* Enabled vault endpoint TLS certificate verification by default for `bf build` and `bf deploy` commands. This fixes the MITM attack vulnerability. Kudos to Konstantin Weddige for reporting.
Breaking changes
* Default vault endpoint TLS certificate verification for `bf build` and `bf deploy` may fail in some environments. Use `-vev`/`--vault-endpoint-verify` option to disable or provide path to custom trusted certificates or CA certificates. Disabling makes execution vulnerable for MITM attacks and is discouraged - do it only when justified and in trusted environments. See [https://requests.readthedocs.io/en/latest/user/advanced/#ssl-cert-verification](https://requests.readthedocs.io/en/latest/user/advanced/#ssl-cert-verification) for details.
1.5.4
Not secure
Changed
* Added two more parameters in KubernetesPodOperator required since Composer 2.1.0
1.5.3
Not secure
Changed
* MarkupSafe bumped to >2.1.0 (avoiding the broken 2.1.0 version)
1.5.2
Not secure
Changed
* Jinja version bumped to >=3<4
Fixed
* Fixing the DAG builder issue introduced in 1.5.1 – now it produces DAGs compatible with (airflow 1.x + composer 1.x) or (airflow 2.x + composer 2.x)
1.5.1
Not secure
*Broken!* – DAG builder produces DAGs incompatible with (airflow 1.x + composer 1.x). Fixed in 1.5.2.
Fixed
* Composer 2.0 support – using `composer-user-workloads` namespace inside generated DAGs if running on Composer 2.X, to fix the problem with inheriting the Composer SA
1.5.0
Not secure
Fixed
* Setting grpcio-status as <=1.48.2 to avoid problems with pip-compile on protobuf package * changing docker image caching implementation – using BUILDKIT_INLINE_CACHE=1 only if cache properties are set * always installing typing-extensions>=3.7 to avoid clashes