Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release 2.19.0 for CSM 1.6 #327

Merged
merged 10 commits into from
Jun 5, 2024
5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

## [2.19.0] - 2024-06-05
### Dependencies
mharding-hpe marked this conversation as resolved.
Show resolved Hide resolved
- Bumped `certifi` from 2022.12.7 to 2023.7.22 to resolve [SNYK-PYTHON-CERTIFI-5805047 CVE](https://security.snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047)
- Bumped `Flask` from 2.1.1 to 2.2.5 to resolve [SNYK-PYTHON-FLASK-5490129 CVE](https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129)

## [2.18.2] - 2024-05-31
### Fixed
- Instantiate S3 client in a thread-safe manner.
Expand Down
6 changes: 6 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,12 @@ COPY --from=codegen /app/lib/ /app/lib
# additional required libraries necessary for developer authored controller/database
# code.
RUN mv lib/requirements.txt lib/bos/server/requirements.txt
# The openapi-generator creates a requirements file that specifies exactly Flask==2.1.1
# However, using Flask 2.2.5 is also compatible, and resolves a CVE.
# Accordingly, we relax their requirements file.
RUN cat lib/bos/server/requirements.txt && \
sed -i 's/Flask == 2\(.*\)$/Flask >= 2\1\nFlask < 3/' lib/bos/server/requirements.txt && \
cat lib/bos/server/requirements.txt
# Then copy all src into the base image
COPY src/bos/ /app/lib/bos/
COPY constraints.txt requirements.txt /app/
Expand Down
4 changes: 2 additions & 2 deletions constraints.txt.in
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@ bos.server==0.0.1
boto3==1.26.165
botocore==1.29.165
cachetools==5.3.3
certifi==2022.12.7
certifi==2023.7.22
charset-normalizer==3.1.0
click==8.1.7
clickclick==20.10.2
connexion==2.14.2
etcd3==0.12.0
Flask==2.1.1
Flask==2.2.5
google-auth==2.16.3
grpcio==1.51.3
idna==3.4
Expand Down
Loading