Syn-commodore

Latest version: v1.22.0

Safety actively analyzes 638437 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 5 of 13

1.4.2

Summary

We're pleased to announce Commodore v1.4.2. This release fixes a bug in `package update` where a stale commit SHA was added to the commit message when updating a configuration package from a new template version.

Changes

1.4.1

Summary

We're pleased to announce Commodore v1.4.1. This release addresses a few oversights in the `package new` and `package update` command. We fixed the implementation of the commands to deduplicate the set of requested test cases in configuration packages, and we've adjusted command `package upgrade` to not create an empty commit when there's no changes to apply.

Changes

1.4.0

Summary

We're pleased to announce the release of Commodore v1.4.0.

Apart from dependency updates, this release adds support for using Commodore dependencies (components or packages) in a sub-path of a repository, adds support for having multiple Commodore dependencies stored in the same repository, improves support for managing configuration packages, and adds a lint for deprecated Kubernetes API versions to the component template.

Dependency management

To enable users to provide dependencies (components or packages) in a sub-path of a repository, Commodore now supports a new optional key `path` in dependency specifications (the entries in `parameters.components` or `parameters.packages` respectively). If the key `path` is not present, Commodore assumes that the dependency is stored in the repository root. When a sub-path is given, Commodore will ensure that the contents of that sub-path are made available in the Kapitan inventory.

Also, in order to support packages which are stored in a sub-path of a repository, Commodore now downloads packages to `dependencies/pkg.<package-name>` and symlinks them to `inventory/classes/<package-name>` instead of directly cloning packages into `inventory/classes`.

Additionally, Commodore now uses [Git worktrees](https://git-scm.com/docs/git-worktree) to manage the component and package checkouts in `dependencies/`. This allows Commodore to clone each dependency repository exactly once, regardless of the number of dependencies stored in the repository.

When you run Commodore in an existing working directory, it will attempt to migrate your existing dependency checkouts to the new worktree-based checkouts, but will abort if it might delete any local data (uncommitted changes, untracked files, and local branches which don't exist in the remote repository are treated as local data).

Package boilerplate updates

Commodore provides a new command `package update`, which allows users to update their existing configuration packages from the configuration package Cookiecutter template. We also added support to `package update` to allow users to add new test cases or remove test cases from an existing package as well as modifying some other selected values in the package boilerplate.

Component linting

This release also adds support for linting components with [`kubent`](https://github.com/doitintl/kube-no-trouble) to the component template. This lint warns component authors about Kubernetes API versions which are deprecated or will be deprecated soon. Due to how the tool works, we've not added this new lint to the component GitHub actions, and instead only provide a make target to run the lints locally at this time.

Changes

1.3.3

Summary

We're pleased to announce Commodore v1.3.3. This release updates dependencies, and fixes the `RequestsDependencyWarning` which was caused by an incomplete dependency specfication for the `requests` package.

Changes

1.3.2

Summary

We're pleased to announce the release of Commodore v1.3.2. Apart from a development dependency update, this release fixes a regression in the component template `.gitignore`.

Changes

1.3.1

Summary

We're pleased to announce the release of Commodore v1.3.1. This is a pure bugfix release which addresses a bug which only manifests when compiling a cluster for the first time when the cluster catalog repository is completely empty.

Changes

Page 5 of 13

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.