Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the gaudi-openshift group across 1 directory with 7 updates #526

Closed
wants to merge 1 commit into from
Closed

Bump the gaudi-openshift group across 1 directory with 7 updates #526

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2024
edited
Loading

Updates the requirements on codeflare-sdk, pyodbc, odh-elyra, jupyterlab, jupyterlab-git, wheel and aiohttp to permit the latest version.
Updates codeflare-sdk to 0.23.1

Release notes

Sourced from codeflare-sdk's releases.

v0.23.1

What's Changed

Full Changelog: project-codeflare/codeflare-sdk@v0.22.0...v0.23.1

Commits
  • eb5ce8d Updated coverage.svg
  • 6ec44c5 test: update unit tests after refactor
  • d1f63c3 refactor: creation of ray cluster/appwrapper
  • 63ee4ae ci: add autogenerated rst files to .gitignore
  • ac1a1dc docs: enhance common module code documentation
  • 1f026b8 Bump rich from 12.6.0 to 13.9.4
  • a5a229c Add new snapshots for UI tests and documentation
  • 20b08b9 Add refresh button bug fixes and test case to UI e2e test
  • e0d5fe8 Add refresh button to widgets UI
  • ec72303 Bump @​jupyterlab/galata from 5.2.5 to 5.3.0 in /ui-tests
  • Additional commits viewable in compare view

Updates pyodbc to 5.2.0

Commits

Updates odh-elyra to 4.2.0

Release notes

Sourced from odh-elyra's releases.

v4.2.0

What's Changed

Other

Full Changelog: opendatahub-io/elyra@v4.1.1...v4.2.0

Commits
  • 288cc95 Merge pull request #82 from paulovmr/RHOAIENG-15020-2-v4.2.x
  • 60c11a1 RHOAIENG-15020: Add a dry mode option to the Release workflow - Without reusa...
  • 25eb1ad [create-pull-request] automated change (#80)
  • 51a2e49 RHOAIENG-15020: Add a dry mode option to the Release workflow (#79)
  • 4a9679c RHOAIENG-545: [Elyra] Selected Runtime Image from Pipeline property field doe...
  • a358d9e Build a notebook-based image with the current Elyra code (#78)
  • aa27131 Standardize file selection on pipeline editor (#76)
  • c2f6923 Merge pull request #75 from paulovmr/RHOAIENG-13688-2-main
  • 269fa69 RHOAIENG-13688: Infinite loading after renaming a new txt file to pipeline ex...
  • 26d66a9 Update the root package.json on the automated script (#71)
  • Additional commits viewable in compare view

Updates jupyterlab to 4.3.1

Release notes

Sourced from jupyterlab's releases.

v4.3.1

4.3.1

(Full Changelog)

Bugs fixed

Documentation improvements

Contributors to this release

(GitHub contributors page for this release)

@​Darshan808 | @​JasonWeill | @​jtpio | @​jupyterlab-probot | @​kellyrowland | @​krassowski | @​kuraga | @​meeseeksmachine

Changelog

Sourced from jupyterlab's changelog.

4.3.1

(Full Changelog)

Bugs fixed

Documentation improvements

Contributors to this release

(GitHub contributors page for this release)

@​Darshan808 | @​JasonWeill | @​jtpio | @​jupyterlab-probot | @​kellyrowland | @​krassowski | @​kuraga | @​meeseeksmachine

4.3.0

(Full Changelog)

New features added

Enhancements made

... (truncated)

Commits
  • 6dd7293 [ci skip] Publish 4.3.1
  • 6d8e2f0 Backport PR #16950: Fix total size estimation in full windowing mode to reduc...
  • 14a6f52 Backport PR #16962: Fix moving files when Last Modified column is hidden (#...
  • 65b6d6d Backport PR #16945: Enable Scroll for Overflowing Menus on Small Screens (#16...
  • 2dc1a94 Backport PR #16959: Document IInlineCompletionItem.token (#16961)
  • fa148a7 Backport PR #16953: Fix prefix removal when reconciling completions from mult...
  • a33465d Backport PR #16943: Disable paste for read-only markdown cells & fix replace ...
  • b3c694d Backport PR #16903: Maintain autosave timers while disconnected (#16947)
  • 2d68704 Backport PR #16940: Fix Regex Functionality for Find and Replace / Replace Al...
  • 5a5f347 Backport PR #16863: Fix triggering completer on the beginning of the lines (#...
  • Additional commits viewable in compare view

Updates jupyterlab-git to 0.50.2

Release notes

Sourced from jupyterlab-git's releases.

v0.50.2

0.50.2

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Contributors to this release

(GitHub contributors page for this release)

@​dependabot | @​github-actions | @​gjmooney | @​jtpio | @​krassowski

Changelog

Sourced from jupyterlab-git's changelog.

0.50.2

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Contributors to this release

(GitHub contributors page for this release)

@​dependabot | @​github-actions | @​gjmooney | @​jtpio | @​krassowski

0.50.1

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

... (truncated)

Commits

Updates wheel to 0.45.0

Release notes

Sourced from wheel's releases.

0.45.0

  • Refactored the convert command to not need setuptools to be installed

  • Don't configure setuptools logging unless running bdist_wheel

  • Added a redirection from wheel.bdist_wheel.bdist_wheel to setuptools.command.bdist_wheel.bdist_wheel to improve compatibility with setuptools' latest fixes.

    Projects are still advised to migrate away from the deprecated module and import the setuptools' implementation explicitly. (PR by @​abravalheri)

Changelog

Sourced from wheel's changelog.

Release Notes

0.45.0 (2024-11-08)

  • Refactored the convert command to not need setuptools to be installed

  • Don't configure setuptools logging unless running bdist_wheel

  • Added a redirection from wheel.bdist_wheel.bdist_wheel to setuptools.command.bdist_wheel.bdist_wheel to improve compatibility with setuptools' latest fixes.

    Projects are still advised to migrate away from the deprecated module and import the setuptools' implementation explicitly. (PR by @​abravalheri)

0.44.0 (2024-08-04)

  • Canonicalized requirements in METADATA file (PR by Wim Jeantine-Glenn)
  • Deprecated the bdist_wheel module, as the code was migrated to setuptools itself

0.43.0 (2024-03-11)

  • Dropped support for Python 3.7
  • Updated vendored packaging to 24.0

0.42.0 (2023-11-26)

  • Allowed removing build tag with wheel tags --build ""
  • Fixed wheel pack and wheel tags writing updated WHEEL fields after a blank line, causing other tools to ignore them
  • Fixed wheel pack and wheel tags writing WHEEL with CRLF line endings or a mix of CRLF and LF
  • Fixed wheel pack --build-number "" not removing build tag from WHEEL (above changes by Benjamin Gilbert)

0.41.3 (2023-10-30)

  • Updated vendored packaging to 23.2
  • Fixed ABI tag generation for CPython 3.13a1 on Windows (PR by Sam Gross)

0.41.2 (2023-08-22)

  • Fixed platform tag detection for GraalPy and 32-bit python running on an aarch64 kernel (PR by Matthieu Darbois)
  • Fixed wheel tags to not list directories in RECORD files (PR by Mike Taves)
  • Fixed ABI tag generation for GraalPy (PR by Michael Simacek)

0.41.1 (2023-08-05)

... (truncated)

Commits
  • d78f0e3 Created a new release
  • f064c69 Added license files for vendored packaging
  • 68387af Only configure setuptools logging if bdist_wheel is imported (#641)
  • c81f5c9 Refactored the wheel convert command to not require setuptools (#640)
  • e43464d Adjusted target Python versions in GitHub CI
  • e9894e7 Tweaked pytest settings to make the tracebacks easier to read
  • baf6bf8 Removed Cirrus CI configuration
  • 28c1ba1 Improved compatibility with future versions of setuptools (#638)
  • 9254a4f Exclude @overload and if TYPE_CHECKING: from coverage checks
  • d841597 [pre-commit.ci] pre-commit autoupdate (#635)
  • Additional commits viewable in compare view

Updates aiohttp from 3.10.11 to 3.11.6

Release notes

Sourced from aiohttp's releases.

3.11.6

Bug fixes

  • Restored the force_close method to the ResponseHandler -- by :user:bdraco.

    Related issues and pull requests on GitHub: #9997.

3.11.5

Bug fixes

  • Fixed the ANY method not appearing in :meth:~aiohttp.web.UrlDispatcher.routes -- by :user:bdraco.

    Related issues and pull requests on GitHub: #9899, #9987.

3.11.4

Bug fixes

  • Fixed StaticResource not allowing the OPTIONS method after calling set_options_route -- by :user:bdraco.

    Related issues and pull requests on GitHub: #9972, #9975, #9976.

Miscellaneous internal changes

  • Improved performance of creating web responses when there are no cookies -- by :user:bdraco.

    Related issues and pull requests on GitHub:

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.11.6 (2024-11-19)

Bug fixes

  • Restored the force_close method to the ResponseHandler -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:9997.

3.11.5 (2024-11-19)

Bug fixes

  • Fixed the ANY method not appearing in :meth:~aiohttp.web.UrlDispatcher.routes -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:9899, :issue:9987.

3.11.4 (2024-11-18)

Bug fixes

  • Fixed StaticResource not allowing the OPTIONS method after calling set_options_route -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:9972, :issue:9975, :issue:9976.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gaudi-openshift group across 1 directory with 7 updates
d84b6e3 
Updates the requirements on [codeflare-sdk](https://github.com/project-codeflare/codeflare-sdk), [pyodbc](https://github.com/mkleehammer/pyodbc), [odh-elyra](https://github.com/opendatahub-io/elyra), [jupyterlab](https://github.com/jupyterlab/jupyterlab), [jupyterlab-git](https://github.com/jupyterlab/jupyterlab-git), [wheel](https://github.com/pypa/wheel) and [aiohttp](https://github.com/aio-libs/aiohttp) to permit the latest version.

Updates `codeflare-sdk` to 0.23.1
- [Release notes](https://github.com/project-codeflare/codeflare-sdk/releases)
- [Commits](project-codeflare/codeflare-sdk@v0.21.1...v0.23.1)

Updates `pyodbc` to 5.2.0
- [Release notes](https://github.com/mkleehammer/pyodbc/releases)
- [Commits](mkleehammer/pyodbc@5.1.0...5.2.0)

Updates `odh-elyra` to 4.2.0
- [Release notes](https://github.com/opendatahub-io/elyra/releases)
- [Changelog](https://github.com/opendatahub-io/elyra/blob/main/CHANGELOG.md)
- [Commits](opendatahub-io/elyra@v4.0.3...v4.2.0)

Updates `jupyterlab` to 4.3.1
- [Release notes](https://github.com/jupyterlab/jupyterlab/releases)
- [Changelog](https://github.com/jupyterlab/jupyterlab/blob/@jupyterlab/lsp@4.3.1/CHANGELOG.md)
- [Commits](https://github.com/jupyterlab/jupyterlab/compare/@jupyterlab/lsp@4.2.5...@jupyterlab/lsp@4.3.1)

Updates `jupyterlab-git` to 0.50.2
- [Release notes](https://github.com/jupyterlab/jupyterlab-git/releases)
- [Changelog](https://github.com/jupyterlab/jupyterlab-git/blob/main/CHANGELOG.md)
- [Commits](jupyterlab/jupyterlab-git@v0.50.1...v0.50.2)

Updates `wheel` to 0.45.0
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](pypa/wheel@0.44.0...0.45.0)

Updates `aiohttp` from 3.10.11 to 3.11.6
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](aio-libs/aiohttp@v3.10.11...v3.11.6)

---
updated-dependencies:
- dependency-name: codeflare-sdk
  dependency-type: direct:production
  dependency-group: gaudi-openshift
- dependency-name: pyodbc
  dependency-type: direct:production
  dependency-group: gaudi-openshift
- dependency-name: odh-elyra
  dependency-type: direct:production
  dependency-group: gaudi-openshift
- dependency-name: jupyterlab
  dependency-type: direct:production
  dependency-group: gaudi-openshift
- dependency-name: jupyterlab-git
  dependency-type: direct:production
  dependency-group: gaudi-openshift
- dependency-name: wheel
  dependency-type: direct:production
  dependency-group: gaudi-openshift
- dependency-name: aiohttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gaudi-openshift
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from sharvil10 as a code owner November 20, 2024 15:49
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 20, 2024
@dependabot dependabot bot mentioned this pull request Nov 20, 2024
Closed
@github-actions GitHub Actions
Copy link

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 3 package(s) with unknown licenses.
See the Details below.

License Issues

enterprise/redhat/openshift-ai/gaudi/docker/requirements.txt

PackageVersionLicenseIssue Type
odh-elyra~> 4.2.0NullUnknown License
aiohttp3.11.6NullUnknown License
jupyterlab~> 4.3.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
pip/aiohttp 3.11.6 🟢 6.3
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 2/22 approved changesets -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
License🟢 9license file detected
Fuzzing🟢 10project is fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Security-Policy🟢 10security policy file detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging🟢 10packaging workflow detected
SAST🟢 8SAST tool detected but not run on all commits
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
pip/codeflare-sdk ~> 0.23.1 UnknownUnknown
pip/jupyterlab ~> 4.3.1 🟢 5.5
Details
CheckScoreReason
Code-Review🟢 9Found 24/26 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
License🟢 9license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(4.2.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST🟢 9SAST tool detected but not run on all commits
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 017 existing vulnerabilities detected
pip/jupyterlab-git ~> 0.50.2 🟢 4.7
Details
CheckScoreReason
Code-Review🟢 4Found 9/20 approved changesets -- score normalized to 4
Maintained🟢 1013 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy🟢 10security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 37 existing vulnerabilities detected
pip/odh-elyra ~> 4.2.0 UnknownUnknown
pip/pyodbc ~> 5.2.0 🟢 5.9
Details
CheckScoreReason
Code-Review🟢 4Found 10/23 approved changesets -- score normalized to 4
Maintained🟢 1013 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST🟢 9SAST tool detected but not run on all commits
pip/wheel ~> 0.45.0 🟢 5.7
Details
CheckScoreReason
Code-Review🟢 3Found 10/27 approved changesets -- score normalized to 3
Maintained🟢 911 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Packaging🟢 10packaging workflow detected
Security-Policy⚠️ 0security policy file not detected
SAST🟢 4SAST tool is not run on all commits -- score normalized to 4

Scanned Files

  • enterprise/redhat/openshift-ai/gaudi/docker/requirements.txt

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 25, 2024

Superseded by #537.

@dependabot dependabot bot closed this Nov 25, 2024
@dependabot dependabot bot deleted the dependabot/pip/enterprise/redhat/openshift-ai/gaudi/docker/gaudi-openshift-b6786b8227 branch November 25, 2024 14:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sharvil10 sharvil10 Awaiting requested review from sharvil10 sharvil10 is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants