3420 storyboard for nodestable #3516
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…into 3420-storyboard-for-nodestable
In order to smooth the migration from an embedded IPFS node to a self-hosted IPFS node, we will deprecate the flags used for the internal node, rather than removing the functionality in one release. This will allow for the functionality to be removed over two or more minor version releases. The Definition type has two new fields, a boolean Deprecated field and a string DeprecatedMessage field. if the former is set then we mark the flag as deprecated and show the second field.
Currently the inprogress index is just the ID of the job that is inprogress. This PR switches the inprogress index to a composite key containing both the ID and the Type of the job. This allows for filtering of active jobs of a certain type without having to serde each entire job referenced in the index. We may at a future date want to introduce CompositeIndex type alongside the current Index type.
Currently we try to reference the `ExportedFunction` which is documented as returning nil when the name is not found. Instead it returns a non-nil object with an inner nil field which will cause a panic when `Call`-ed. This commit instead looks up the function before referencing it to ensure it exists, returning an error early if not. This allows us to remove the call to recover which was handling the panic() for us. Fixes #3753
This PR implements the structure proposed in [Improve Error Reporting](https://www.notion.so/expanso/Improve-Error-Reporting-c19f5516822b47de980d76ff43ff4bbe) as a first step towards providing richer progress reporting during job execution. The "tl;dr;" is that we will move to using an event stream for reporting progress on jobs. The event stream will help users understand the progress of their job and give them extra context about any failures that occur. This will allow us to show a richer view in the UI, e.g. the user will be able to see "downloading Docker image" instead of just "job running". To achieve this vision, we need to build this infrastructure for generating events, recording them in the job history, and displaying them (done), replace the orchestrator/compute callbacks mechanism (later PR), and then give lower level components the ability to push events (later PR). This PR also includes some facility for structured error reporting. This allows low-level components to throw structured errors that provide a richer event than the ones generated automatically. This is used in e.g. the ErrNotEnoughNodes case and docker ImageUnavailable case so far. This gives us the ability to output hints as part of our messages back to the user:  The output of `describe` now shows a split history between the overall job and its executions: ``` % ./bin/darwin/arm64/bacalhau job describe j-66081fef-8dd2-48de-9997-bbe23a62f0be ID = j-66081fef-8dd2-48de-9997-bbe23a62f0be Name = Docker Job Namespace = default Type = batch State = Completed Count = 1 Created Time = 2024-04-10 06:56:26 Modified Time = 2024-04-10 06:56:29 Version = 0 Summary Completed = 1 Job History TIME REV. STATE TOPIC EVENT DETAILS 0s 1 Pending Submission Job submitted 2.618376s 2 Running 2.840423s 3 Completed Executions ID NODE ID STATE DESIRED REV. CREATED MODIFIED COMMENT e-5886e01f n-ffc3e455 Completed Stopped 6 8s ago 5s ago Accepted job Execution e-5886e01f History TIME REV. STATE TOPIC EVENT DETAILS 0s 1 New 8.165ms 2 AskForBid 2.569966s 3 AskForBidAccepted Requesting node Accepted job FailsExecution: false IsError: false Retryable: false 2.590902s 4 AskForBidAccepted 2.613668s 5 BidAccepted 2.803923s 6 Completed Standard Output 15 ``` Resolves bacalhau-project/expanso-planning#693. Resolves bacalhau-project/expanso-planning#694. ### TODO in this PR - [x] Add more documentation - [x] Sort execution histories by time DESC so that most relevant execution is first - [x] Do some more examples of using structured errors from compute node components --------- Co-authored-by: Ross Jones <[email protected]> Co-authored-by: Walid Baruni <[email protected]>
- fixes #3783 - Introduces NodeState type used to track NodeInfo, Connection, and Membershio. Removes the idea of Connection and Membership from data sent by compute nodes to the Requester(s) since compute nodes should not influence their Connection state or mmembership. Those are values related to the Requesters view of the network. --------- Co-authored-by: frrist <[email protected]>
Add a template for when users open a new issue
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to 0.23.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/c48da131589f122489348be5dfbcb6457640046f"><code>c48da13</code></a> http2: fix TestServerContinuationFlood flakes</li> <li><a href="https://github.com/golang/net/commit/762b58d1cf6e0779780decad89c6c1523386638d"><code>762b58d</code></a> http2: fix tipos in comment</li> <li><a href="https://github.com/golang/net/commit/ba872109ef2dc8f1da778651bd1fd3792d0e4587"><code>ba87210</code></a> http2: close connections when receiving too many headers</li> <li><a href="https://github.com/golang/net/commit/ebc8168ac8ac742194df729305175940790c55a2"><code>ebc8168</code></a> all: fix some typos</li> <li><a href="https://github.com/golang/net/commit/3678185f8a652e52864c44049a9ea96b7bcc066a"><code>3678185</code></a> http2: make TestCanonicalHeaderCacheGrowth faster</li> <li><a href="https://github.com/golang/net/commit/448c44f9287b6745f958d74aa2a17ec7761c2f13"><code>448c44f</code></a> http2: remove clientTester</li> <li><a href="https://github.com/golang/net/commit/c7877ac4213b2f859831366f5a35b353e0dc9f66"><code>c7877ac</code></a> http2: convert the remaining clientTester tests to testClientConn</li> <li><a href="https://github.com/golang/net/commit/d8870b0bf2f2426fc8d19a9332f652da5c25418f"><code>d8870b0</code></a> http2: use synthetic time in TestIdleConnTimeout</li> <li><a href="https://github.com/golang/net/commit/d73acffdc9493532acb85777105bb4a351eea702"><code>d73acff</code></a> http2: only set up deadline when Server.IdleTimeout is positive</li> <li><a href="https://github.com/golang/net/commit/89f602b7bbf237abe0467031a18b42fc742ced08"><code>89f602b</code></a> http2: validate client/outgoing trailers</li> <li>Additional commits viewable in <a href="https://github.com/golang/net/compare/v0.21.0...v0.23.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
…#3808) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to 0.23.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/c48da131589f122489348be5dfbcb6457640046f"><code>c48da13</code></a> http2: fix TestServerContinuationFlood flakes</li> <li><a href="https://github.com/golang/net/commit/762b58d1cf6e0779780decad89c6c1523386638d"><code>762b58d</code></a> http2: fix tipos in comment</li> <li><a href="https://github.com/golang/net/commit/ba872109ef2dc8f1da778651bd1fd3792d0e4587"><code>ba87210</code></a> http2: close connections when receiving too many headers</li> <li><a href="https://github.com/golang/net/commit/ebc8168ac8ac742194df729305175940790c55a2"><code>ebc8168</code></a> all: fix some typos</li> <li><a href="https://github.com/golang/net/commit/3678185f8a652e52864c44049a9ea96b7bcc066a"><code>3678185</code></a> http2: make TestCanonicalHeaderCacheGrowth faster</li> <li><a href="https://github.com/golang/net/commit/448c44f9287b6745f958d74aa2a17ec7761c2f13"><code>448c44f</code></a> http2: remove clientTester</li> <li><a href="https://github.com/golang/net/commit/c7877ac4213b2f859831366f5a35b353e0dc9f66"><code>c7877ac</code></a> http2: convert the remaining clientTester tests to testClientConn</li> <li><a href="https://github.com/golang/net/commit/d8870b0bf2f2426fc8d19a9332f652da5c25418f"><code>d8870b0</code></a> http2: use synthetic time in TestIdleConnTimeout</li> <li><a href="https://github.com/golang/net/commit/d73acffdc9493532acb85777105bb4a351eea702"><code>d73acff</code></a> http2: only set up deadline when Server.IdleTimeout is positive</li> <li><a href="https://github.com/golang/net/commit/89f602b7bbf237abe0467031a18b42fc742ced08"><code>89f602b</code></a> http2: validate client/outgoing trailers</li> <li>Additional commits viewable in <a href="https://github.com/golang/net/compare/v0.21.0...v0.23.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
Bumps [idna](https://github.com/kjd/idna) from 3.3 to 3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p> <blockquote> <h2>v3.7</h2> <h2>What's Changed</h2> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p> <blockquote> <p>3.7 (2024-04-11) ++++++++++++++++</p> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> <p>3.6 (2023-11-25) ++++++++++++++++</p> <ul> <li>Fix regression to include tests in source distribution.</li> </ul> <p>3.5 (2023-11-24) ++++++++++++++++</p> <ul> <li>Update to Unicode 15.1.0</li> <li>String codec name is now "idna2008" as overriding the system codec "idna" was not working.</li> <li>Fix typing error for codec encoding</li> <li>"setup.cfg" has been added for this release due to some downstream lack of adherence to PEP 517. Should be removed in a future release so please prepare accordingly.</li> <li>Removed reliance on a symlink for the "idna-data" tool to comport with PEP 517 and the Python Packaging User Guide for sdist archives.</li> <li>Added security reporting protocol for project</li> </ul> <p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions to this release.</p> <p>3.4 (2022-09-14) ++++++++++++++++</p> <ul> <li>Update to Unicode 15.0.0</li> <li>Migrate to pyproject.toml for build information (PEP 621)</li> <li>Correct another instance where generic exception was raised instead of IDNAError for malformed input</li> <li>Source distribution uses zeroized file ownership for improved reproducibility</li> </ul> <p>Thanks to Seth Michael Larson for contributions to this release.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li> <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li> <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li> <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li> <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li> <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li> <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li> <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li> <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li> <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li> <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v3.3...v3.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p> <blockquote> <h2>v3.7</h2> <h2>What's Changed</h2> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p> <blockquote> <p>3.7 (2024-04-11) ++++++++++++++++</p> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li> <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li> <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li> <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li> <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li> <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li> <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li> <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li> <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li> <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li> <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p> <blockquote> <h2>v3.7</h2> <h2>What's Changed</h2> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p> <blockquote> <p>3.7 (2024-04-11) ++++++++++++++++</p> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a> Release v3.7</li> <li><a href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li> <li><a href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li> <li><a href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li> <li><a href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li> <li><a href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li> <li><a href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a> Update Github actions/checkout to v4</li> <li><a href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a> Merge branch 'master' into dev</li> <li><a href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li> <li><a href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a> Merge branch 'master' into dev</li> <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
Bumps [sqlparse](https://github.com/andialbrecht/sqlparse) from 0.4.4 to 0.5.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG">sqlparse's changelog</a>.</em></p> <blockquote> <h2>Release 0.5.0 (Apr 13, 2024)</h2> <p>Notable Changes</p> <ul> <li>Drop support for Python 3.5, 3.6, and 3.7.</li> <li>Python 3.12 is now supported (pr725, by hugovk).</li> <li>IMPORTANT: Fixes a potential denial of service attack (DOS) due to recursion error for deeply nested statements. Instead of recursion error a generic SQLParseError is raised. See the security advisory for details: <a href="https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg">https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg</a> The vulnerability was discovered by <a href="https://github.com/uriyay-jfrog"><code>@uriyay-jfrog</code></a>. Thanks for reporting!</li> </ul> <p>Enhancements:</p> <ul> <li>Splitting statements now allows to remove the semicolon at the end. Some database backends love statements without semicolon (issue742).</li> <li>Support TypedLiterals in get_parameters (pr649, by Khrol).</li> <li>Improve splitting of Transact SQL when using GO keyword (issue762).</li> <li>Support for some JSON operators (issue682).</li> <li>Improve formatting of statements containing JSON operators (issue542).</li> <li>Support for BigQuery and Snowflake keywords (pr699, by griffatrasgo).</li> <li>Support parsing of OVER clause (issue701, pr768 by r33s3n6).</li> </ul> <p>Bug Fixes</p> <ul> <li>Ignore dunder attributes when creating Tokens (issue672).</li> <li>Allow operators to precede dollar-quoted strings (issue763).</li> <li>Fix parsing of nested order clauses (issue745, pr746 by john-bodley).</li> <li>Thread-safe initialization of Lexer class (issue730).</li> <li>Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords (based on pr719 by josuc1, thanks for bringing this up!).</li> <li>Fix parsing of PRIMARY KEY (issue740).</li> </ul> <p>Other</p> <ul> <li>Optimize performance of matching function (pr799, by admachainz).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/andialbrecht/sqlparse/commit/ddbd0ec3592545c914fe71e47118c04582d8bfb0"><code>ddbd0ec</code></a> Bump version.</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/29f2e0a6609ddc1fa248faef1bc41616043c544e"><code>29f2e0a</code></a> Raise recursion limit for tests.</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03"><code>b4a39d9</code></a> Raise SQLParseError instead of RecursionError.</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/f1bcf2f8a7ddf6854c99990c56ff5394f4981d58"><code>f1bcf2f</code></a> Update AUHTORS and Changelog.</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/e03b74e608b71dd06824c2cb42421c0d790248e3"><code>e03b74e</code></a> Fix Function.get_parameters(), add Funtion.get_window()</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/617b8f6cd3c55bacf2c80130901508518753f7e1"><code>617b8f6</code></a> Add OVER clause, and group it into Function (fixes <a href="https://redirect.github.com/andialbrecht/sqlparse/issues/701">#701</a>)</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/d8f81471cfc2c39ac43128e2a0c8cc67c313cc40"><code>d8f8147</code></a> Update AUHTORS and Changelog.</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/012c9f10c8ddfa47ccf17ead28122492155cf6fc"><code>012c9f1</code></a> Optimize sqlparse.utils.imt().</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/46971e5a804b29e7dbd437155a8ceffab8ef1cd5"><code>46971e5</code></a> Fix parsing of PRIMARY KEY (fixes <a href="https://redirect.github.com/andialbrecht/sqlparse/issues/740">#740</a>).</li> <li><a href="https://github.com/andialbrecht/sqlparse/commit/fc4b0beab89c5598d556572cb6db0165affb017b"><code>fc4b0be</code></a> Code cleanup.</li> <li>Additional commits viewable in <a href="https://github.com/andialbrecht/sqlparse/compare/0.4.4...0.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 21.2.0 to 22.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benoitc/gunicorn/releases">gunicorn's releases</a>.</em></p> <blockquote> <h2>Gunicorn 22.0 has been released</h2> <p><strong>Gunicorn 22.0.0 has been released.</strong> This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.</p> <p>Changes:</p> <pre><code>22.0.0 - 2024-04-17 =================== <ul> <li>use <code>utime</code> to notify workers liveness</li> <li>migrate setup to pyproject.toml</li> <li>fix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)</li> <li>parsing additional requests is no longer attempted past unsupported request framing</li> <li>on HTTP versions < 1.1 support for chunked transfer is refused (only used in exploits)</li> <li>requests conflicting configured or passed SCRIPT_NAME now produce a verbose error</li> <li>Trailer fields are no longer inspected for headers indicating secure scheme</li> <li>support Python 3.12</li> </ul> <p>** Breaking changes **</p> <ul> <li>minimum version is Python 3.7</li> <li>the limitations on valid characters in the HTTP method have been bounded to Internet Standards</li> <li>requests specifying unsupported transfer coding (order) are refused by default (rare)</li> <li>HTTP methods are no longer casefolded by default (IANA method registry contains none affected)</li> <li>HTTP methods containing the number sign (#) are no longer accepted by default (rare)</li> <li>HTTP versions < 1.0 or >= 2.0 are no longer accepted by default (rare, only HTTP/1.1 is supported)</li> <li>HTTP versions consisting of multiple digits or containing a prefix/suffix are no longer accepted</li> <li>HTTP header field names Gunicorn cannot safely map to variables are silently dropped, as in other software</li> <li>HTTP headers with empty field name are refused by default (no legitimate use cases, used in exploits)</li> <li>requests with both Transfer-Encoding and Content-Length are refused by default (such a message might indicate an attempt to perform request smuggling)</li> <li>empty transfer codings are no longer permitted (reportedly seen with really old & broken proxies)</li> </ul> <p>** SECURITY **</p> <ul> <li>fix CVE-2024-1135 </code></pre></li> </ul> <ol> <li>Documentation is available there: <a href="https://docs.gunicorn.org/en/stable/news.html">https://docs.gunicorn.org/en/stable/news.html</a></li> <li>Packages: <a href="https://pypi.org/project/gunicorn/">https://pypi.org/project/gunicorn/</a></li> </ol> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/benoitc/gunicorn/commit/f63d59e4d73a8ee28748d2c700fb81c8780bc419"><code>f63d59e</code></a> bump to 22.0</li> <li><a href="https://github.com/benoitc/gunicorn/commit/4ac81e0a1037ba5b570323be7430e09caa233e38"><code>4ac81e0</code></a> Merge pull request <a href="https://redirect.github.com/benoitc/gunicorn/issues/3175">#3175</a> from e-kwsm/typo</li> <li><a href="https://github.com/benoitc/gunicorn/commit/401cecfaed85d79236c7a9a1f7d8946b01c466fc"><code>401cecf</code></a> Merge pull request <a href="https://redirect.github.com/benoitc/gunicorn/issues/3179">#3179</a> from dhdaines/exclude-eventlet-0360</li> <li><a href="https://github.com/benoitc/gunicorn/commit/0243ec39ef4fc1b479ff4e1659e165f0b980b571"><code>0243ec3</code></a> fix(deps): exclude eventlet 0.36.0</li> <li><a href="https://github.com/benoitc/gunicorn/commit/628a0bcb61ef3a211d67dfd68ad1ba161cccb3b8"><code>628a0bc</code></a> chore: fix typos</li> <li><a href="https://github.com/benoitc/gunicorn/commit/88fc4a43152039c28096c8ba3eeadb3fbaa4aff9"><code>88fc4a4</code></a> Merge pull request <a href="https://redirect.github.com/benoitc/gunicorn/issues/3131">#3131</a> from pajod/patch-py12-rebased</li> <li><a href="https://github.com/benoitc/gunicorn/commit/deae2fc4c5f93bfce59be5363055d4cd4ab1b0b6"><code>deae2fc</code></a> CI: back off the agressive timeout</li> <li><a href="https://github.com/benoitc/gunicorn/commit/f4703824c323fe6867dce0e2f11013b8de319353"><code>f470382</code></a> docs: promise 3.12 compat</li> <li><a href="https://github.com/benoitc/gunicorn/commit/5e30bfa6b1a3e1f2bde7feb514d1734d28f39231"><code>5e30bfa</code></a> add changelog to project.urls (updated for PEP621)</li> <li><a href="https://github.com/benoitc/gunicorn/commit/481c3f9522edc58806a3efc5b49be4f202cc7700"><code>481c3f9</code></a> remove setup.cfg - overridden by pyproject.toml</li> <li>Additional commits viewable in <a href="https://github.com/benoitc/gunicorn/compare/21.2.0...22.0.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.3 to 3.9.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.9.4</h2> <h2>Bug fixes</h2> <ul> <li> <p>The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:<code>webknjaz</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8089">#8089</a>.</p> </li> <li> <p>Treated values of <code>Accept-Encoding</code> header as case-insensitive when checking for gzip files -- by :user:<code>steverep</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8104">#8104</a>.</p> </li> <li> <p>Improved the DNS resolution performance on cache hit -- by :user:<code>bdraco</code>.</p> <p>This is achieved by avoiding an :mod:<code>asyncio</code> task creation in this case.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8163">#8163</a>.</p> </li> <li> <p>Changed the type annotations to allow <code>dict</code> on :meth:<code>aiohttp.MultipartWriter.append</code>, :meth:<code>aiohttp.MultipartWriter.append_json</code> and :meth:<code>aiohttp.MultipartWriter.append_form</code> -- by :user:<code>cakemanny</code></p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7741">#7741</a>.</p> </li> <li> <p>Ensure websocket transport is closed when client does not close it -- by :user:<code>bdraco</code>.</p> <p>The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.9.4 (2024-04-11)</h1> <h2>Bug fixes</h2> <ul> <li> <p>The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:<code>webknjaz</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8089</code>.</p> </li> <li> <p>Treated values of <code>Accept-Encoding</code> header as case-insensitive when checking for gzip files -- by :user:<code>steverep</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8104</code>.</p> </li> <li> <p>Improved the DNS resolution performance on cache hit -- by :user:<code>bdraco</code>.</p> <p>This is achieved by avoiding an :mod:<code>asyncio</code> task creation in this case.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8163</code>.</p> </li> <li> <p>Changed the type annotations to allow <code>dict</code> on :meth:<code>aiohttp.MultipartWriter.append</code>, :meth:<code>aiohttp.MultipartWriter.append_json</code> and :meth:<code>aiohttp.MultipartWriter.append_form</code> -- by :user:<code>cakemanny</code></p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>7741</code>.</p> </li> <li> <p>Ensure websocket transport is closed when client does not close it -- by :user:<code>bdraco</code>.</p> <p>The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aio-libs/aiohttp/commit/b3397c7ac44fc80206d28f1dd0d1f3b10c4ec572"><code>b3397c7</code></a> Release v3.9.4 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8201">#8201</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/a7e240a9f625a0b9559bdf5f0049c71565352400"><code>a7e240a</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8320">#8320</a>/9ba9a4e5 backport][3.9] Fix Python parser to mark responses without...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/28335525d1eac015a7e7584137678cbb6ff19397"><code>2833552</code></a> Escape filenames and paths in HTML when generating index pages (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8317">#8317</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8319">#8319</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/ed43040613988fc4666109aca82a5180ff165df5"><code>ed43040</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8309">#8309</a>/c29945a1 backport][3.9] Improve reliability of run_app test (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8315">#8315</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/ec2be0500e2674eea019c0966a7a905e9b3d6608"><code>ec2be05</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8299">#8299</a>/28d026eb backport][3.9] Create marker for internal tests (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8307">#8307</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/292d961f4ee2829a1b13fad92444a4fd693fbc87"><code>292d961</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8304">#8304</a>/88c80c14 backport][3.9] Check for backports in CI (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8305">#8305</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/cebe526b9c34dc3a3da9140409db63014bc4cf19"><code>cebe526</code></a> Fix handling of multipart/form-data (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8280">#8280</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8302">#8302</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/270ae9cf6a9e6159b5e29a950deb6ff7600aebc5"><code>270ae9c</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8297">#8297</a>/d15f07cf backport][3.9] Upgrade to llhttp 9.2.1 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8292">#8292</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8298">#8298</a>)</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/bb231059b14277c34a8a0331e51406d5abe4f424"><code>bb23105</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8283">#8283</a>/54e13b0a backport][3.9] Fix blocking I/O in the event loop while pr...</li> <li><a href="https://github.com/aio-libs/aiohttp/commit/3f79241bcbc02c9850348fc04c064fcbc980e8f0"><code>3f79241</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8286">#8286</a>/28f1fd88 backport][3.9] docs: remove repetitive word in comment (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8">#8</a>...</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.9.3...v3.9.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
Bumps [apache-airflow](https://github.com/apache/airflow) from 2.8.1 to 2.9.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/airflow/releases">apache-airflow's releases</a>.</em></p> <blockquote> <h2>Apache Airflow 2.9.0</h2> <h2>Significant Changes</h2> <h2>Following Listener API methods are considered stable and can be used for production system (were experimental feature in older Airflow versions) (<a href="https://redirect.github.com/apache/airflow/issues/36376">#36376</a>):</h2> <p>Lifecycle events:</p> <ul> <li><code>on_starting</code></li> <li><code>before_stopping</code></li> </ul> <p>DagRun State Change Events:</p> <ul> <li><code>on_dag_run_running</code></li> <li><code>on_dag_run_success</code></li> <li><code>on_dag_run_failed</code></li> </ul> <p>TaskInstance State Change Events:</p> <ul> <li><code>on_task_instance_running</code></li> <li><code>on_task_instance_success</code></li> <li><code>on_task_instance_failed</code></li> </ul> <h2>Support for Microsoft SQL-Server for Airflow Meta Database has been removed (<a href="https://redirect.github.com/apache/airflow/issues/36514">#36514</a>)</h2> <p>After <code>discussion <https://lists.apache.org/thread/r06j306hldg03g2my1pd4nyjxg78b3h4></code>__ and a <code>voting process <https://lists.apache.org/thread/pgcgmhf6560k8jbsmz8nlyoxosvltph2></code>__, the Airflow's PMC and Committers have reached a resolution to no longer maintain MsSQL as a supported Database Backend.</p> <p>As of Airflow 2.9.0 support of MsSQL has been removed for Airflow Database Backend.</p> <p>A migration script which can help migrating the database <em>before</em> upgrading to Airflow 2.9.0 is available in <code>airflow-mssql-migration repo on Github <https://github.com/apache/airflow-mssql-migration></code>_. Note that the migration script is provided without support and warranty.</p> <p>This does not affect the existing provider packages (operators and hooks), DAGs can still access and process data from MsSQL.</p> <h2>Dataset URIs are now validated on input (<a href="https://redirect.github.com/apache/airflow/issues/37005">#37005</a>)</h2> <p>Datasets must use a URI that conform to rules laid down in AIP-60, and the value will be automatically normalized when the DAG file is parsed. See <code>documentation on Datasets <https://airflow.apache.org/docs/apache-airflow/stable/authoring-and-scheduling/datasets.html></code>_ for a more detailed description on the rules.</p> <p>You may need to change your Dataset identifiers if they look like a URI, but are used in a less mainstream way, such as relying on the URI's auth section, or have a case-sensitive protocol name.</p> <h2>The method <code>get_permitted_menu_items</code> in <code>BaseAuthManager</code> has been renamed <code>filter_permitted_menu_items</code> (<a href="https://redirect.github.com/apache/airflow/issues/37627">#37627</a>)</h2> <h2>Add REST API actions to Audit Log events (<a href="https://redirect.github.com/apache/airflow/issues/37734">#37734</a>)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/apache/airflow/blob/main/RELEASE_NOTES.rst">apache-airflow's changelog</a>.</em></p> <blockquote> <h2>Airflow 2.9.0 (2024-04-08)</h2> <p>Significant Changes ^^^^^^^^^^^^^^^^^^^</p> <p>Following Listener API methods are considered stable and can be used for production system (were experimental feature in older Airflow versions) (<a href="https://redirect.github.com/apache/airflow/issues/36376">#36376</a>): """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" Lifecycle events:</p> <ul> <li><code>on_starting</code></li> <li><code>before_stopping</code></li> </ul> <p>DagRun State Change Events:</p> <ul> <li><code>on_dag_run_running</code></li> <li><code>on_dag_run_success</code></li> <li><code>on_dag_run_failed</code></li> </ul> <p>TaskInstance State Change Events:</p> <ul> <li><code>on_task_instance_running</code></li> <li><code>on_task_instance_success</code></li> <li><code>on_task_instance_failed</code></li> </ul> <p>Support for Microsoft SQL-Server for Airflow Meta Database has been removed (<a href="https://redirect.github.com/apache/airflow/issues/36514">#36514</a>) """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""</p> <p>After <code>discussion <https://lists.apache.org/thread/r06j306hldg03g2my1pd4nyjxg78b3h4></code>__ and a <code>voting process <https://lists.apache.org/thread/pgcgmhf6560k8jbsmz8nlyoxosvltph2></code>__, the Airflow's PMC and Committers have reached a resolution to no longer maintain MsSQL as a supported Database Backend.</p> <p>As of Airflow 2.9.0 support of MsSQL has been removed for Airflow Database Backend.</p> <p>A migration script which can help migrating the database <em>before</em> upgrading to Airflow 2.9.0 is available in <code>airflow-mssql-migration repo on Github <https://github.com/apache/airflow-mssql-migration></code>_. Note that the migration script is provided without support and warranty.</p> <p>This does not affect the existing provider packages (operators and hooks), DAGs can still access and process data from MsSQL.</p> <p>Dataset URIs are now validated on input (<a href="https://redirect.github.com/apache/airflow/issues/37005">#37005</a>) """"""""""""""""""""""""""""""""""""""""""""""""</p> <p>Datasets must use a URI that conform to rules laid down in AIP-60, and the value will be automatically normalized when the DAG file is parsed. See <code>documentation on Datasets <https://airflow.apache.org/docs/apache-airflow/stable/authoring-and-scheduling/datasets.html></code>_ for a more detailed description on the rules.</p> <p>You may need to change your Dataset identifiers if they look like a URI, but are used in a less mainstream way, such as relying on the URI's auth section, or</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/airflow/commit/50f22ffe9150e93f7fc08a9dc8a48880daad374b"><code>50f22ff</code></a> fixup! fixup! Update RELEASE_NOTES.rst</li> <li><a href="https://github.com/apache/airflow/commit/3a9391c3a1cf7597dd85cad28cf1738d634df391"><code>3a9391c</code></a> Update hatchling to latest version (1.22.5) (<a href="https://redirect.github.com/apache/airflow/issues/38780">#38780</a>)</li> <li><a href="https://github.com/apache/airflow/commit/35684a82a430e459362aab5bcdd79480cbb25ddd"><code>35684a8</code></a> Rename pre-commit scripts, drop pre_commit_ prefix (<a href="https://redirect.github.com/apache/airflow/issues/38667">#38667</a>)</li> <li><a href="https://github.com/apache/airflow/commit/b38575a5a445ea36fb8fdb1c6fd75ffe7543ad56"><code>b38575a</code></a> fixup! Update RELEASE_NOTES.rst</li> <li><a href="https://github.com/apache/airflow/commit/a3eb5f73d617b7482fdcc81a888e3599f1f63d75"><code>a3eb5f7</code></a> Load providers configuration when gunicorn workers start (<a href="https://redirect.github.com/apache/airflow/issues/38795">#38795</a>)</li> <li><a href="https://github.com/apache/airflow/commit/920921ee39736c96e9cf7c544657ca75c7a6365a"><code>920921e</code></a> Update RELEASE_NOTES.rst</li> <li><a href="https://github.com/apache/airflow/commit/cbe61bc0cc028efe2657db1841b9371230eaa7e5"><code>cbe61bc</code></a> Fix decryption of trigger kwargs when downgrading. (<a href="https://redirect.github.com/apache/airflow/issues/38743">#38743</a>)</li> <li><a href="https://github.com/apache/airflow/commit/1fdfaf329fbde7660257eb35bb7b181e7ab6b6a0"><code>1fdfaf3</code></a> Edited timetable docs (<a href="https://redirect.github.com/apache/airflow/issues/38505">#38505</a>)</li> <li><a href="https://github.com/apache/airflow/commit/0518ebab6891efee39dae4b89e4a70e0c7345c1b"><code>0518eba</code></a> Fix grid header rendering (<a href="https://redirect.github.com/apache/airflow/issues/38720">#38720</a>)</li> <li><a href="https://github.com/apache/airflow/commit/0961e4290cffc1fa61517a51c68307459c7aaec4"><code>0961e42</code></a> Reorder OpenAPI Spec tags alphabetically (<a href="https://redirect.github.com/apache/airflow/issues/38717">#38717</a>)</li> <li>Additional commits viewable in <a href="https://github.com/apache/airflow/compare/2.8.1...2.9.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bacalhau-project/bacalhau/network/alerts). </details> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Aronchick <[email protected]>
…ard-for-nodestable
frrist
approved these changes
May 8, 2024
|
@aronchick is this still useful? |
|
Will need complete rework I'm sure - put it into draft? |
auto-merge was automatically disabled
June 27, 2024 14:25
Pull request was converted to draft
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Allowing rendering of jobs table via storybook
Lots of package.json clean up in order to make this work.