left a comment

Uh oh!

Uh oh!

Uh oh!

Reduce default session cookie timeout #321

Reduce default session cookie timeout #321

Uh oh!

Conversation

gonzaarancibia commented Jun 26, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Category

What is the old behavior before changes and new behavior after changes?

Issues Resolved

Evidence

Testing the changes

Check List

Uh oh!

asteriscos left a comment

Choose a reason for hiding this comment

Uh oh!

guidomodarelli left a comment

Choose a reason for hiding this comment

🟢 Test Legend

🧪 Test 2025/07/01

Uh oh!

Uh oh!

Uh oh!

gonzaarancibia commented Jun 26, 2025 •

edited

Loading