elastic
diff --git a/‎.buildkite/scripts/build_kibana.sh‎
Lines changed: 3 additions & 0 deletions b/‎.buildkite/scripts/build_kibana.sh‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎.buildkite/scripts/steps/artifacts/docker_context.sh‎
Lines changed: 3 additions & 0 deletions b/‎.buildkite/scripts/steps/artifacts/docker_context.sh‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 0 deletions b/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docs/reference/cloud/elastic-cloud-kibana-settings.md‎
Lines changed: 4 additions & 0 deletions b/‎docs/reference/cloud/elastic-cloud-kibana-settings.md‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎docs/reference/configuration-reference/general-settings.md‎
Lines changed: 3 additions & 0 deletions b/‎docs/reference/configuration-reference/general-settings.md‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎fleet_packages.json‎
Lines changed: 1 addition & 1 deletion b/‎fleet_packages.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎package.json‎
Lines changed: 1 addition & 0 deletions b/‎package.json‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎packages/kbn-failed-test-reporter-cli/failed_tests_reporter/report_failure.test.ts‎
Lines changed: 47 additions & 1 deletion b/‎packages/kbn-failed-test-reporter-cli/failed_tests_reporter/report_failure.test.ts‎
Lines changed: 47 additions & 1 deletion
diff --git a/‎packages/kbn-failed-test-reporter-cli/failed_tests_reporter/report_failure.ts‎
Lines changed: 36 additions & 5 deletions b/‎packages/kbn-failed-test-reporter-cli/failed_tests_reporter/report_failure.ts‎
Lines changed: 36 additions & 5 deletions
diff --git a/‎src/core/packages/http/router-server-internal/src/timing/request_timing.test.ts‎
Lines changed: 2 additions & 1 deletion b/‎src/core/packages/http/router-server-internal/src/timing/request_timing.test.ts‎
Lines changed: 2 additions & 1 deletion
@@ -4,6 +4,9 @@ set -euo pipefail
 
 source .buildkite/scripts/common/util.sh
 
+echo "--- Clean up cached images to free up space"
+clean_cached_images
+
 export KBN_NP_PLUGINS_BUILT=true
 
 echo "--- Build Kibana Distribution"
 
@@ -9,6 +9,9 @@ source .buildkite/scripts/steps/artifacts/env.sh
 
 KIBANA_DOCKER_CONTEXT="${KIBANA_DOCKER_CONTEXT:="default"}"
 
+echo "--- Clean up cached images to free up space"
+clean_cached_images
+
 echo "--- Create contexts"
 mkdir -p target
 node scripts/build --skip-initialize --skip-generic-folders --skip-platform-folders --skip-archives --skip-cdn-assets --docker-context-use-local-artifact "${BUILD_ARGS[@]}"
 
@@ -997,6 +997,7 @@ x-pack/platform/packages/shared/kbn-entities-schema @elastic/core-analysis
 x-pack/platform/packages/shared/kbn-es-snapshot-loader @elastic/obs-ai-team
 x-pack/platform/packages/shared/kbn-evals @elastic/obs-ai-team @elastic/security-generative-ai
 x-pack/platform/packages/shared/kbn-evals-common @elastic/obs-ai-team @elastic/security-generative-ai
+x-pack/platform/packages/shared/kbn-evals-extensions @elastic/obs-ai-team @elastic/security-generative-ai
 x-pack/platform/packages/shared/kbn-evals-phoenix-executor @elastic/obs-ai-team
 x-pack/platform/packages/shared/kbn-evals-suite-streams @elastic/obs-onboarding-team @elastic/obs-sig-events-team
 x-pack/platform/packages/shared/kbn-event-stacktrace @elastic/obs-presentation-team @elastic/obs-exploration-team
 
@@ -50,6 +50,10 @@ If you want to allow anonymous authentication in Kibana, these settings are supp
 ### Visualizations [ec_visualizations]
 
 
+#### Version 8.0+ [ec_vis_supported_versions_8_0_0]
+
+`vis_type_timelion.enable`
+:   For 8.0 version and later, set to `false` to disable Timelion vizualizations. **Default: `true`**
 
 #### Supported versions before 8.0.0 [ec_vis_supported_versions_before_8_0_0]
 
 
@@ -538,6 +538,9 @@ $$$settings-telemetry-optIn$$$ `telemetry.optIn`
 `vis_type_table.legacyVisEnabled` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ech}}")
 :   Starting from version 7.11, a new datatable visualization is used. Set to `true` to enable the legacy version. In version 8.0 and later, the old implementation is removed and this setting is no longer supported.
 
+`vis_type_timelion.enable` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ech}}")
+:   For 8.0 version and later, set to `false` to disable Timelion vizualizations. **Default: `true`**
+
 `vis_type_vega.enable` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ech}}")
 :   For 7.7 version and later, set to `false` to disable Vega vizualizations. **Default: `true`**
 
 
@@ -30,7 +30,7 @@
   },
   {
     "name": "elastic_agent",
-    "version": "2.7.3"
+    "version": "2.7.4"
   },
   {
     "name": "endpoint",
 
@@ -1690,6 +1690,7 @@
     "@kbn/eslint-plugin-telemetry": "link:packages/kbn-eslint-plugin-telemetry",
     "@kbn/esql-resource-browser-storybook-config": "link:src/platform/packages/shared/kbn-esql-resource-browser/.storybook",
     "@kbn/evals": "link:x-pack/platform/packages/shared/kbn-evals",
+    "@kbn/evals-extensions": "link:x-pack/platform/packages/shared/kbn-evals-extensions",
     "@kbn/evals-phoenix-executor": "link:x-pack/platform/packages/shared/kbn-evals-phoenix-executor",
     "@kbn/evals-suite-agent-builder": "link:x-pack/platform/packages/shared/agent-builder/kbn-evals-suite-agent-builder",
     "@kbn/evals-suite-endpoint": "link:x-pack/solutions/security/packages/kbn-evals-suite-endpoint",
 
@@ -9,7 +9,11 @@
 
 import dedent from 'dedent';
 
-import { createFailureIssue, updateFailureIssue } from './report_failure';
+import {
+  createFailureIssue,
+  redactSensitiveGithubFailureText,
+  updateFailureIssue,
+} from './report_failure';
 
 jest.mock('./github_api');
 const { GithubApi } = jest.requireMock('./github_api');
@@ -18,6 +22,48 @@ beforeEach(() => {
   jest.clearAllMocks();
 });
 
+describe('redactSensitiveGithubFailureText()', () => {
+  it('redacts @elastic.co emails, qa.elastic.cloud hosts, and console.qa.cld.elstc.co', () => {
+    const input = dedent`
+      Error: Failed to parse SAML response value.
+      Most likely the 'fixture-user+alias@elastic.co' user has no access to the cloud deployment.
+      Login to console.qa.cld.elstc.co with the user from '.ftr/role_users.json' file and try to load
+      https://fixture-depl-abc123.kb.eu-west-1.aws.qa.elastic.cloud in the same window.
+    `;
+
+    const out = redactSensitiveGithubFailureText(input);
+
+    expect(out).toContain('<redacted>@elastic.co');
+    expect(out).not.toContain('fixture-user+alias@elastic.co');
+    expect(out).toContain('Login to <redacted> with');
+    expect(out).not.toContain('console.qa.cld.elstc.co');
+    expect(out).toContain('<redacted>.qa.elastic.cloud');
+    expect(out).not.toContain('fixture-depl-abc123');
+  });
+
+  it('redacts bare *.qa.elastic.cloud hostnames without a URL scheme', () => {
+    expect(
+      redactSensitiveGithubFailureText('open fake-sub.kb.eu-west-1.aws.qa.elastic.cloud in browser')
+    ).toBe('open <redacted>.qa.elastic.cloud in browser');
+  });
+
+  it('redacts any *.found.no and *.elastic.co hosts and URLs', () => {
+    expect(
+      redactSensitiveGithubFailureText(
+        'open https://fixture-staging.found.no/ then https://fixture-app.elastic.co/'
+      )
+    ).toBe('open <redacted>.found.no then <redacted>.elastic.co');
+    expect(
+      redactSensitiveGithubFailureText(
+        'Login at fixture-staging.found.no or fixture-app.elastic.co'
+      )
+    ).toBe('Login at <redacted>.found.no or <redacted>.elastic.co');
+    expect(redactSensitiveGithubFailureText('other https://fixture-api.found.no/x')).toBe(
+      'other <redacted>.found.no'
+    );
+  });
+});
+
 describe('createFailureIssue()', () => {
   it('creates new github issue with failure text, link to issue, and valid metadata', async () => {
     const api = new GithubApi();
 
@@ -13,6 +13,30 @@ import type { ScoutTestFailureExtended } from './get_scout_failures';
 import type { GithubApi } from './github_api';
 import { getIssueMetadata, updateIssueMetadata } from './issue_metadata';
 
+function redactHostnameSuffix(text: string, suffix: string): string {
+  const escaped = suffix.replace(/\./g, '\\.');
+  return text.replace(
+    new RegExp(
+      `(?:https?:\\/\\/)?[a-zA-Z0-9](?:[a-zA-Z0-9.-]*[a-zA-Z0-9])?\\.${escaped}(?:[^\\s]*)?`,
+      'g'
+    ),
+    () => `<redacted>.${suffix}`
+  );
+}
+
+const REDACT_HOST_SUFFIXES = ['found.no', 'elastic.co', 'qa.elastic.cloud'] as const;
+
+/**
+ * Redacts emails and sensitive hostnames (e.g. *.found.no, *.elastic.co, *.qa.elastic.cloud) from text posted to public GitHub issues.
+ */
+export function redactSensitiveGithubFailureText(text: string): string {
+  let out = text.replace(/\bconsole\.qa\.cld\.elstc\.co\b/g, '<redacted>');
+  for (const suffix of REDACT_HOST_SUFFIXES) {
+    out = redactHostnameSuffix(out, suffix);
+  }
+  return out.replace(/\S+@elastic\.co\b/g, '<redacted>@elastic.co');
+}
+
 function isScoutFailure(failure: TestFailure): failure is ScoutTestFailureExtended {
   return 'id' in failure && 'target' in failure && 'location' in failure;
 }
@@ -52,7 +76,7 @@ function createFTRBody(
   branch: string,
   pipeline: string
 ): string {
-  const failureBody = truncateFailureBody(failure.failure);
+  const failureBody = redactSensitiveGithubFailureText(truncateFailureBody(failure.failure));
 
   const bodyContent = [
     'A test failed on a tracked branch',
@@ -89,7 +113,7 @@ function createScoutBody(
   branch: string,
   pipeline: string
 ): string {
-  const failureBody = truncateFailureBody(failure.failure);
+  const failureBody = redactSensitiveGithubFailureText(truncateFailureBody(failure.failure));
 
   // Create table format for Scout test details
   const scoutDetailsTable = [
@@ -236,7 +260,9 @@ function createScoutComment(
    * ```
    */
 
-  return `${base}\n\nNew error message:\n\`\`\`\n${newErrorMessage}\n\`\`\``;
+  return `${base}\n\nNew error message:\n\`\`\`\n${redactSensitiveGithubFailureText(
+    newErrorMessage
+  )}\n\`\`\``;
 }
 
 async function updateFTRFailureIssue(
@@ -278,8 +304,13 @@ async function updateScoutFailureIssue(
   let newErrorMessage: string | undefined;
   if (failure.errorMessage && previousFailureBody) {
     const currentErrorMsg = truncateFailureBody(failure.errorMessage).trim();
-    if (!previousFailureBody.includes(currentErrorMsg)) {
-      newErrorMessage = currentErrorMsg;
+    // Current error.message from CI is raw. The issue's first code block is usually already
+    // redacted (we redact on create), but older issues may still hold raw text. Redacting
+    // previous again is idempotent.
+    const redactedPrevious = redactSensitiveGithubFailureText(previousFailureBody);
+    const redactedCurrent = redactSensitiveGithubFailureText(currentErrorMsg);
+    if (!redactedPrevious.includes(redactedCurrent)) {
+      newErrorMessage = redactedCurrent;
     }
   }
 
 
@@ -10,7 +10,8 @@
 import { RequestTimingImpl } from './request_timing';
 import type { RequestTimingState } from './types';
 
-describe('RequestTimingImpl', () => {
+// Failing: See https://github.com/elastic/kibana/issues/259867
+describe.skip('RequestTimingImpl', () => {
   let state: RequestTimingState;
   let timing: RequestTimingImpl;
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@`
`30`	`30`	`},`
`31`	`31`	`{`
`32`	`32`	`"name": "elastic_agent",`
`33`		`- "version": "2.7.3"`
	`33`	`+ "version": "2.7.4"`
`34`	`34`	`},`
`35`	`35`	`{`
`36`	`36`	`"name": "endpoint",`