RHOAIENG-1751: Bump jinja2 lib to 3.1.4

[paulovmr]

Description

Bump jinja2 lib to 3.1.4 as suggested by Snyk. Updated necessary lock files.

How Has This Been Tested?

Merge criteria:

• The commits are squashed in a cohesive manner and have meaningful messages.
• Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
• The developer has manually tested the changes and verified that the changes work

[jiridanek]

let's see if this works

/label trivy-scan

[openshift-ci]

@jiridanek: The label(s) /label trivy-scan cannot be applied. These labels are supported: acknowledge-critical-fixes-only, platform/aws, platform/azure, platform/baremetal, platform/google, platform/libvirt, platform/openstack, ga, tide/merge-method-merge, tide/merge-method-rebase, tide/merge-method-squash, px-approved, docs-approved, qe-approved, no-qe, downstream-change-needed, rebase/manual, cluster-config-api-changed, approved, backport-risk-assessed, bugzilla/valid-bug, cherry-pick-approved, jira/valid-bug, staff-eng-approved. Is this label configured under labels -> additional_labels or labels -> restricted_labels in plugin.yaml?

In response to this:

let's see if this works

/label trivy-scan

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[jiridanek]

Trivy does not complain about this on regular scheduled scans. It does see the package, https://github.com/opendatahub-io/notebooks/actions/runs/9867254845/job/27247380483#step:14:77, but it is not mentioned in https://github.com/opendatahub-io/notebooks/actions/runs/9867254845#summary-27247380483. I'm willing to guess that's because the severity of the cve is too low to show on the final report.

[caponetto]

Yes, this one is a MEDIUM. If it is more helpful, we can allow all severities in the daily report.

[jiridanek]

If the goal is to allow comparing PR report and daily report to check cve went away, then all severities in all reports would need to be displayed.

Or we can say that we mostly fix the HIGH and CRITICAL stuff, so it's enough to show that.

[caponetto]

Initially, I thought that we were focusing only on HIGH and CRITICAL issues but, given these PRs, I would enable all types of severity on the daily report too.

[caponetto]

#614

[jiridanek]

/override ci/prow/intel-notebooks-e2e-tests

[openshift-ci]

@jiridanek: jiridanek unauthorized: /override is restricted to Repo administrators, approvers in top level OWNERS file, and the following github teams:.

In response to this:

/override ci/prow/intel-notebooks-e2e-tests

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[paulovmr]

/retest

[caponetto]

I see the same failure (ci/prow/intel-notebooks-e2e-tests) on my PR (#608) so it is likely unrelated.

[jiridanek]

• Intel tensorflow notebook failed to get tested on OCP-CI #562

[atheo89]

Thanks Paulo for the upgrade!

/lgtm
/approve
/override ci/prow/intel-notebooks-e2e-tests

[openshift-ci]

@atheo89: Overrode contexts on behalf of atheo89: ci/prow/intel-notebooks-e2e-tests

In response to this:

Thanks Paulo for the upgrade!

/lgtm
/approve
/override ci/prow/intel-notebooks-e2e-tests

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: atheo89, jiridanek

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [atheo89]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment