Taskcluster

Latest version: v65.1.0

Safety actively analyzes 638361 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 31 of 52

44.2.1

DEPLOYERS

▶ [patch]
No changes. Deployment failed on 44.2.0 due to intermittent network issue.

44.2.0

GENERAL

▶ [minor]
Upgrade from node 14.16.1 to 14.17.5, and from go 1.16.3 to 1.16.7.

ADMINS

▶ [patch] [4946](https://github.com/taskcluster/taskcluster/issues/4946)
On the UI page /hooks, fix the "no hooks" detection so that hook groups are displayed.

OTHER

▶ Additional change not described here: [4944](https://github.com/taskcluster/taskcluster/issues/4944).

44.1.0

USERS

▶ [minor] [bug 1131975](http://bugzil.la/1131975)
taskcluster command line tool to validate json against a schema. having syntax `taskcluster validate-json https://some_schema.json https://example.son`

▶ [patch] [4896](https://github.com/taskcluster/taskcluster/issues/4896)
The queue no longer returns 500 errors when calling `queue.getArtifact` for an object artifact.

DEVELOPERS

▶ [patch] [4934](https://github.com/taskcluster/taskcluster/issues/4934)
When running ``yarn dev:init``, store the RabbitMQ cluster management API
origin at ``meta.rabbitAdminManagementOrigin`` rather than the root key
``rabbitAdminManagementOrigin``. This avoids a schema validation error when
running ``yarn dev:apply``. If you've already run ``yarn dev:init``, then you
can manually move ``rabbitAdminManagementOrigin`` in ``dev-config.yml``.

▶ [patch] [2749](https://github.com/taskcluster/taskcluster/issues/2749)
updated the hook component to be using ListView from material-ui

OTHER

▶ Additional change not described here: [4920](https://github.com/taskcluster/taskcluster/issues/4920).

Automated Package Updates

<details>
<summary>4 Renovate updates</summary>

* Update dependency dot-prop-immutable to v2.1.1 (ab1053410)
* Update dependency dotenv to v10 (2a5debab3)
* Update dependency highlight.js to v11 (580294e2e)
* Update golang.org/x/net commit hash to 04defd4 (26471370b)

</details>

44.0.0

GENERAL

▶ [patch] [bug 1712924](http://bugzil.la/1712924)
Resolves an issue with github logins

DEPLOYERS

▶ [patch] [4882](https://github.com/taskcluster/taskcluster/issues/4882)
Taskcluster-lib-pulse now supports connections to servers that use SNI, such as up-to-date CloudAMQP clusters using a custom certificate. It does so by passing an explicit `servername` socket option.

WORKER-DEPLOYERS

▶ [patch] [4606](https://github.com/taskcluster/taskcluster/issues/4606)
Generic-worker now supports downloading object artifacts as well as the older s3 artifacts.

USERS

▶ [MAJOR] [4895](https://github.com/taskcluster/taskcluster/issues/4895)
The upload helper functions included with each client now take an uploadId parameter. For Go and Rust, these parameters are required.

▶ [patch] [bug 1711612](http://bugzil.la/1711612)
Retried calls to `queue.createArtifact` will now work correctly, allowing both retries and the documented updates.

▶ [patch] [4764](https://github.com/taskcluster/taskcluster/issues/4764)
The JS, Rust, Go (in a previous release) and Python clients now have artifact download functions which will download an artifact regardless of its storage type, applying retries and other best practices.

▶ [patch] [4714](https://github.com/taskcluster/taskcluster/issues/4714)
The client libraries' object-upload functions now calculate and send hashes for the uploaded objects.

▶ [patch] [4890](https://github.com/taskcluster/taskcluster/issues/4890)
This version fixes a bug in the rust client where API methods with method POST but without a request payload would result in 411 errors due to a missing Content-Length header.

▶ [patch] [bug 1711921](http://bugzil.la/1711921)
When a docker-worker's payload specifies an artifact name ending with `/`, it has historically produced an artifact containing `//`. That is now normalized to a single `/`.

OTHER

▶ Additional changes not described here: [4757](https://github.com/taskcluster/taskcluster/issues/4757), [#4807](https://github.com/taskcluster/taskcluster/issues/4807), [#4889](https://github.com/taskcluster/taskcluster/issues/4889).

Automated Package Updates

<details>
<summary>40 Renovate updates</summary>

* Update golang.org/x/crypto commit hash to c07d793 (ea40252e1)
* Update dependency markdown-it-highlightjs to v3.5.0 (d67d60600)
* Update babel monorepo to v7.14.2 (115ac480b)
* Update dependency slack/web-api to v6.2.3 (3d16b170a)
* Update dependency newrelic to v7.4.0 (90fe4b739)
* Update dependency slack/web-api to v6.2.2 (7ba2251ef)
* Update dependency slack/web-api to v6.2.0 (b25bc43b5)
* Update dependency dotenv to v9.0.2 (dfbf4b795)
* Update dependency azure/ms-rest-js to v2.5.0 (7c591e5e6)
* Update dependency matrix-js-sdk to v10.1.0 (b3ccf63db)
* Update sentry monorepo to v6.3.6 (710cf7ec4)
* Update dependency dotenv to v9.0.1 (04f077b34)
* Update dependency date-fns to v2.21.3 (48c0813c0)
* Update dependency eslint to v7.26.0 (97e6c18e8)
* Update dependency fontsource/roboto to v4.3.0 (09b4e5db2)
* Update dependency mocha to v8.4.0 (4557c4f26)
* Update dependency glob to v7.1.7 (bf726bf1e)
* Update dependency cronstrue to v1.113.0 (467bf9cc1)
* Update dependency webpack-cli to v4.7.0 (a196ecfde)
* Update dependency react-error-boundary to v3.1.2 (83fda51a3)
* Update dependency dotenv to v9 (da7db4cf8)
* Update dependency azure/ms-rest-js to v2.4.1 (bd381f834)
* Update dependency dotenv to v8.6.0 (0504cbc01)
* Update dependency dotenv to v8.5.1 (7c1d516fa)
* Update dependency date-fns to v2.21.2 (1bd674399)
* Update dependency prism-themes to v1.7.0 (79933532b)
* Update dependency babel/preset-env to v7.14.1 (9a0a0acdf)
* Update golang.org/x/crypto commit hash to e9a3299 (785646e19)
* Update dependency utf-8-validate to v5.0.5 (d03cd44fc)
* Update dependency sift to v13.5.3 (ff7806d5e)
* Update dependency c8 to v7.7.2 (9ea49cac1)
* Update dependency googleapis to v73 (b1d025c50)
* Update dependency babel/core to v7.14.0 (e9403fe28)
* Update dependency apollo-server-express to v2.24.0 (c3b2d47bd)
* Update sentry monorepo to v6.3.5 (6254bca4c)
* Update sentry monorepo to v6.3.4 (f964f5786)
* Update babel monorepo to v7.14.0 (cc6150681)
* Update dependency graphql-tag to v2.12.4 (890bc312c)
* Update mui monorepo (436da33e3)
* Update module github.com/Microsoft/go-winio to v0.5.0 (4837680df)

</details>

43.2.0

DEPLOYERS

▶ [minor] [4746](https://github.com/taskcluster/taskcluster/issues/4746)
The object service is now ready for use.
The queue supports an `object` storage type which will be stored in the object service.
As of this version, we recommended setting `procs: 1` for the object service if it had previously been set to `0`, and [configuring at least one backend](https://docs.taskcluster.net/docs/manual/deploying/object-service) for artifacts.

▶ [patch] [4648](https://github.com/taskcluster/taskcluster/issues/4648)
All services now have a `<service>.pulse_amqps` Helm configuration that controls whether to use amqps (with TLS) to communicate with the Pulse server. The value defaults to true, matching current behavior, but can be set to false in cases where the AMQP server is local and encryption is unnecessary.

▶ [patch]
The object service now defaults to 1 replica, not 0. The service will not start if it is not properly configured, and we recommend setting the service up at this time, as in the next major release workers will begin uploading objects to the queue.

WORKER-DEPLOYERS

▶ [minor] [bug 1631824](http://bugzil.la/1631824)
The Azure provider of the worker-manager service now assigns unique names to all data disks attached to a VM, allowing those disks to be removed when the worker is removed.

▶ [patch] [4765](https://github.com/taskcluster/taskcluster/issues/4765)
Native "Apple silicon" binaries of taskcluster-proxy, livelog, start-worker and generic-worker are provided (darwin-arm64). The darwin amd64 executables no longer need to be run through Rosetta 2 binary translation on darwin/arm64 workers.

▶ [patch] [3925](https://github.com/taskcluster/taskcluster/issues/3925)
The worker-manager service now ships with the latest CA certs, avoiding the need to download these at runtime. These certificates are good until October 8, 2024.

OTHER

▶ Additional changes not described here: [4707](https://github.com/taskcluster/taskcluster/issues/4707), [#4779](https://github.com/taskcluster/taskcluster/issues/4779), [#4795](https://github.com/taskcluster/taskcluster/issues/4795).

Automated Package Updates

<details>
<summary>36 Renovate updates</summary>

* Update dependency nodemailer to v6.6.0 (017dabd7a)
* Update dependency graphql-scalars to v1.9.3 (45bc9229d)
* Update dependency dockerode to v3.3.0 (8468771e4)
* Update dependency acorn-walk to v8.1.0 (441cbbd37)
* Update dependency acorn-loose to v8.1.0 (3173f9ef7)
* Update dependency sentry/node to v6.3.1 (2d544b14e)
* Update sentry monorepo to v6.3.1 (97356358d)
* Update module github.com/elastic/go-sysinfo to v1.7.0 (fec645d00)
* Update dependency eslint to v7.25.0 (7a16de292)
* Update dependency cron-parser to v3.5.0 (544d48373)
* Update dependency matrix-js-sdk to v10 (a8b8859ce)
* Update dependency sift to v13.5.2 (9f53306db)
* Update dependency mock-fs to v4.14.0 (2db47d750)
* Update dependency jwks-rsa to v2.0.3 (03791e002)
* Update module github.com/Microsoft/go-winio to v0.4.19 (5948f9cde)
* Update dependency octokit/auth-app to v3.4.0 (cd84ff0c0)
* Update dependency codemirror to v5.61.0 (2230e8455)
* Update dependency chalk to v4.1.1 (1a83c1860)
* Update dependency octokit/rest to v18.5.3 (8d73079f6)
* Update dependency serialize-error to v8.1.0 (c2e871c97)
* Update dependency cron-parser to v3.4.0 (30614faef)
* Update sentry monorepo to v6.3.0 (ad265870e)
* Update babel monorepo to v7.13.16 (b06a39065)
* Update module github.com/Microsoft/go-winio to v0.4.18 (549708f6b)
* Update dependency azure/ms-rest-js to v2.4.0 (63e03fbb4)
* Update dependency cronstrue to v1.112.0 (5cff320d3)
* Update dependency material-ui-json-schema-viewer to v1.2.0 (ea79b2183)
* Update dependency fast-azure-storage to v3.1.4 (705d8460e)
* Update golang.org/x/net commit hash to e915ea6 (55c6abd6d)
* Update golang.org/x/sys commit hash to 66c3f26 (c957d084c)
* Update golang.org/x/crypto commit hash to 4f45737 (85a4e60dd)
* Update dependency ws to v7.4.5 (226ed46e3)
* Update dependency escape-string-regexp to v5 (7de69356b)
* Update dependency markdown-it to v12.0.6 (37ffe8301)
* Update dependency markdown-it to v12.0.5 (82cf42d2b)
* Update dependency date-fns to v2.21.1 (71095d097)

</details>

43.1.0

GENERAL

▶ [patch] [4696](https://github.com/taskcluster/taskcluster/issues/4696)
The `github.com/taskcluster/taskcluster/vNN/workers/generic-worker/mocktc` library is no longer publicly exposed.

▶ [patch]
Upgrade from node 14.16.0 to 14.16.1 across services and docker-worker.

DEPLOYERS

▶ [patch] [bug 1442024](http://bugzil.la/1442024)
The object service now serves `text/html` content with `Content-Disposition: attachment` to avoid security issues inherent in serving arbitrary HTML documents.

WORKER-DEPLOYERS

▶ [patch]
Go major version upgrade for generic-worker and worker-runner (go 1.15.6 -> go 1.16.3). Prerequisite step for providing native darwin/arm64 binaries for both (native Apple Silicon builds).

USERS

▶ [minor] [4548](https://github.com/taskcluster/taskcluster/issues/4548)
The queue now additionally supports artifacts with the storageType `object`, stored via the object service.

▶ [patch] [4576](https://github.com/taskcluster/taskcluster/issues/4576)
The shell client now has two new commands to download data from Taskcluster:
* `taskcluster download object <name> <filename>` -- download directly from the object service
* `taskcluster download artifact <taskId> [<runId>] <name> <filename>` -- download the content of an artifact
These commands follow current best practices, including retries with backoff. When supported by the object service, they will also verify download integrity.

▶ [patch] [4698](https://github.com/taskcluster/taskcluster/issues/4698)
Uploading functions in the Python client have been renamed to use camel-case instead of underscores.

OTHER

▶ Additional changes not described here: [4623](https://github.com/taskcluster/taskcluster/issues/4623), [#4631](https://github.com/taskcluster/taskcluster/issues/4631), [#4739](https://github.com/taskcluster/taskcluster/issues/4739), [#4741](https://github.com/taskcluster/taskcluster/issues/4741), [#4744](https://github.com/taskcluster/taskcluster/issues/4744).

Automated Package Updates

<details>
<summary>20 Renovate updates</summary>

* Update dependency js-yaml to v4.1.0 (bc2dda559)
* Update dependency apollo-server-express to v2.23.0 (66941613e)
* Update dependency newrelic to v7.3.1 (bd6a791e4)
* Update dependency date-fns to v2.21.0 (64f8cc301)
* Update module github.com/Microsoft/go-winio to v0.4.17 (426fca502)
* Update dependency azure/arm-network to v24 (f825d482d)
* Update dependency pg to v8.6.0 (30f5a5e10)
* Update dependency pg-connection-string to v2.5.0 (2242418b5)
* Update dependency date-fns to v2.20.3 (ca4880d6a)
* Update dependency matrix-js-sdk to v9.11.0 (ddae91aeb)
* Update dependency date-fns to v2.20.2 (4f6c915d6)
* Update dependency googleapis to v71 (b3a9a029e)
* Update dependency marked to v2.0.3 (9b7f98b46)
* Update dependency fontsource/roboto to v4.2.3 (80ca3de16)
* Update dependency eslint to v7.24.0 (b41017797)
* Update dependency mock-aws-s3 to v4.0.2 (9be4a7c0e)
* Update dependency date-fns to v2.20.1 (ecc66230b)
* Update babel monorepo to v7.13.15 (9a5a263fd)
* Update dependency taskcluster-client-web to v43 (9fd14d658)
* Update dependency taskcluster-client to v43 (ef7574f3c)

</details>

Page 31 of 52

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.