1.0.0

Script-Languages-Container-Tool 1.0.0, released 2024-09-04

Code name: Major refactoring and new deployment API

Summary

This release changed the directory structure and aimed to separate the public and internal modules.
Also, the project now uses the exasol-toolbox to execute code quality CI jobs. There are new functions which
simplify the deployments of Script Language Containers on BucketFS.
The new API improves the generation of the Language Activation commands and provides new objects which contain
more detailed information about the installed Script Language Containers in BucketFS.

Features

#218: Added an option to ignore certificate errors for upload command
#231: Extended LanguageDefinitionComponents

Refactoring

#219: Replaced deprecated bucketfs API by new API
#171: Improved api generate_language_activation
#230: Created new method deploy with similar parameters as in python-extension-common
#234: Removed starter scripts
#237: Changed paths of package

0.21.0

Script-Languages-Container-Tool 0.21.0, released 2024-08-13

Code name: Empty manifest

Summary

This release adds support for the creation of an empty manifest JSON file in the exported Script-Lanugages-Container.

Features

#221: Added an empty manifest to script language containers

0.20.0

Script-Languages-Container-Tool 0.20.0, released 2024-07-09

Code name: Fix vulnerabilities

Summary

This release fixes the following vulnerabilities by updating dependencies:

• CVE-2024-35195 in dependency requests in versions < 2.32.0 caused by requests Session object not verifying requests after making first request with verify=False
• CVE-2024-37891 in transitive dependency via boto3 to urllib3 in versions < 2.2.2 caused by proxy-authorization request header not to be stripped during cross-origin redirects as no update of notebook-connector is available, yet.
• GHSA-w235-7p84-xx57 in transitive dependency via luigi to tornado in versions < 6.4.1 enabling CRLF injection in CurlAsyncHTTPClient headers.
• GHSA-753j-mpmx-qq6g in transitive dependency via luigi to tornado in versions < 6.4.1 due to inconsistent interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

However, the release ignores the following vulnerabilities

• GHSA-753j-mpmx-qq6g in dependency configobj in versions ≤ 5.0.8 being ReDoS exploitable by developers using values in a server-side configuration file as SLCT is used only client side and a patched version is not available, yet.

Security Issues

• #216: Updated dependencies to fix vulnerabilities

0.19.0: Updated dependencies

Summary

This releases updated the dependency to exasol-integration-test-docker-environment and updates to Python3.10.

Refactorings

• #212: Updating dependencies and Python

0.18.3: Pinned dependencies

Summary

This releases the pinned dependency docker and docutils.

Refactoring

• #209: Fixed CI tests

0.18.2

Script-Languages-Container-Tool 0.18.0, released 2024-02-19

Code name: Remove typeguard pin

Summary

This releases the pinned dependency typeguard.

Refactoring

• #207: Remove typeguard pin

0.18.1

Script-Languages-Container-Tool 0.18.0, released 2023-11-24

Code name: Configobj moved

Summary

This release moves configobj from dependencies to dev dependencies so the security alert
regarding ReDoS exploit does not propagate

Security

• moved configobj to dev dependencies

0.18.0

Script-Languages-Container-Tool 0.18.0, released 2023-06-27

Code name: Fixes and improvements.

Summary

This release updated the integration-test-docker-environment to version 1.7.1, added options for configurin logging and fixed the database setup reuse.

Features / Enhancements

• #196: Added logging options to API and CLI

Refactorings

• #201: Updated to integration-test-docker-environment 1.7.1

Bug Fixes

• #200: Fixed reuse database setup

Security

N/A

Documentation

N/A

0.17.0: Add API and CLI commands for building and pushing the test container

Script-Languages-Container-Tool 0.17.0, released 2023-05-12

Code name: Add API and CLI commands for building and pushing the test container

Summary

This releases adds API and CLI commands for building and pushing the test container. It further updates the integration-test-docker-environment to 1.6.0 and fixes some bugs.

Features / Enhancements

• #193: Added build and push test container CLI commands

Refactorings

• #187: Updated release_config.yml
• #192: Remove setup.py and updated the integration-test-docker-environment to 1.6.0

Bug Fixes

• #184: Fixed variable used to get the version in the release workflow
• #183: Disabled check_version workflow for tags

Security

N/A

Documentation

N/A

0.16.0: Bugfix in LanguageDefinition class and prepare for pypi release.

Script-Languages-Container-Tool 0.16.0, released 2023-03-20

Code name: Bugfix in LanguageDefinition class and prepare for pypi release.

Summary

This release fixes a bug where PYTHON3 was missing
when the LanguageDefinition class was called with add_missing_builtin.
It also prepares the project for the pypi release.

Features / Enhancements

• #175: Update vagrant environment
• #178: Install exasol-integration-test-docker-environment from pypi
• #180: Prepare for pypi release

Refactorings

N/A

Bug Fixes

• #174: Add missing PYTHON3 to the add_missing_builtin option for the LanguageDefinition class

Security

• #172: Fix CVE-2007-4559

Documentation

N/A