Skip to content

Commit fa02773

Browse files
octo-sts[bot]staging-update-botdebasishbsws
authored
kubeflow-pipelines/2.15.0 package update (#73172)
<p align="center"> <img src="https://raw.githubusercontent.com/wolfi-dev/.github/b535a42419ce0edb3c144c0edcff55a62b8ec1f8/profile/wolfi-logo-light-mode.svg" /> </p> <!--ci-cve-scan:fail-any--> **Commit**: 8fe8d7bdd88f027bde080f619762a0b3294796db <!--staging-update-bot-pr-data--> <!-- { "PackageName": "kubeflow-pipelines", "Version": "2.15.0", "Commit": "8fe8d7bdd88f027bde080f619762a0b3294796db", "BumpEpoch": false, "Manual": false } --> <!--/staging-update-bot-pr-data--> --------- Co-authored-by: staging-update-bot <[email protected]> Co-authored-by: Debasish Biswas <[email protected]>
1 parent 83d7cbf commit fa02773

File tree

7 files changed

+18
-173
lines changed

7 files changed

+18
-173
lines changed

kubeflow-pipelines.yaml

Lines changed: 4 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
package:
22
name: kubeflow-pipelines
3-
version: "2.14.4"
4-
epoch: 1 # GHSA-j5w8-q4qc-rx2x
3+
version: "2.15.0"
4+
epoch: 0 # GHSA-j5w8-q4qc-rx2x
55
description: Machine Learning Pipelines for Kubeflow
66
checks:
77
disabled:
@@ -40,30 +40,13 @@ pipeline:
4040
with:
4141
repository: https://github.com/kubeflow/pipelines
4242
tag: ${{package.version}}
43-
expected-commit: 417091dceddb1f35f26203f9779cb18ee260d6ad
43+
expected-commit: 8fe8d7bdd88f027bde080f619762a0b3294796db
4444

4545
- uses: go/bump
4646
with:
4747
deps: |-
48-
github.com/go-viper/mapstructure/[email protected]
49-
github.com/argoproj/argo-workflows/[email protected]
5048
golang.org/x/[email protected]
5149
52-
- name: Fix Build issue by removing the version constraints from requirements.in
53-
uses: patch
54-
with:
55-
patches: fix-build-Removing-version-constraint-kfp.patch
56-
57-
- name: Fix CVE releted to urllib3
58-
uses: patch
59-
with:
60-
patches: fix-CVE-urllib3.patch
61-
62-
- name: Fix CVE in backend by updating
63-
uses: patch
64-
with:
65-
patches: fix-CVE-GHSA-9wx4-h78v-vm56.patch
66-
6750
- uses: patch
6851
with:
6952
patches: add-samples.patch
@@ -199,8 +182,7 @@ subpackages:
199182
- uses: patch
200183
with:
201184
patches: |
202-
GHSA-952p-6rrq-rcjv.patch
203-
GHSA-4hjh-wcwx-xvwj.patch
185+
GHSA-72xf-g2v4-qvf3.patch
204186
- runs: |
205187
mkdir -p ${{targets.subpkgdir}}/server
206188
mkdir -p ${{targets.subpkgdir}}/client

kubeflow-pipelines/GHSA-4hjh-wcwx-xvwj.patch

Lines changed: 0 additions & 47 deletions
This file was deleted.

kubeflow-pipelines/GHSA-72xf-g2v4-qvf3.patch

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
diff --git a/frontend/server/package.json b/frontend/server/package.json
2+
index 4dbe2b296..345402675 100644
3+
--- a/frontend/server/package.json
4+
+++ b/frontend/server/package.json
5+
@@ -51,7 +51,8 @@
6+
"json-schema": "0.4.0",
7+
"jsonpath-plus": "10.3.0",
8+
"date-and-time": "0.14.2",
9+
- "form-data@>=2.0.0 <2.5.4": "2.5.4"
10+
+ "form-data@>=2.0.0 <2.5.4": "2.5.4",
11+
+ "tough-cookie": "^4.1.3"
12+
},
13+
"scripts": {
14+
"build": "tsc --project .",

kubeflow-pipelines/GHSA-952p-6rrq-rcjv.patch

Lines changed: 0 additions & 13 deletions
This file was deleted.

kubeflow-pipelines/fix-CVE-GHSA-9wx4-h78v-vm56.patch

Lines changed: 0 additions & 35 deletions
This file was deleted.

kubeflow-pipelines/fix-CVE-urllib3.patch

Lines changed: 0 additions & 28 deletions
This file was deleted.

kubeflow-pipelines/fix-build-Removing-version-constraint-kfp.patch

Lines changed: 0 additions & 28 deletions
This file was deleted.

0 commit comments

Comments
 (0)