From cfadbeb3535494e27f3b453de19b552e95250620 Mon Sep 17 00:00:00 2001 From: suryadev99 <81183603+suryadev99@users.noreply.github.com> Date: Thu, 3 Aug 2023 10:42:56 +0530 Subject: [PATCH] chore: Bump cryptography (#24657) Co-authored-by: John Bodley <4567245+john-bodley@users.noreply.github.com> --- UPDATING.md | 3 ++- requirements/base.txt | 2 +- setup.py | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/UPDATING.md b/UPDATING.md index abda7ee5150db..22648f140a527 100644 --- a/UPDATING.md +++ b/UPDATING.md @@ -24,7 +24,8 @@ assists people when migrating to a new version. ## Next -- [24628]https://github.com/apache/superset/pull/24628): Augments the foreign key constraints for the `dashboard_owner`, `report_schedule_owner`, and `slice_owner` tables to include an explicit CASCADE ON DELETE to ensure the relevant ownership records are deleted when a dataset is deleted. Scheduled downtime may be advised. +- [24657](https://github.com/apache/superset/pull/24657): Bumps the cryptography package to augment the OpenSSL security vulnerability. +- [24628](https://github.com/apache/superset/pull/24628): Augments the foreign key constraints for the `dashboard_owner`, `report_schedule_owner`, and `slice_owner` tables to include an explicit CASCADE ON DELETE to ensure the relevant ownership records are deleted when a dataset is deleted. Scheduled downtime may be advised. - [24488](https://github.com/apache/superset/pull/24488): Augments the foreign key constraints for the `sql_metrics`, `sqlatable_user`, and `table_columns` tables to include an explicit CASCADE ON DELETE to ensure the relevant records are deleted when a dataset is deleted. Scheduled downtime may be advised. - [24335](https://github.com/apache/superset/pull/24335): Removed deprecated API `/superset/filter////` - [24185](https://github.com/apache/superset/pull/24185): `/api/v1/database/test_connection` and `api/v1/database/validate_parameters` permissions changed from `can_read` to `can_write`. Only Admin user's have access. diff --git a/requirements/base.txt b/requirements/base.txt index ffd3ee021be16..820faca0e491a 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -63,7 +63,7 @@ cron-descriptor==1.2.24 # via apache-superset croniter==1.0.15 # via apache-superset -cryptography==39.0.1 +cryptography==41.0.0 # via # apache-superset # paramiko diff --git a/setup.py b/setup.py index 79c5096b31c85..b3f225bce50f6 100644 --- a/setup.py +++ b/setup.py @@ -78,7 +78,7 @@ def get_git_sha() -> str: "colorama", "croniter>=0.3.28", "cron-descriptor", - "cryptography>=39.0.1, <40", + "cryptography>=41.0.0, <41.0.2", "deprecation>=2.1.0, <2.2.0", "flask>=2.2.5, <3.0.0", "flask-appbuilder>=4.3.4, <5.0.0",