forked from opendatahub-io/data-science-pipelines
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Security upgrade zipp from 3.15.0 to 3.19.1 #227
Open
VaniHaripriya
wants to merge
383
commits into
master
Choose a base branch
from
snyk-fix-86a12c3d308f23eca017f2524f300943
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… duplicate pipeline [Fixes kubeflow#10311] (kubeflow#10546) Validate the error code of pipeline creation in order to return the status conflict when the error represents AlreadyExists. Signed-off-by: champon1020 <nagatelu1020@gmail.com>
daysUntilClose is set to 90 days. This is too much for an issue to keep opened as there is daysUntilStale set to 90 days. That would keep an issue opened for 6 months, and now there are +600 issues opened in the repository. We need to start working on keeping the repository healthy. Signed-off-by: Ricardo M. Oliveira <rmartine@redhat.com>
…nfigMapAsVolume. Fixes kubeflow#10548 (kubeflow#10549) * fix(kubernetes_platform): Add optional field to SecretAsVolume and ConfigMapAsVolume. Signed-off-by: Revital Sur <eres@il.ibm.com> * Update comment. Signed-off-by: Revital Sur <eres@il.ibm.com> --------- Signed-off-by: Revital Sur <eres@il.ibm.com>
PiperOrigin-RevId: 615498240
PiperOrigin-RevId: 615562899
…omponent for vulnerability patch PiperOrigin-RevId: 615593420
Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
…o support creating ModelEvaluations as part of the AutoSxS Metrics component PiperOrigin-RevId: 615675169
PiperOrigin-RevId: 615914679
PiperOrigin-RevId: 616229944
This reverts commit 4d90770.
PiperOrigin-RevId: 616240307
…ines (kubeflow#9876) * Update resource_spec, retry, secret samples to v2 pipelines * Update resource_spec, retry, secret samples to v2 pipelines
Signed-off-by: Achyut Madhusudan <amadhusu@redhat.com>
PiperOrigin-RevId: 616895855
Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
…ns (kubeflow#10577) Signed-off-by: connor-mccarthy <mccarthy.connor.james@gmail.com>
…inputs for rlhf PiperOrigin-RevId: 617285265
PiperOrigin-RevId: 617287233
PiperOrigin-RevId: 617579452
Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
…ction_based PiperOrigin-RevId: 617802429
…files. (kubeflow#10591) Signed-off-by: Achyut Madhusudan <amadhusu@redhat.com>
…vak pipelines from preview to v1 PiperOrigin-RevId: 618017914
PiperOrigin-RevId: 618313694
…peline` in real time PiperOrigin-RevId: 618924675
…nclude generic ephemerl volume (kubeflow#10602) * feat(kubernetes_platform): Update kubernetes_platform go package to include Generic Ephemeral Volume resources Signed-off-by: abaland <abaland@indeed.com> * feat(kubernetes_platform): Update kubernetes_platform go package to include Generic Ephemeral Volume resources (include metadata) Signed-off-by: abaland <abaland@indeed.com>
…flow#10589) Signed-off-by: Rentaro Matsukata <freefood89@users.noreply.github.com>
… EmptyDir (kubeflow#10913) Update kfp backend and kubernetes sdk to support mounting EmptyDir volumes to task pods. Inspired by kubeflow#10427 Fixes: kubeflow#10656 Signed-off-by: Greg Sheremeta <gshereme@redhat.com>
Signed-off-by: Fiona Waters <fiwaters6@gmail.com>
…tegration-test (kubeflow#11132) Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8. - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/4.0.8/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) --- updated-dependencies: - dependency-name: micromatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Diego Lovison <diegolovison@gmail.com>
…bleshooting (kubeflow#11098) Signed-off-by: hbelmiro <helber.belmiro@gmail.com>
Signed-off-by: Michael Hu <humichael@google.com> PiperOrigin-RevId: 668536503
Signed-off-by: hbelmiro <helber.belmiro@gmail.com>
… anything in it. Fixes kubeflow#10241 (kubeflow#11096) * Filter pipeline text box shows error when typing anything in it kubeflow#10241 Signed-off-by: Elay Aharoni (EXT-Nokia) <elay.aharoni.ext@nokia.com> * Filter pipeline text box shows error when typing anything in it kubeflow#10241 Signed-off-by: Elay Aharoni (EXT-Nokia) <elay.aharoni.ext@nokia.com> --------- Signed-off-by: Elay Aharoni (EXT-Nokia) <elay.aharoni.ext@nokia.com> Co-authored-by: Elay Aharoni (EXT-Nokia) <elay.aharoni.ext@nokia.com>
This change allows KFP UI to fallback to UI host namespace when no namespaces are provided when referencing the artifact object store provider secret, in default kubeflow deployments this namespace is simply "kubeflow", however the user can customize this behavior by providing the environment variable "SERVER_NAMESPACE" to the KFP UI deployment. Further more, this change addresses a bug that caused URL parse to fail when parsing endpoints without a protocol, this will support such endpoint types as <ip>:<port> for object store endpoints, as is the case in the default kfp deployment manifests. Signed-off-by: Humair Khan <HumairAK@users.noreply.github.com>
Signed-off-by: Helber Belmiro <helber.belmiro@gmail.com>
Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
…1178) Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
…eflow#11179) Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
Signed-off-by: hbelmiro <helber.belmiro@gmail.com>
* remove driver logs from executor These logs congest the executor runtime logs making it difficult for the user to differentiate between logs. The driver logs are unnecessary here and can be removed to reduce this clutter. Signed-off-by: Humair Khan <HumairAK@users.noreply.github.com> * remove duplicate emissary call in executor As per the initial inline dev comment, argo podspecpatch did not add the emissary call, and had to be manualy added. This was fixed a couple of argo versions back. However, as a result executor pod makes double calls to the executor, which as a consequence also results in superflous logs. This change removes the additional call to emissary to resolve this. Signed-off-by: Humair Khan <HumairAK@users.noreply.github.com> --------- Signed-off-by: Humair Khan <HumairAK@users.noreply.github.com>
Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
* add gcpc modules tests to gha Signed-off-by: Amanpreet Singh Bedi <amanpreet.bedi@zscaler.com> * remove run-all-gcpc-modules test driver script Signed-off-by: Amanpreet Singh Bedi <amanpreet.bedi@zscaler.com> * fix path under gcpc modules tests github action Signed-off-by: Amanpreet Singh Bedi <amanpreet.bedi@zscaler.com> * upgrade ubuntu base image Signed-off-by: Amanpreet Singh Bedi <amanpreet.bedi@zscaler.com> * upgrade python version to 3.9 Signed-off-by: Amanpreet Singh Bedi <amanpreetsinghbedi23@gmail.com> --------- Signed-off-by: Amanpreet Singh Bedi <amanpreet.bedi@zscaler.com> Signed-off-by: Amanpreet Singh Bedi <amanpreetsinghbedi23@gmail.com> Co-authored-by: Amanpreet Singh Bedi <amanpreet.bedi@zscaler.com>
Signed-off-by: Diego Lovison <diegolovison@gmail.com>
* Loosening kubernetes dependency constraint Signed-off-by: egeucak <egeucak75@hotmail.com> * added setuptools in test script Signed-off-by: egeucak <egeucak75@hotmail.com> --------- Signed-off-by: egeucak <egeucak75@hotmail.com>
Signed-off-by: ddalvi <ddalvi@redhat.com>
…1182) Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
…ow#11191) Signed-off-by: Chen Sun <chensun@users.noreply.github.com>
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
VaniHaripriya
force-pushed
the
master
branch
from
September 11, 2024 21:48
2d860af
to
a8fbbd2
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project.
Snyk changed the following file(s):
sdk/python/requirements.txt
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.