Prepare release 0.55.5 (#2496)

* Prepare release 0.55.5 * Apply suggestions from code review Co-authored-by: Alex Strick van Linschoten <[email protected]> --------- Co-authored-by: Alex Strick van Linschoten <[email protected]>
zenml-io · Mar 6, 2024 · 8e13b42 · 8e13b42
1 parent 4cdbe48
commit 8e13b42
Show file tree

Hide file tree

Showing 7 changed files with 63 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -92,7 +92,7 @@
     <a href="https://github.com/zenml-io/zenml-projects">Projects Showcase</a>
     <br />
     <br />
-    🎉 Version 0.55.4 is out. Check out the release notes
+    🎉 Version 0.55.5 is out. Check out the release notes
     <a href="https://github.com/zenml-io/zenml/releases">here</a>.
     <br />
     <br />

diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
@@ -1,4 +1,38 @@
 <!-- markdown-link-check-disable -->
+# 0.55.5
+
+This patch contains a number of bug fixes and security improvements.
+
+We improved the isolation of artifact stores so that various artifacts 
+cannot be stored or accessed outside of the configured artifact store scope.
+Such unsafe operations are no longer allowed. This may have an
+impact on existing codebases if you have used unsafe file operations in the past.
+To illustrate such a side effect, let's consider a remote S3 
+artifact store is configured for the path `s3://some_bucket/some_sub_folder`. 
+and in the code you use 
+`artifact_store.open("s3://some_bucket/some_other_folder/dummy.txt","w")` 
+-> this operation is considered unsafe as it accesses the data outside the scope 
+of the artifact store. If you really need this to achieve your goals, 
+consider switching to `s3fs` or similar libraries for such cases.
+
+Also with this release, the server global configuration is no longer stored on the 
+server file system to prevent exposure of sensitive information.
+
+User entities are now uniquely constrained to prevent the creation of duplicate 
+users under certain race conditions.
+
+## What's Changed
+* Change runnerset name to ubuntu-runners by @safoinme in https://github.com/zenml-io/zenml/pull/2489
+* Allow latest `ruff` versions by @strickvl in https://github.com/zenml-io/zenml/pull/2487
+* Uniquely constrained users table by @avishniakov in https://github.com/zenml-io/zenml/pull/2483
+* Add option to add base URL for zenml server (with support for cloud) by @wjayesh in https://github.com/zenml-io/zenml/pull/2464
+* Improve Artifact Store isolation by @avishniakov in https://github.com/zenml-io/zenml/pull/2490
+* Don't write the global config to file on server by @stefannica in https://github.com/zenml-io/zenml/pull/2491
+* Add versions for DB migration testing by @strickvl in https://github.com/zenml-io/zenml/pull/2486
+
+
+**Full Changelog**: https://github.com/zenml-io/zenml/compare/0.55.4...0.55.5
+
 # 0.55.4
 
 This release brings a host of enhancements and fixes across the board, including

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "zenml"
-version = "0.55.4"
+version = "0.55.5"
 packages = [{ include = "zenml", from = "src" }]
 description = "ZenML: Write production-ready ML code."
 authors = ["ZenML GmbH <[email protected]>"]

diff --git a/src/zenml/VERSION b/src/zenml/VERSION
@@ -1 +1 @@
-0.55.4
+0.55.5
diff --git a/src/zenml/zen_server/deploy/helm/Chart.yaml b/src/zenml/zen_server/deploy/helm/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: zenml
-version: "0.55.4"
+version: "0.55.5"
 description: Open source MLOps framework for portable production ready ML pipelines
 keywords:
 - mlops

diff --git a/src/zenml/zen_server/deploy/helm/README.md b/src/zenml/zen_server/deploy/helm/README.md
@@ -20,8 +20,8 @@ ZenML is an open-source MLOps framework designed to help you create robust, main
 To install the ZenML chart directly from Amazon ECR, use the following command:
 
 ```bash
-# example command for version 0.55.4
-helm install my-zenml oci://public.ecr.aws/zenml/zenml --version 0.55.4
+# example command for version 0.55.5
+helm install my-zenml oci://public.ecr.aws/zenml/zenml --version 0.55.5
 ```
 
 Note: Ensure you have OCI support enabled in your Helm client and that you are authenticated with Amazon ECR.

diff --git a/src/zenml/zen_stores/migrations/versions/0.55.5_release.py b/src/zenml/zen_stores/migrations/versions/0.55.5_release.py
@@ -0,0 +1,23 @@
+"""Release [0.55.5].
+
+Revision ID: 0.55.5
+Revises: 72675226b2de
+Create Date: 2024-03-06 10:31:37.947486
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = "0.55.5"
+down_revision = "72675226b2de"
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    """Upgrade database schema and/or data, creating a new revision."""
+    pass
+
+
+def downgrade() -> None:
+    """Downgrade database schema and/or data back to the previous revision."""
+    pass