Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-webui / eda6e2b095280b6ea06729e0c7401a4b272ca52e
commiteda6e2b095280b6ea06729e0c7401a4b272ca52e[log] [tgz]
authorGunnar Mills <gmills@us.ibm.com>Mon May 20 14:59:19 2019 -0500
committerGunnar Mills <gmills@us.ibm.com>Tue May 21 21:03:20 2019 +0000
tree282adfec0d07dfeb634c1c234ab7ebe96746991f
parenta1b5fb6a3d41054addf77730df1feea76becc0ea [diff]
NPM update to address TAR vulnerability

This security vulnerability is in the phosphor-webui
repo:
"We found a potential security vulnerability in one of your
dependencies.
 tar
 Upgrade tar to version 4.4.2 or later."

See https://nvd.nist.gov/vuln/detail/CVE-2018-20834
for more information.

Ran "NPM update" && "npm install node-sass@latest --save".

Before:

bash-4.1$ npm audit

....

found 3 high severity vulnerabilities in 12118 scanned packages
  run `npm audit fix` to fix 3 of them.

After:

bash-4.1$ npm audit

                       === npm audit security report ===

found 0 vulnerabilities
 in 12124 scanned packages

Resolves https://github.com/openbmc/phosphor-webui/issues/85

Tested: Built the GUI and loaded it on a Witherspoon. No
        regressions observed.

Change-Id: I67cf4111021d7097a4a0726fecc320853810c6fd
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
2 files changed
tree: 282adfec0d07dfeb634c1c234ab7ebe96746991f
  1. app/
  2. .babelrc
  3. .clang-format
  4. .gitignore
  5. config.json
  6. format-code.sh
  7. karma.conf.js
  8. LICENSE
  9. MAINTAINERS
  10. package-lock.json
  11. package.json
  12. postcss.config.js
  13. README.md
  14. sonar-project.properties
  15. webpack.config.js
README.md

OpenBMC Web User Interface

The OpenBMC WebUI is a Web-based user interface for the OpenBMC firmware stack. The WebUI uses AngularJS. Features include:

  • View system overview data such as model information and serial number
  • View and manage event logs
  • View inventory data
  • View sensor data
  • Power On/Off server operations
  • Reboot BMC
  • Manage and update BMC and Host firmware
  • IPv4 network settings
  • SoL console

Requirements

nodejs (>= 4.2.6) npm (>= 5.6.0)

Note The default installation of your Linux distro may not come with the required versions above. See the following for more information on updating:

https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-node https://docs.npmjs.com/troubleshooting/try-the-latest-stable-version-of-npm

Installation

npm install

Note This must be run from within the phosphor-webui git repository.

Running locally

npm run-script server

This will start a server instance and begin listening for connections at http://localhost:8080. This development server provides live reloading on code changes. NOTE: Browsing to https://<BMC> and accepting the self-signed certificate might be required to prevent your browser from blocking traffic to the BMC.

Logging in

Enter the BMC Host or BMC IP address, username, and password. The default username and password are root/0penBmc.

Note that some OpenBMC implementations use bmcweb for its backend. For security reasons, bmcweb will need to be recompiled and loaded onto the target BMC Host before the above redirect command will work. The option to turn on within bmcweb is BMCWEB_INSECURE_DISABLE_XSS_PREVENTION.