Taskcluster

Latest version: v65.1.0

Safety actively analyzes 638388 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 33 of 52

41.0.1

USERS

▶ [patch] [4417](https://github.com/taskcluster/taskcluster/issues/4417)
The `hooks.triggerHook` method no longer fails with a 500 error, and now correctly includes the `taskQueueId` property.

▶ [patch] [4411](https://github.com/taskcluster/taskcluster/issues/4411)
The `queue.createArtifact` method now allows specifying a contentType for "link" artifacts, which is necessary to indicate to the UI that a link can be viewed as a logfile.

▶ [patch] [4304](https://github.com/taskcluster/taskcluster/issues/4304)
The queue now better tracks workers. In particular, it will not "lose track of" a worker which resumes claiming work a short time after it expires, and workers will not immediately expire after being un-quarantined.

OTHER

▶ Additional changes not described here: [4273](https://github.com/taskcluster/taskcluster/issues/4273), [#4274](https://github.com/taskcluster/taskcluster/issues/4274), [#4340](https://github.com/taskcluster/taskcluster/issues/4340), [#4346](https://github.com/taskcluster/taskcluster/issues/4346), [#4380](https://github.com/taskcluster/taskcluster/issues/4380), [#4388](https://github.com/taskcluster/taskcluster/issues/4388).

Automated Package Updates

<details>
<summary>21 Renovate updates</summary>

* Update dependency mocha to v8.3.0 (205958586)
* Update dependency eslint to v7.20.0 (7654b7449)
* Update module sirupsen/logrus to v1.7.1 (87369652b)
* Update dependency matrix-js-sdk to v9.7.0 (37289c213)
* Update dependency commander to v7.1.0 (e62b471a5)
* Update dependency aws-sdk to v2.843.0 (1266aaf06)
* Update dependency eslint to v7.20.0 (981d5f82b)
* Update dependency karma to v6.1.1 (02ee7187f)
* Update dependency octokit/rest to v18.1.1 (6be5adbc4)
* Update module golang.org/x/tools to v0.1.0 (a7613ff48)
* Update golang.org/x/sys commit hash to 22da62e (42ff3f3d2)
* Update dependency aws-sdk to v2.842.0 (ec4e97e35)
* Update dependency apollo-server-express to v2.21.0 (f53175ae8)
* Update dependency mocha to v8.3.0 (deecc9b82)
* Update dependency azure/ms-rest-js to v2.2.3 (3826a4ccd)
* Update babel monorepo (807282eb6)
* Update dependency nodemailer to v6.4.18 (89cf9dff9)
* Update module spf13/cobra to v1.1.3 (1a944988b)
* Update module elastic/go-sysinfo to v1.6.0 (a3dc77d83)
* Update dependency taskcluster-client-web to v41 (95d780f0c)
* Update Node.js to v14.15.5 (24ca296cb)

</details>

41.0.0

GENERAL

▶ [patch] [4272](https://github.com/taskcluster/taskcluster/issues/4272)
The experimental `object.uploadObject` endpoint has been removed and replaced with `object.createUpload`. The object service remains entirely experimental and further breaking changes will be made without major version bumps.

DEPLOYERS

▶ [patch] [4276](https://github.com/taskcluster/taskcluster/issues/4276)
The worker-manager service will now start up even if one of its providers is down or misconfigured. Worker pools using that provider will not be provisioned, but other pools will continue to operate normally.

WORKER-DEPLOYERS

▶ [patch] [4336](https://github.com/taskcluster/taskcluster/issues/4336)
Worker-Runner now correctly includes the `workerGroup` and `workerId` properties in error reports.

ADMINS

▶ [MAJOR] [4262](https://github.com/taskcluster/taskcluster/issues/4262)
Tasks now have a `projectId` property that can be used to distinguish tasks for different purposes run in the same Taskcluster deployment. The `queue.createTask` method now requires scope `queue:create-task:project:<projectId>`, permitting administrative control over which clients can create tasks for which projects.

The default `projectId` is `none`. To avoid permissions errors on upgrade, _we recommend that `queue:create-task:project:none` be added to the `anonymous` role_ before upgrading to this version. Once the upgrade is complete, callers may be modified to create tasks with non-default `projectId` and given appropriate scopes.

▶ [minor] [4270](https://github.com/taskcluster/taskcluster/issues/4270)
Task manipulation (rerun, cancel, schedule) is now controlled by scopes related to the task's `projectId`, completing implementation of [RFC163](https://github.com/taskcluster/taskcluster-rfcs/blob/main/rfcs/0163-project-id.md). With this change, and with the inclusion of `projectId` in task definitions, administrators can control task manipulation by granting `queue:<verb>-task-in-project:<projectId>` scopes to the appropriate entities.

▶ [patch]
Upgrade to Sentry v6, but disable the new
[session tracking feature](https://docs.sentry.io/product/releases/health/)
with ``autoSessionTracking: false``, to avoid collecting more data than is
needed.

USERS

▶ [MAJOR] [3581](https://github.com/taskcluster/taskcluster/issues/3581)
Client methods that took two separate provisionerId and taskQueueId parameters take now a
single parameter (workerPoolId or taskQueueId depending on the service involved).
Affected methods are `queue.claimWork`, `queue.pendingTasks`, `purgeCache.purgeCache` and `purgeCache.purgeRequests`.
The API maintains compatibility at the URL level.

▶ [MAJOR] [4058](https://github.com/taskcluster/taskcluster/issues/4058)
The `queue.getArtifact` and `queue.getLatestArtifact` methods now also return a JSON body containing the URL from which the artifact can be downlodaed, in addition to the existing behavior, returning a 303 redirect.

This is a major change only because it changes the function signatures in the Go client.

▶ [minor] [3580](https://github.com/taskcluster/taskcluster/issues/3580)
The queue service API responses will now include the taskQueueId, which will match provisionerId/workerType,
which are also returned. Also, it is now possible to create tasks supplying a taskQueueId instead of the
separate provisionerId and workerType identifiers.

▶ [minor] [4247](https://github.com/taskcluster/taskcluster/issues/4247)
Updating an artifact from a `reference` type to `link` type now correctly updates the artifact type.

▶ [patch] [4248](https://github.com/taskcluster/taskcluster/issues/4248)
Fixed an issue where listing tasks with link artifacts would cause errors.

▶ [patch] [4269](https://github.com/taskcluster/taskcluster/issues/4269)
The task properties `projectId` and `taskQueueId` are now displayed in the Taskcluster UI, and referenced appropriately in the documentation.

▶ [patch] [bug 1562993](http://bugzil.la/1562993)
generic-worker now only reports the first error it encounters when a task fails or hits an exception.

DEVELOPERS

▶ [minor] [4058](https://github.com/taskcluster/taskcluster/issues/4058)
Client libraries no longer treat redirects as errors. The methods that return redirects are those which involve fetching artifacts, and typically these have required generating signed URLs. With this change, these methods can be called directly and will return a JSON payload containing a `url` property from which the artifact can be downloaded. The fetch API does not support reading bodies from redirects, so this functionality is not available in `taskcluster-client-web`, which treats redirects as errors.

▶ [minor] [2393](https://github.com/taskcluster/taskcluster/issues/2393)
On the page where all roles are listed, added Delete icon beside each role. This helps to delete role faster without going to the Role page.

▶ [minor]
Taskcluster now sports a [Rust client](https://crates.io/crates/taskcluster)!

▶ [patch] [3789](https://github.com/taskcluster/taskcluster/issues/3789)
Fixed an issue where when there's no more data, the continuationToken property was not being omitted, but being returned as just an empty string. Depending on implementation, that could cause a caller to loop endlessly calling the purge cache endpoint.

OTHER

▶ Additional changes not described here: [3868](https://github.com/taskcluster/taskcluster/issues/3868), [#4250](https://github.com/taskcluster/taskcluster/issues/4250), [#4275](https://github.com/taskcluster/taskcluster/issues/4275), [#4279](https://github.com/taskcluster/taskcluster/issues/4279), [#4281](https://github.com/taskcluster/taskcluster/issues/4281), [#4295](https://github.com/taskcluster/taskcluster/issues/4295), [#4296](https://github.com/taskcluster/taskcluster/issues/4296), [#4298](https://github.com/taskcluster/taskcluster/issues/4298), [#4256](https://github.com/taskcluster/taskcluster/issues/4256).

Automated Package Updates

<details>
<summary>72 Renovate updates</summary>

* Update dependency query-string to v6.14.0 (d70ebc565)
* Update module spf13/cobra to v1.1.2 (7c1a3babb)
* Update dependency apollo-server-express to v2.20.0 (fa538f309)
* Update dependency azure/ms-rest-js to v2.2.2 (a3e59510f)
* Update dependency cronstrue to v1.109.0 (aa93110ef)
* Update module iancoleman/strcase to v0.1.3 (c89c50a0e)
* Update module stretchr/testify to v1.7.0 (96a598b19)
* Update dependency highlight.js to v10.6.0 (cd903e6a2)
* Update golang.org/x/crypto commit hash to eec23a3 (5fe6c1f96)
* Update dependency marked to v2 (234a640e3)
* Update dependency ejs to v3.1.6 (cb8cc22da)
* Update module elastic/go-sysinfo to v1.5.0 (78f6353b2)
* Update dependency azure/ms-rest-js to v2.2.1 (5b3b11db5)
* Update dependency date-fns to v2.17.0 (ce96b29ce)
* Update sentry monorepo to v6.1.0 (0d1408eb7)
* Update dependency chai to v4.3.0 (e6fc2405c)
* Update babel monorepo to v7.12.13 (49950d969)
* Update dependency marked to v1.2.9 (aa3ec7c8c)
* Update dependency octokit/auth-app to v2.11.0 (65396ccb9)
* Update dependency matrix-js-sdk to v9.6.0 (6f2b477d8)
* Update dependency octokit/rest to v18.1.0 (b9ad5c885)
* Update dependency ws to v7.4.3 (78b30fdb6)
* Update dependency webpack-cli to v4.5.0 (5d6d0b831)
* Update dependency c8 to v7.5.0 (9db09c543)
* Update dependency newrelic to v7.1.1 (2c8519036)
* Update sentry monorepo to v6.0.3 (dbbdb7833)
* Update module iancoleman/strcase to v0.1.3 (de22bfbd0)
* Update dependency eslint to v7.19.0 (f3f70a764)
* Update dependency nock to v13.0.7 (b1ac62537)
* Update dependency nock to v13.0.7 (8615932ef)
* Update module stretchr/testify to v1.7.0 (3b4ea18e0)
* Update module elastic/go-sysinfo to v1.5.0 (3794486e3)
* Update dependency webpack-dev-server to v3.11.2 (8587aca66)
* Update dependency webpack to v4.46.0 (6aceb7b30)
* Update dependency webpack-cli to v4.4.0 (4982bcbbe)
* Update dependency eslint to v7.18.0 (20b6a7527)
* Update dependency sinon to v9.2.4 (57bca859a)
* Update dependency sanitize-html to v2.3.2 (8fabfd6b7)
* Update dependency nock to v13.0.6 (02ecca7d3)
* Update dependency serialize-error to v8.0.1 (e1fdbc7da)
* Update dependency matrix-js-sdk to v9.5.1 (cd9f945a0)
* Update dependency marked to v1.2.8 (9d921a8ab)
* Update dependency acorn-walk to v8.0.2 (95e5bf321)
* Update dependency taskcluster-client-web to v40.0.3 (e5579a129)
* Update dependency nock to v13.0.6 (5017fdf4a)
* Update dependency mime to v2.5.0 (9bccd0435)
* Update dependency graphql to v15.5.0 (2c59c3c26)
* Update dependency octokit/rest to v18.0.15 (b58a6416f)
* Update dependency azure/ms-rest-js to v2.2.0 (b9c8b7f4d)
* Update dependency azure/ms-rest-azure-js to v2.1.0 (93c81b140)
* Update dependency octokit/plugin-retry to v3.0.7 (4851f7ee9)
* Update dependency octokit/core to v3.2.5 (a15e4defe)
* Update dependency octokit/auth-app to v2.10.6 (64e3d72e0)
* Update dependency acorn-loose to v8.0.2 (7af7813fd)
* Update dependency octokit/rest to v18.0.14 (6e0ee4824)
* Update dependency material-ui/core to v4.11.3 (28145c5f8)
* Update dependency eslint to v7.18.0 (6834bebe9)
* Update dependency cronstrue to v1.108.0 (629b69016)
* Update dependency codemirror to v5.59.2 (a32e9b320)
* Update dependency azure/arm-network to v23.2.0 (e07e686ad)
* Update github.com/pkg/browser commit hash to ce105d0 (765e463e7)
* Update sentry monorepo to v6 (603dac189)
* Update dependency qs to v6.9.6 (22848779d)
* Update dependency commander to v7 (720306753)
* Update dependency taskcluster-client to v40.0.3 (31ea584d3)
* Update dependency react-copy-to-clipboard to v5.0.3 (2b94c9355)
* Update dependency generate-password to v1.6.0 (5b86a0ee2)
* Update dependency cronstrue to v1.107.0 (5c6e0349b)
* Update dependency apollo-server-express to v2.19.2 (3fa6e81fa)
* Update dependency slack/web-api to v6 (cc9617816)
* Update dependency cron-parser to v3 (a5cfda50c)
* Update dependency googleapis to v67 (fd08b1405)

</details>

40.0.3

No changes

40.0.2

No changes

40.0.1

GENERAL

▶ [patch] [4238](https://github.com/taskcluster/taskcluster/issues/4238)
The index service should now work in deployments without anonymous scopes.

USERS

▶ [patch] [4240](https://github.com/taskcluster/taskcluster/issues/4240)
The "Task Definition" link in the task view now shows the task as a normal UI page, preventing permissions errors on non-public deployments.

▶ [patch] [4239](https://github.com/taskcluster/taskcluster/issues/4239)
This version fixes a bug in the user-interface causing messages about `yaml.safeDump` having been removed. The developers regret te error.

DEVELOPERS

▶ [patch] [4226](https://github.com/taskcluster/taskcluster/issues/4226)
The `yarn generate` command no longer combines redundant lines in `yarn.lock` files, so that automatic dependency upgrade PRs will succeed. Run `yarn minify` to do this manually.

OTHER

▶ Additional change not described here: [4110](https://github.com/taskcluster/taskcluster/issues/4110).

Automated Package Updates

<details>
<summary>9 Renovate updates</summary>

* Update dependency serialize-error to v8 (78c1b374f)
* Update dependency webpack to v4.45.0 (f1b892f7a)
* Update dependency jwks-rsa to v1.12.2 (fe86a779e)
* Update dependency aws-sdk to v2.824.0 (4f5a1a2eb)
* Update dependency email-templates to v8.0.3 (1594300b5)
* Update dependency taskcluster-client-web to v40 (848d015bb)
* Update dependency taskcluster-client to v40 (5c97645de)
* Update dependency sinon to v9.2.3 (db38e81e6)
* Update dependency azure/ms-rest-azure-js to v2.0.2 (48cebac91)

</details>

40.0.0

DEPLOYERS

▶ [minor]
This version removes the unused deployment configuration variable `queue.use_cloud_mirror` and `queue.public_artifact_ec2_proxies`. Neither served any useful purpose, and it is unlikely that either value appears in any deployment configuration.

WORKER-DEPLOYERS

▶ [patch] [4125](https://github.com/taskcluster/taskcluster/issues/4125)
Workerpools now correctly understand the `reregistrationTimeout` option.

USERS

▶ [MAJOR] [3773](https://github.com/taskcluster/taskcluster/issues/3773)
Support for superseding has been removed. See the linked issue for the detailed reasoning. While workers still allow `supersederUrl` in payloads, it has no effect. Older workers running with newer services that try to supersede tasks will encounter errors. No known instances of superseding exist.

▶ [MAJOR] [4123](https://github.com/taskcluster/taskcluster/issues/4123)
The `taskcluster-client-web` library no longer implements `OIDCCredentialAgent`. This agent interfaced with a `login.taskclutser.net` service that no longer exists.

▶ [MAJOR] [3604](https://github.com/taskcluster/taskcluster/issues/3604)
The notify service no longer supports irc notifications. IRC is declining in popularity and no known deployments of Taskcluster support this functionality, but it is nonetheless considered a breaking API change.

▶ [minor] [4050](https://github.com/taskcluster/taskcluster/issues/4050)
The queue has a new artifact type, `link`, allowing links between artifacts on the same task.

▶ [patch] [4057](https://github.com/taskcluster/taskcluster/issues/4057)
All clients (JS, Python, Go, Web, Shell) now fail when an API method results in a redirect, rather than following that redirect. The API methods that return redirects are those related to Taskcluster artifacts, and these methods must be accessed by building and fetching a signed URL.

▶ [patch] [2721](https://github.com/taskcluster/taskcluster/issues/2721)
Taskcluster-proxy now correctly proxies "non-canonical" URLs, such as those containing `//` or urlencoded values.

▶ [patch] [3878](https://github.com/taskcluster/taskcluster/issues/3878)
The Taskcluster UI now handles artifacts better, avoiding huge URLs that expire quickly.

▶ [patch] [3983](https://github.com/taskcluster/taskcluster/issues/3983)
The UI will no longer fail when viewing a task with dependencies that have expired.

▶ [patch] [4199](https://github.com/taskcluster/taskcluster/issues/4199)
The `sift` dependency has been updated again, to a version that does not cause 4061.

▶ [patch] [1064](https://github.com/taskcluster/taskcluster/issues/1064)
The `taskcluster` command now parses errors from the API, and does not show the command usage when an error occurs.

▶ [patch] [3758](https://github.com/taskcluster/taskcluster/issues/3758)
The `taskcluster` command will now display a warning after a short delay if it is expecting a request payload on stdin.

DEVELOPERS

▶ [minor] [3578](https://github.com/taskcluster/taskcluster/issues/3578)
The queue service now uses `taskQueueId` internally instead of the pair `provisionerId`/`workerType` for tasks.

▶ [patch] [3894](https://github.com/taskcluster/taskcluster/issues/3894)
Postgres errors now include a Sentry fingerprint to help distinguish them in error reports.

OTHER

▶ Additional changes not described here: [2398](https://github.com/taskcluster/taskcluster/issues/2398), [#2875](https://github.com/taskcluster/taskcluster/issues/2875), [#3466](https://github.com/taskcluster/taskcluster/issues/3466), [#3665](https://github.com/taskcluster/taskcluster/issues/3665), [#3739](https://github.com/taskcluster/taskcluster/issues/3739), [#3751](https://github.com/taskcluster/taskcluster/issues/3751), [#3888](https://github.com/taskcluster/taskcluster/issues/3888), [#4072](https://github.com/taskcluster/taskcluster/issues/4072), [#4125](https://github.com/taskcluster/taskcluster/issues/4125), [#4209](https://github.com/taskcluster/taskcluster/issues/4209), [#3718](https://github.com/taskcluster/taskcluster/issues/3718).

Automated Package Updates

<details>
<summary>57 Renovate updates</summary>

* Update dependency newrelic to v7.1.0 (2cb90683e)
* Update Node.js to v14.15.4 (bd0d9a57a)
* Update dependency slack/web-api to v5.15.0 (fea65786f)
* Update dependency acorn-walk to v8.0.1 (1d857fc33)
* Update dependency utf-8-validate to v5.0.4 (cbbf60248)
* Update dependency koa to v2.13.1 (cd17fccb9)
* Update dependency googleapis to v66 (b6bd1a987)
* Update sentry monorepo to v5.29.2 (817a223d2)
* Update mui monorepo (c4f1f8c9c)
* Update dependency js-yaml to v4 (b8509c2a4)
* Update dependency bufferutil to v4.0.3 (f691ab48e)
* Update dependency eslint to v7.17.0 (7c79a038f)
* Update mdx monorepo to v1.6.22 (d236a70c6)
* Update module yaml to v2.4.0 (7e637237c)
* Update dependency prismjs to v1.23.0 (dc1886a2e)
* Update module Microsoft/go-winio to v0.4.16 (f562e47b3)
* Update dependency webpack-cli to v4.3.1 (d6b462978)
* Update dependency react-window to v1.8.6 (f3a183920)
* Update dependency react-virtualized to v9.22.3 (a481007f1)
* Update dependency react-ga to v3.3.0 (b3ddb6bd7)
* Update dependency codemirror to v5.59.1 (7bb0feb02)
* Update dependency azure/arm-network to v23.1.0 (46a8dccc2)
* Update dependency c8 to v7.4.0 (466c3e6f7)
* Update dependency query-string to v6.13.8 (43170db8f)
* Update dependency tar-stream to v2.2.0 (a017d4d28)
* Update dependency ws to v7.4.2 (3dc4ab697)
* Update dependency sanitize-html to v2.3.0 (ff7cd00b0)
* Update dependency webpack-dev-server to v3.11.1 (423cf40ed)
* Update dependency tar-fs to v2.1.1 (28895e6cd)
* Update dependency webpack-cli to v4.3.0 (7211360c8)
* Update dependency utf-8-validate to v5.0.3 (d8d3803ec)
* Update dependency title-case to v3.0.3 (556ed50b6)
* Update dependency taskcluster-client to v39.2.0 (14a427606)
* Update dependency jwks-rsa to v1.12.1 (2d29ca170)
* Update dependency uuid to v8.3.2 (80911d9b4)
* Update neutrino monorepo to v9.5.0 (40b45edc8)
* Update dependency upper-case to v2.0.2 (7d5e79e58)
* Update dependency snake-case to v3.0.4 (c1de6493d)
* Update dependency query-string to v6.13.7 (19d86aa12)
* Update dependency pg to v8.5.1 (baa6a87fc)
* Update dependency highlight.js to v10.5.0 (9d1d25892)
* Update dependency apollo-server-express to v2.19.1 (56f4a7541)
* Update dependency babel/plugin-proposal-decorators to v7.12.12 (a8b891eb3)
* Update dependency param-case to v3.0.4 (3dac59740)
* Update dependency nodemailer to v6.4.17 (501d01a1c)
* Update dependency nock to v13.0.5 (ad95fa052)
* Update dependency builtin-modules to v3.2.0 (e3c12a224)
* Update dependency mime to v2.4.7 (cd1f0615f)
* Update dependency matrix-js-sdk to v9.4.1 (2c5af7952)
* Update dependency markdown-it to v12.0.4 (078c57cd9)
* Update dependency codemirror to v5.59.0 (da7a9bed2)
* Update babel monorepo (7b34e84c0)
* Update dependency open-editor to v3 (146729258)
* Update dependency eslint to v7.16.0 (977f6bd49)
* Update dependency marked to v1.2.7 (605aae3d8)
* Update dependency hashids to v2.2.8 (0a9dc3b67)
* Update Node.js to v14.15.3 (edd186cab)

</details>

Page 33 of 52

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.