Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

python updates and security fixes #136

Merged
merged 17 commits into from
Jul 22, 2024
Merged

python updates and security fixes #136

merged 17 commits into from
Jul 22, 2024

Conversation

fmigneault
Copy link
Contributor

@fmigneault fmigneault commented Jul 19, 2024
edited
Loading

@fmigneault fmigneault self-assigned this Jul 19, 2024
@codecov-commenter
Copy link

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.73%. Comparing base (aca67f1) to head (e862325).

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #136      +/-   ##
==========================================
- Coverage   76.75%   76.73%   -0.03%     
==========================================
  Files          41       41              
  Lines        1833     1831       -2     
==========================================
- Hits         1407     1405       -2     
  Misses        426      426

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@fmigneault fmigneault merged commit 4efafea into master Jul 22, 2024
21 checks passed
@fmigneault fmigneault deleted the updates branch July 22, 2024 14:05
fmigneault added a commit to Ouranosinc/Magpie that referenced this pull request Jul 23, 2024
@fmigneault
pin twitcher>=0.10.0 for same security fixes as magpie (relates to bi…
e67771b 
…rd-house/twitcher#136)
This was referenced Jul 23, 2024
Merged
Merged
fmigneault added a commit to bird-house/birdhouse-deploy that referenced this pull request Sep 11, 2024
@fmigneault
update Magpie==4.1.1 and Twitcher==0.10.0 (#466)
9c72537 
## Overview
Security updates.

## Changes

**Non-breaking changes**
- Magpie/Twitcher: update Python packages and base Docker image to address security vulnerabilities 

  - [Magpie 4.1.1](https://github.com/Ouranosinc/Magpie/blob/master/CHANGES.rst#411-2024-07-23)     (relates to [Ouranosinc/Magpie#622](Ouranosinc/Magpie#622)).
  - [Twitcher 0.10.0](https://github.com/bird-house/twitcher/blob/master/CHANGES.rst#0100-2024-07-22)     (relates to [bird-house/twitcher#136](bird-house/twitcher#136)).

**Breaking changes**
- n/a

## Related Issue / Discussion

PRs that are an agglomeration of vulnerability fixes flagged by Snyk.

- Ouranosinc/Magpie#622
- bird-house/twitcher#136

## Additional Information

- The change from Magpie 3.x to 4.x is caused by the drop of Python 3.5 to 3.7, and the addition of 3.12 some time ago. Major version was used only to highlight this change in case older versions were still employed by some instances. From a technical aspect in birdhouse-deploy, Magpie with Python 3.11 was already in use for a while (see https://github.com/Ouranosinc/Magpie/blob/3.38.0/Dockerfile#L1). Only minor package dependency differences are actually expected.

## CI Operations

birdhouse_daccs_configs_branch: master
birdhouse_skip_ci: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cehbrecht cehbrecht cehbrecht approved these changes

@huard huard Awaiting requested review from huard

@Zeitsperre Zeitsperre Awaiting requested review from Zeitsperre

@tlvu tlvu Awaiting requested review from tlvu

Assignees

@fmigneault fmigneault

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fmigneault @codecov-commenter @cehbrecht