Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Bump jinja2 from 3.1.4 to 3.1.5 in /sdk/python/requirements #6

Closed
wants to merge 3 commits into from
Closed

chore: Bump jinja2 from 3.1.4 to 3.1.5 in /sdk/python/requirements #6

wants to merge 3 commits into from
+14 −6

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 23, 2024
edited
Loading

Bumps jinja2 from 3.1.4 to 3.1.5.

Release notes

Sourced from jinja2's releases.

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

  • The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
  • Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
  • Sandbox does not allow clear and pop on known mutable sequence types. #2032
  • Calling sync render for an async template uses asyncio.run. #1952
  • Avoid unclosed auto_aiter warnings. #1960
  • Return an aclose-able AsyncGenerator from Template.generate_async. #1960
  • Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
  • Avoid leaving async generators unclosed in blocks, includes and extends. #1960
  • The runtime uses the correct concat function for the current environment when calling block references. #1701
  • Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
  • |int filter handles OverflowError from scientific notation. #1921
  • Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
  • Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
  • Fix copy/pickle support for the internal missing object. #2027
  • Environment.overlay(enable_async) is applied correctly. #2061
  • The error message from FileSystemLoader includes the paths that were searched. #1661
  • PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
  • Improve annotations for methods returning copies. #1880
  • urlize does not add mailto: to values like @a@b. #1870
  • Tests decorated with @pass_context can be used with the |select filter. #1624
  • Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
  • Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253
Changelog

Sourced from jinja2's changelog.

Version 3.1.5

Released 2024-12-21

  • The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
  • Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
  • Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
  • Calling sync render for an async template uses asyncio.run. :pr:1952
  • Avoid unclosed auto_aiter warnings. :pr:1960
  • Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
  • Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
  • Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
  • The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
  • Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
  • |int filter handles OverflowError from scientific notation. :issue:1921
  • Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
  • Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
  • Fix copy/pickle support for the internal missing object. :issue:2027
  • Environment.overlay(enable_async) is applied correctly. :pr:2061
  • The error message from FileSystemLoader includes the paths that were searched. :issue:1661
  • PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
  • Improve annotations for methods returning copies. :pr:1880
  • urlize does not add mailto: to values like @a@b. :pr:1870
  • Tests decorated with @pass_context`` can be used with the ``|select`` filter. :issue:1624`
  • Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. :issue:1413
  • Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. :issue:1253
Commits
  • 877f6e5 release version 3.1.5
  • 8d58859 remove test pypi
  • eda8fe8 update dev dependencies
  • c8fdce1 Fix bug involving calling set on a template parameter within all branches of ...
  • 66587ce Fix bug where set would sometimes fail within if
  • fbc3a69 Add support for namespaces in tuple parsing (#1664)
  • b8f4831 more comments about nsref assignment
  • ee83219 Add support for namespaces in tuple assignment
  • 1d55cdd Triple quotes in docs (#2064)
  • 8a8eafc edit block assignment section
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

tmihalac and others added 3 commits December 19, 2024 14:44
@tmihalac
Add Owners file for OpenshiftCI
c3eea7f 
Signed-off-by: Theodor Mihalache <tmihalac@redhat.com>
@redhatHameed
Merge branch 'feast-dev:master' into master
22404df
@dependabot
chore: Bump jinja2 from 3.1.4 to 3.1.5 in /sdk/python/requirements
cc1b9ba 
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.1.4...3.1.5)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 23, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 23, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign redhathameed for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 23, 2024

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a opendatahub-io member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

tmihalac pushed a commit that referenced this pull request Jan 21, 2025
@feast-ci-bot
chore(release): release 0.43.0
5a7e6f8 
# [0.43.0](feast-dev/feast@v0.42.0...v0.43.0) (2025-01-20)

### Bug Fixes

* Add k8s module to feature-server image ([feast-dev#4839](feast-dev#4839)) ([f565565](feast-dev@f565565))
* Adding input to workflow ([e3e8c97](feast-dev@e3e8c97))
* Change image push to use --all-tags option ([feast-dev#4926](feast-dev#4926)) ([02458fd](feast-dev@02458fd))
* Fix integration build/push for images ([feast-dev#4923](feast-dev#4923)) ([695e49b](feast-dev@695e49b))
* Fix integration operator push ([feast-dev#4924](feast-dev#4924)) ([13c7267](feast-dev@13c7267))
* Fix release.yml ([feast-dev#4845](feast-dev#4845)) ([b4768a8](feast-dev@b4768a8))
* Fixing some of the warnings with the github actions ([feast-dev#4763](feast-dev#4763)) ([1119439](feast-dev@1119439))
* Improve status.applied updates & add offline pvc unit test ([feast-dev#4871](feast-dev#4871)) ([3f49517](feast-dev@3f49517))
* Made fixes to Go Operator DB persistence ([feast-dev#4830](feast-dev#4830)) ([cdc0753](feast-dev@cdc0753))
* Make transformation_service_endpoint configuration optional ([feast-dev#4880](feast-dev#4880)) ([c62377b](feast-dev@c62377b))
* Move pre-release image builds to quay.io, retire gcr.io pushes ([feast-dev#4922](feast-dev#4922)) ([40b975b](feast-dev@40b975b))
* Performance regression in /get-online-features ([feast-dev#4892](feast-dev#4892)) ([0db56a2](feast-dev@0db56a2))
* Refactor Operator to deploy all feast services to the same Deployment/Pod ([feast-dev#4863](feast-dev#4863)) ([88854dd](feast-dev@88854dd))
* Remove unnecessary google cloud steps & upgrade docker action versions ([feast-dev#4925](feast-dev#4925)) ([32aaf9a](feast-dev@32aaf9a))
* Remove verifyClient TLS offlineStore option from the Operator ([feast-dev#4847](feast-dev#4847)) ([79fa247](feast-dev@79fa247))
* Resolving syntax error while querying a feature view with column name starting with a number and BigQuery as data source ([feast-dev#4908](feast-dev#4908)) ([d3495a0](feast-dev@d3495a0))
* Updated python-helm-demo example to use MinIO instead of GS ([feast-dev#4691](feast-dev#4691)) ([31afd99](feast-dev@31afd99))

### Features

* Add date field support to spark ([feast-dev#4913](feast-dev#4913)) ([a8aeb79](feast-dev@a8aeb79))
* Add date support when converting from python to feast types ([feast-dev#4918](feast-dev#4918)) ([bd9f071](feast-dev@bd9f071))
* Add duckdb extra to multicloud release image ([feast-dev#4862](feast-dev#4862)) ([b539eba](feast-dev@b539eba))
* Add milvus package to release image & option to Operator ([feast-dev#4870](feast-dev#4870)) ([ef724b6](feast-dev@ef724b6))
* Add Milvus Vector Database Implementation ([feast-dev#4751](feast-dev#4751)) ([22c7b58](feast-dev@22c7b58))
* Add online/offline replica support ([feast-dev#4812](feast-dev#4812)) ([b97da6c](feast-dev@b97da6c))
* Added pvc accessModes support ([feast-dev#4851](feast-dev#4851)) ([a73514c](feast-dev@a73514c))
* Adding EnvFrom support for the OptionalConfigs type to the Go Operator ([feast-dev#4909](feast-dev#4909)) ([e01e510](feast-dev@e01e510))
* Adding Feature Server to components docs ([feast-dev#4868](feast-dev#4868)) ([f95e54b](feast-dev@f95e54b))
* Adding features field to retrieve_online_features to return mor… ([feast-dev#4869](feast-dev#4869)) ([7df287e](feast-dev@7df287e))
* Adding packages for Milvus Online Store ([feast-dev#4854](feast-dev#4854)) ([49171bd](feast-dev@49171bd))
* Adding vector_search parameter to fields ([feast-dev#4855](feast-dev#4855)) ([739eaa7](feast-dev@739eaa7))
* Feast Operator support log level configuration for services ([feast-dev#4808](feast-dev#4808)) ([19424bc](feast-dev@19424bc))
* Go Operator - Parsing the output to go structs ([feast-dev#4832](feast-dev#4832)) ([732865f](feast-dev@732865f))
* Implement `date_partition_column` for `SparkSource` ([feast-dev#4844](feast-dev#4844)) ([c5ffa03](feast-dev@c5ffa03))
* Loading the CA trusted store certificate into Feast to verify the public certificate. ([feast-dev#4852](feast-dev#4852)) ([132ce2a](feast-dev@132ce2a))
* Operator E2E test to validate FeatureStore custom resource using remote registry ([feast-dev#4822](feast-dev#4822)) ([d558ef7](feast-dev@d558ef7))
* Operator improvements ([feast-dev#4928](feast-dev#4928)) ([7a1f4dd](feast-dev@7a1f4dd))
* Removing the tls_verify_client flag from feast cli for offline server. ([feast-dev#4842](feast-dev#4842)) ([8320e23](feast-dev@8320e23))
* Separating the RBAC and Remote related integration tests. ([feast-dev#4905](feast-dev#4905)) ([76e1e21](feast-dev@76e1e21))
* Snyk vulnerability issues fix. ([feast-dev#4867](feast-dev#4867)) ([dbc9207](feast-dev@dbc9207)), closes [#6](feast-dev#6) [#3](feast-dev#3) [#4](feast-dev#4)
* Use ASOF JOIN in Snowflake offline store query ([feast-dev#4850](feast-dev#4850)) ([8f591a2](feast-dev@8f591a2))

### Reverts

* Revert "chore: Add Milvus to pr_integration_tests.yml" ([feast-dev#4900](feast-dev#4900)) ([07958f7](feast-dev@07958f7)), closes [feast-dev#4891](feast-dev#4891)
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Jan 21, 2025

Looks like jinja2 is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Jan 21, 2025
@dependabot dependabot bot deleted the dependabot/pip/sdk/python/requirements/jinja2-3.1.5 branch January 21, 2025 15:16
tmihalac pushed a commit that referenced this pull request Jan 21, 2025
@feast-ci-bot @tmihalac
chore(release): release 0.43.0
520cf53 
# [0.43.0](feast-dev/feast@v0.42.0...v0.43.0) (2025-01-20)

### Bug Fixes

* Add k8s module to feature-server image ([feast-dev#4839](feast-dev#4839)) ([f565565](feast-dev@f565565))
* Adding input to workflow ([e3e8c97](feast-dev@e3e8c97))
* Change image push to use --all-tags option ([feast-dev#4926](feast-dev#4926)) ([02458fd](feast-dev@02458fd))
* Fix integration build/push for images ([feast-dev#4923](feast-dev#4923)) ([695e49b](feast-dev@695e49b))
* Fix integration operator push ([feast-dev#4924](feast-dev#4924)) ([13c7267](feast-dev@13c7267))
* Fix release.yml ([feast-dev#4845](feast-dev#4845)) ([b4768a8](feast-dev@b4768a8))
* Fixing some of the warnings with the github actions ([feast-dev#4763](feast-dev#4763)) ([1119439](feast-dev@1119439))
* Improve status.applied updates & add offline pvc unit test ([feast-dev#4871](feast-dev#4871)) ([3f49517](feast-dev@3f49517))
* Made fixes to Go Operator DB persistence ([feast-dev#4830](feast-dev#4830)) ([cdc0753](feast-dev@cdc0753))
* Make transformation_service_endpoint configuration optional ([feast-dev#4880](feast-dev#4880)) ([c62377b](feast-dev@c62377b))
* Move pre-release image builds to quay.io, retire gcr.io pushes ([feast-dev#4922](feast-dev#4922)) ([40b975b](feast-dev@40b975b))
* Performance regression in /get-online-features ([feast-dev#4892](feast-dev#4892)) ([0db56a2](feast-dev@0db56a2))
* Refactor Operator to deploy all feast services to the same Deployment/Pod ([feast-dev#4863](feast-dev#4863)) ([88854dd](feast-dev@88854dd))
* Remove unnecessary google cloud steps & upgrade docker action versions ([feast-dev#4925](feast-dev#4925)) ([32aaf9a](feast-dev@32aaf9a))
* Remove verifyClient TLS offlineStore option from the Operator ([feast-dev#4847](feast-dev#4847)) ([79fa247](feast-dev@79fa247))
* Resolving syntax error while querying a feature view with column name starting with a number and BigQuery as data source ([feast-dev#4908](feast-dev#4908)) ([d3495a0](feast-dev@d3495a0))
* Updated python-helm-demo example to use MinIO instead of GS ([feast-dev#4691](feast-dev#4691)) ([31afd99](feast-dev@31afd99))

### Features

* Add date field support to spark ([feast-dev#4913](feast-dev#4913)) ([a8aeb79](feast-dev@a8aeb79))
* Add date support when converting from python to feast types ([feast-dev#4918](feast-dev#4918)) ([bd9f071](feast-dev@bd9f071))
* Add duckdb extra to multicloud release image ([feast-dev#4862](feast-dev#4862)) ([b539eba](feast-dev@b539eba))
* Add milvus package to release image & option to Operator ([feast-dev#4870](feast-dev#4870)) ([ef724b6](feast-dev@ef724b6))
* Add Milvus Vector Database Implementation ([feast-dev#4751](feast-dev#4751)) ([22c7b58](feast-dev@22c7b58))
* Add online/offline replica support ([feast-dev#4812](feast-dev#4812)) ([b97da6c](feast-dev@b97da6c))
* Added pvc accessModes support ([feast-dev#4851](feast-dev#4851)) ([a73514c](feast-dev@a73514c))
* Adding EnvFrom support for the OptionalConfigs type to the Go Operator ([feast-dev#4909](feast-dev#4909)) ([e01e510](feast-dev@e01e510))
* Adding Feature Server to components docs ([feast-dev#4868](feast-dev#4868)) ([f95e54b](feast-dev@f95e54b))
* Adding features field to retrieve_online_features to return mor… ([feast-dev#4869](feast-dev#4869)) ([7df287e](feast-dev@7df287e))
* Adding packages for Milvus Online Store ([feast-dev#4854](feast-dev#4854)) ([49171bd](feast-dev@49171bd))
* Adding vector_search parameter to fields ([feast-dev#4855](feast-dev#4855)) ([739eaa7](feast-dev@739eaa7))
* Feast Operator support log level configuration for services ([feast-dev#4808](feast-dev#4808)) ([19424bc](feast-dev@19424bc))
* Go Operator - Parsing the output to go structs ([feast-dev#4832](feast-dev#4832)) ([732865f](feast-dev@732865f))
* Implement `date_partition_column` for `SparkSource` ([feast-dev#4844](feast-dev#4844)) ([c5ffa03](feast-dev@c5ffa03))
* Loading the CA trusted store certificate into Feast to verify the public certificate. ([feast-dev#4852](feast-dev#4852)) ([132ce2a](feast-dev@132ce2a))
* Operator E2E test to validate FeatureStore custom resource using remote registry ([feast-dev#4822](feast-dev#4822)) ([d558ef7](feast-dev@d558ef7))
* Operator improvements ([feast-dev#4928](feast-dev#4928)) ([7a1f4dd](feast-dev@7a1f4dd))
* Removing the tls_verify_client flag from feast cli for offline server. ([feast-dev#4842](feast-dev#4842)) ([8320e23](feast-dev@8320e23))
* Separating the RBAC and Remote related integration tests. ([feast-dev#4905](feast-dev#4905)) ([76e1e21](feast-dev@76e1e21))
* Snyk vulnerability issues fix. ([feast-dev#4867](feast-dev#4867)) ([dbc9207](feast-dev@dbc9207)), closes [#6](feast-dev#6) [#3](feast-dev#3) [#4](feast-dev#4)
* Use ASOF JOIN in Snowflake offline store query ([feast-dev#4850](feast-dev#4850)) ([8f591a2](feast-dev@8f591a2))

### Reverts

* Revert "chore: Add Milvus to pr_integration_tests.yml" ([feast-dev#4900](feast-dev#4900)) ([07958f7](feast-dev@07958f7)), closes [feast-dev#4891](feast-dev#4891)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@redhatHameed redhatHameed Awaiting requested review from redhatHameed

@tmihalac tmihalac Awaiting requested review from tmihalac

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file needs-ok-to-test python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tmihalac @redhatHameed