Safety vulnerability ID: 42728
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Elyra 3.0.0 updates its dependency 'urllib3' to v1.26.5 to include a security fix.
Latest version: 3.15.0
Elyra provides AI Centric extensions to JupyterLab
High level enhancements
- Enable creation of pipelines specific to a runtime
- Enable support for runtime specific components
- Increased Elyra pipeline version to 4 with auto-migration support enabled
- Integrate new content parser with support for refreshing environment vars from
notebooks and scripts
- New Pipeline validation service
- Support for KFP 1.6.3 / Tekton 0.8.1
- Fix DEX authentication issues
- Upgraded to new Pipeline Editor version 1.0.0 and Elyra Canvas to version 11.0.0
- Update to JupyterLab LSP 3.8.0 and migrate to python-lsp-server as the Python language server
- Update to JupyterLab Git 0.32.0
Security Fixes
- Update urllib3 to v1.26.5 and requests to v2.25.1 - [1841](https://github.com/elyra-ai/elyra/pull/1841)
Other enhancements and bug fixes
- Single node pipeline dependencies should be an array - [2015](https://github.com/elyra-ai/elyra/pull/2015)
- Remove KFServing from KFP Component Registry - [2013](https://github.com/elyra-ai/elyra/pull/2013)
- Update pipeline-editor version to 1.0.0 - [2011](https://github.com/elyra-ai/elyra/pull/2011)
- Update JupyterLab LSP to version 3.8.0 - [2011](https://github.com/elyra-ai/elyra/pull/2011)
- Update Jupyterlab GIT to version 0.32.0 - [2011](https://github.com/elyra-ai/elyra/pull/2011)
- Pin click dependency to KFP 1.6.3 required version - [2010](https://github.com/elyra-ai/elyra/pull/2010)
- Remove slack operator base class definition from palette - [2007](https://github.com/elyra-ai/elyra/pull/2007)
- Add missing node label for single file pipeline submission - [2005](https://github.com/elyra-ai/elyra/pull/2005)
- Update link to requirements-elyra.txt in runtime specific docs
- Update pipeline validation label check - [2004](https://github.com/elyra-ai/elyra/pull/2004)
- Integrate Pipeline CLI with new validation service - [1993](https://github.com/elyra-ai/elyra/pull/1993)
- Migrate to use python-lsp-server as the Python language server - [1996](https://github.com/elyra-ai/elyra/pull/1996)
- Document install-server make task for backend build - [1980](https://github.com/elyra-ai/elyra/pull/1980)
- Refactor airflow-notebook package back into elyra core - [1925](https://github.com/elyra-ai/elyra/pull/1925)
- Re-enable tests for KFP pipelines with custom components - [1990](https://github.com/elyra-ai/elyra/pull/1990)
- Update validation service to accept missing optional fields - [1992](https://github.com/elyra-ai/elyra/pull/1992)
- Convert exception to string for error handling - [1988](https://github.com/elyra-ai/elyra/pull/1988)
- Properly evaluate list params when processing KFP components - [1983](https://github.com/elyra-ai/elyra/pull/1983)
- Improve 'run notebook' KFP component specification - [1987](https://github.com/elyra-ai/elyra/pull/1987)
- Handle connection error when fetching kfp session cookie - [1972](https://github.com/elyra-ai/elyra/pull/1972)
- Update pipeline-editor version to 0.11.3 - [1985](https://github.com/elyra-ai/elyra/pull/1985)
- Fix error case where error handler throws error - [1984](https://github.com/elyra-ai/elyra/pull/1984)
- Pipeline validation service initial implementation - [1664](https://github.com/elyra-ai/elyra/pull/1664)
- Uncap jinja2 and nbconvert dependency version - [1971](https://github.com/elyra-ai/elyra/pull/1971)
- Refactor component location to jupyter/shared/components/runtime - [1974](https://github.com/elyra-ai/elyra/pull/1974)
- Fix CI dialog selector after Lab 3.1 release - [1973](https://github.com/elyra-ai/elyra/pull/1973)
- Resolve component name errors in component registry - [1969](https://github.com/elyra-ai/elyra/pull/1969)
- Fix computation of absolute path for url-based KFP components - [1957](https://github.com/elyra-ai/elyra/pull/1957)
- Properly display description/type information in node properties - [1970](https://github.com/elyra-ai/elyra/pull/1970)
- Set KFP component display name to the provided node label - [1968](https://github.com/elyra-ai/elyra/pull/1968)
- Derive elyra extension from ExtensionApp - [1876](https://github.com/elyra-ai/elyra/pull/1876)
- Update JupyterLab launcher page image in README - [1917](https://github.com/elyra-ai/elyra/pull/1917)
- Make 'name' optional when parsing a component registry entry - [1958](https://github.com/elyra-ai/elyra/pull/1958)
- Use enter key to save and submit metadata editor form - [1962](https://github.com/elyra-ai/elyra/pull/1962)
- Followup refactor to component & category parsing - [1948](https://github.com/elyra-ai/elyra/pull/1948)
- Update 'runtime image configuration' topic in User Guide - [1933](https://github.com/elyra-ai/elyra/pull/1933)
- Update operation naming for airflow custom components - [1961](https://github.com/elyra-ai/elyra/pull/1961)
- Update tutorial references in documentation overview - [1919](https://github.com/elyra-ai/elyra/pull/1919)
- Update pipeline-editor to v0.11.2 to fix env-vars refresh - [1952](https://github.com/elyra-ai/elyra/pull/1952)
- Update Airflow operation naming for uniqueness - [1950](https://github.com/elyra-ai/elyra/pull/1950)
- Prettify pipeline json on migrate - [1947](https://github.com/elyra-ai/elyra/pull/1947)
- Update pipeline editor dialog message for unsupported files - [1935](https://github.com/elyra-ai/elyra/pull/1935)
- Update Apache Airflow jinja template DAG creation logic - [1945](https://github.com/elyra-ai/elyra/pull/1945)
- Update pipeline properties error message theme - [1939](https://github.com/elyra-ai/elyra/pull/1939)
- Improve how type info is inferred during component parsing - [1936](https://github.com/elyra-ai/elyra/pull/1936)
- Avoid deleting test resources during make clean - [1946](https://github.com/elyra-ai/elyra/pull/1946)
- Fix Pipeline node property resources fields style - [1942](https://github.com/elyra-ai/elyra/pull/1942)
- Restructure pipeline JSON to prevent custom components from breaking - [1882](https://github.com/elyra-ai/elyra/pull/1882)
- Fix Open File command for pipeline nodes - [1937](https://github.com/elyra-ai/elyra/pull/1937)
- Fix exporting generic pipelines to python script - [1927](https://github.com/elyra-ai/elyra/pull/1927)
- Rename KFP NotebookOp to ExecuteFileOp
- Merge support for KFP operator into main Elyra repo
- Set 'required' attribute default to True for KFP components - [1916](https://github.com/elyra-ai/elyra/pull/1916)
- Add descriptions to component types in palette - [1913](https://github.com/elyra-ai/elyra/pull/1913)
- Log and skip pipeline components with invalid location - [1872](https://github.com/elyra-ai/elyra/pull/1872)
- Enable migration from previous pipeline versions - [1860](https://github.com/elyra-ai/elyra/pull/1860)
- Update 'pipelines' topic in User Guide - [1848](https://github.com/elyra-ai/elyra/pull/1848)
- Add Python 3.9 to CI integration test matrix - [1908](https://github.com/elyra-ai/elyra/pull/1908)
- Fix and enable linting on package __init__ files - [1909](https://github.com/elyra-ai/elyra/pull/1909)
- Initialize component defaults when double clicking palette nodes - [1902](https://github.com/elyra-ai/elyra/pull/1902)
- Update kfp component files to include optional parameter - [1854](https://github.com/elyra-ai/elyra/pull/1854)
- Add 'Pipeline components' topic to the user guide docs - [1839](https://github.com/elyra-ai/elyra/pull/1839)
- Fix icon related console warnings and errors - [1897](https://github.com/elyra-ai/elyra/pull/1897)
- Move doc images to proper directory location - [1898](https://github.com/elyra-ai/elyra/pull/1898)
- Run lint in fix mode when building, but in check mode in CI - [1894](https://github.com/elyra-ai/elyra/pull/1894)
- Update Pipeline Editor to 0.10.1 - [1891](https://github.com/elyra-ai/elyra/pull/1891)
- Update material-ui version to 4.12.1 and fix console error - [1885](https://github.com/elyra-ai/elyra/pull/1885)
- Update list of component parameters to avoid parsing errors - [1887](https://github.com/elyra-ai/elyra/pull/1887)
- Update to KFP v1.6.3 and KFP-Tekton v0.8.1 - [1884](https://github.com/elyra-ai/elyra/pull/1884)
- Update KFP Notebook to 0.26.0
- Add ‘extensions’ to palette for Pipeline generic components - [1828](https://github.com/elyra-ai/elyra/pull/1828)
- Update palette JSON to support new pipeline editor features - [1863](https://github.com/elyra-ai/elyra/pull/1863)
- Update build step to not rely on a globally installed lerna - [1865](https://github.com/elyra-ai/elyra/pull/1865)
- Enable and enforce import orders on python lint - [1861](https://github.com/elyra-ai/elyra/pull/1861)
- Add support for left palette panel in PipelineEditor props - [1844](https://github.com/elyra-ai/elyra/pull/1844)
- Update Pipeline Editor to 0.9.0 and Canvas to 11.0.0 - [1864](https://github.com/elyra-ai/elyra/pull/1864)
- Add snapshot testing for pipeline files - [1792](https://github.com/elyra-ai/elyra/pull/1792)
- Refactor pipeline component parsing to be owned by processors - [1801](https://github.com/elyra-ai/elyra/pull/1801)
- Add runtime images button to pipeline editor toolbar - [1858](https://github.com/elyra-ai/elyra/pull/1858)
- Document best practices for file-based nodes in user guide - [1803](https://github.com/elyra-ai/elyra/pull/1803)
- Add basic caching to metadata file storage - [1846](https://github.com/elyra-ai/elyra/pull/1846)
- Fix binder build failures - [1853](https://github.com/elyra-ai/elyra/pull/1853)
- Adjust CI tests to new IPython kernel release - [1855](https://github.com/elyra-ai/elyra/pull/1855)
- Update docs/recipe KFP version reference to 1.4.0 - [1852](https://github.com/elyra-ai/elyra/pull/1852)
- Add integration tests for pipeline export options - [1842](https://github.com/elyra-ai/elyra/pull/1842)
- Update Pipeline Editor to 0.8.0 - [1847](https://github.com/elyra-ai/elyra/pull/1847)
- Update urllib3 to v1.26.5 and requests to v2.25.1 - [1841](https://github.com/elyra-ai/elyra/pull/1841)
- Add support for ELYRA_RUN_NAME environment variable - [1732](https://github.com/elyra-ai/elyra/pull/1732)
- Update KFP Notebook to 0.25.0 - [1840](https://github.com/elyra-ai/elyra/pull/1840)
- Check pipeline version before run/submit pipeline with CLI - [1830](https://github.com/elyra-ai/elyra/pull/1830)
- Update CLI to consider runtime specific pipelines - [1805](https://github.com/elyra-ai/elyra/pull/1805)
- Add integration tests for runtime specific pipelines - [1815](https://github.com/elyra-ai/elyra/pull/1815)
- List 'Apache Airflow' as supported runtime for Pipeline Editor - [1826](https://github.com/elyra-ai/elyra/pull/1826)
- Update node property array control css to use all real state - [1800](https://github.com/elyra-ai/elyra/pull/1800)
- Update incorrect kfp component reference in catalog - [1825](https://github.com/elyra-ai/elyra/pull/1825)
- Update Pipeline Editor to 0.7.0 and Canvas to 10.9.0 - [1822](https://github.com/elyra-ai/elyra/pull/1822)
- Make clean was not unlinking pipeline-editor - [1817](https://github.com/elyra-ai/elyra/pull/1817)
- Update jupyterlab-git to v0.30.x and NBDime to v3.1 - [1820](https://github.com/elyra-ai/elyra/pull/1820)
- Add back artifact/log collection for cypress tests - [1819](https://github.com/elyra-ai/elyra/pull/1819)
- Avoid using null default values for component parameters - [1802](https://github.com/elyra-ai/elyra/pull/1802)
- Finalize initial list of components for KFP and Airflow - [1791](https://github.com/elyra-ai/elyra/pull/1791)
- Update jupyterlab-lsp to version 3.7.0 - [1818](https://github.com/elyra-ai/elyra/pull/1818)
- Update Airflow template to use operation agnostic names - [1808](https://github.com/elyra-ai/elyra/pull/1808)
- Validate that component catalog location exists - [1811](https://github.com/elyra-ai/elyra/pull/1811)
- Adds caching and parallelization to GitHub Actions CI - [1671](https://github.com/elyra-ai/elyra/pull/1671)
- Properly handle empty pipeline in Pipeline Editor clear button - [1796](https://github.com/elyra-ai/elyra/pull/1796)
- Update yarn.lock with Pipeline Editor v0.6.0
- Support runtime specific component parameter type - [1764](https://github.com/elyra-ai/elyra/pull/1764)
- Temporary remove KFP Python DSL export option - [1770](https://github.com/elyra-ai/elyra/pull/1770)
- Update Airflow DAG jinja template to correct package imports - [1788](https://github.com/elyra-ai/elyra/pull/1788)
- Update missing server-side pipeline node properties - [1790](https://github.com/elyra-ai/elyra/pull/1790)
- Fix runtime configuration location on pipeline json - [1776](https://github.com/elyra-ai/elyra/pull/1776)
- Update Pipeline Editor to version 0.6.0 - [1794](https://github.com/elyra-ai/elyra/pull/1794)
- Add loader animation to Pipeline Editor - [1793](https://github.com/elyra-ai/elyra/pull/1793)
- Support exporting pipelines for KF DEX secured envs - [1758](https://github.com/elyra-ai/elyra/pull/1758)
- Remove Pipeline Editor dead/obsolete code - [1779](https://github.com/elyra-ai/elyra/pull/1779)
- Reduce the number of duplicate calls to backend services - [1757](https://github.com/elyra-ai/elyra/pull/1757)
- Fix runtime specific component support for dict parameters - [1775](https://github.com/elyra-ai/elyra/pull/1775)
- Ensure MetadataManager.get() has a value for 'name' - [1778](https://github.com/elyra-ai/elyra/pull/1778)
- Add support for global pipeline properties - [1708](https://github.com/elyra-ai/elyra/pull/1708)
- Do not show iconLabel in Command Palette - [1774](https://github.com/elyra-ai/elyra/pull/1774)
- Add test case for Pipeline node properties array item bug - [1496](https://github.com/elyra-ai/elyra/pull/1496)
- Add tooltip to Python Editor output buttons - [1754](https://github.com/elyra-ai/elyra/pull/1754)
- Made code snippet tag text truncate if it's too long - [1744](https://github.com/elyra-ai/elyra/pull/1744)
- Add support for pipeline runtime specific components - [1620](https://github.com/elyra-ai/elyra/pull/1620)
- Update "Contributing to the Elyra documentation" docs section - [1743](https://github.com/elyra-ai/elyra/pull/1743)
- Updated code snippets image on documentation - [1731](https://github.com/elyra-ai/elyra/pull/1731)
- Update documentation for running integration tests
- Update Readme/Docs feature overview outline - [1720](https://github.com/elyra-ai/elyra/pull/1720)
- Update docs to recommend using pip3 instead of pip - [1718](https://github.com/elyra-ai/elyra/pull/1718)
- Normalize KFP endpoint URL on KFP Processor - [1711](https://github.com/elyra-ai/elyra/pull/1711)
- Move note on pip version to top of pip section
- Add metadata type to delete confirmation dialog message - [1697](https://github.com/elyra-ai/elyra/pull/1697)
- Add make dependency graph utility script - [1705](https://github.com/elyra-ai/elyra/pull/1705)
- Add ODH/Kubeflow 1.3 deployment instructions - [1694](https://github.com/elyra-ai/elyra/pull/1694)
- Set system-owned envs after user-provided envs - [1701](https://github.com/elyra-ai/elyra/pull/1701)
- Update TSConfig and fix errors - [1670](https://github.com/elyra-ai/elyra/pull/1670)
- Add R kernel installation to dev clean script - [1682](https://github.com/elyra-ai/elyra/pull/1682)
- Dereference symlinks in node dependency archive - [1689](https://github.com/elyra-ai/elyra/pull/1689)
- Add indicator for runtime in Pipeline Editor toolbar - [1683](https://github.com/elyra-ai/elyra/pull/1683)
- Fix Pipeline Editor open/close panel tooltip - [1688](https://github.com/elyra-ai/elyra/pull/1688)
- Only update stable binder link on non pre-releases - [1690](https://github.com/elyra-ai/elyra/pull/1690)
- Update Elyra version on KF-Notebook Dockerfile - [1685](https://github.com/elyra-ai/elyra/pull/1685)
- Fix tooltip for Pipeline Editor in launcher icons - [1681](https://github.com/elyra-ai/elyra/pull/1681)
- Re-pin stable binder link to v2.2.4 - [1684](https://github.com/elyra-ai/elyra/pull/1684)
- Update "Deploying Open Data Hub with Elyra" doc recipe - [1574](https://github.com/elyra-ai/elyra/pull/1574)
- Add prepare-changelog goal to release script help
- Update documentation with proper release steps
- Refactor ui-components to use React best-practices - [1657](https://github.com/elyra-ai/elyra/pull/1657)
- Add support for updating env vars to Pipeline Editor - [1654](https://github.com/elyra-ai/elyra/pull/1654)
- Update to Pipeline Editor 0.3.0 and Canvas 10.7.0 - [1679](https://github.com/elyra-ai/elyra/pull/1679)
- Fix Script editor output prompt alignment - [1678](https://github.com/elyra-ai/elyra/pull/1678)
- Add runtime configuration validation section to docs - [1676](https://github.com/elyra-ai/elyra/pull/1676)
- Add indication of runtime into operation's environment - [1668](https://github.com/elyra-ai/elyra/pull/1668)
- Pin stable version binder link to 2.2.4
- Update the Getting Started > Overview section in the docs - [1669](https://github.com/elyra-ai/elyra/pull/1669)
- Add missing dependencies to useCallBack array - [1667](https://github.com/elyra-ai/elyra/pull/1667)
- Fix Pipeline label in tab context menu - [1666](https://github.com/elyra-ai/elyra/pull/1666)
- Fix pipeline editor integration test timeout failures - [1660](https://github.com/elyra-ai/elyra/pull/1660)
- Use GatewayKernelManager from Jupyter Server - [1655](https://github.com/elyra-ai/elyra/pull/1655)
- Fix KF Dex authentication bug - [1642](https://github.com/elyra-ai/elyra/pull/1642)
- Update kubeflow installation link on documentation - [1644](https://github.com/elyra-ai/elyra/pull/1644)
- Remove unused NotebookSubmissionDialog.tsx file - [1639](https://github.com/elyra-ai/elyra/pull/1639)
- Add tested runtime version info to prerequisites - [1641](https://github.com/elyra-ai/elyra/pull/1641)
- Fix Cypress integration tests timeouts - [1640](https://github.com/elyra-ai/elyra/pull/1640)
- Add configuration instruction for KF 1.3 - [1635](https://github.com/elyra-ai/elyra/pull/1635)
- Enable creation of pipelines specific to a runtime - [1591](https://github.com/elyra-ai/elyra/pull/1591)
- Update node properties UI style on pipeline editor - [1631](https://github.com/elyra-ai/elyra/pull/1631)
- Update Python/R labels in file menu - [1633](https://github.com/elyra-ai/elyra/pull/1633)
- Fix resources input alignment on node properties - [1630](https://github.com/elyra-ai/elyra/pull/1630)
- Add more details to Pull Request Template - [1585](https://github.com/elyra-ai/elyra/pull/1585)
- Fix failing pipeline integration tests - [1621](https://github.com/elyra-ai/elyra/pull/1621)
- Update to KFP v1.4.0 and KFP-Tekton v0.7.0 - [1622](https://github.com/elyra-ai/elyra/pull/1622)
- Properly store runtime images name instead of display name - [1626](https://github.com/elyra-ai/elyra/pull/1626)
- Update binder link to latest stable release - [1627](https://github.com/elyra-ai/elyra/pull/1627)
- Update release documentation
- Update release script to support beta releases
- Update release script to generate changelog
- Fix custom notebook/script code fonts with ligatures - [1618](https://github.com/elyra-ai/elyra/pull/1618)
- Add python tests for contents handler - [1589](https://github.com/elyra-ai/elyra/pull/1589)
- Move cos_secret parameter back into original cos category - [1617](https://github.com/elyra-ai/elyra/pull/1617)
- Update airflow-notebook version to v0.0.7 - [1619](https://github.com/elyra-ai/elyra/pull/1619)
- Allow secure connections to s3 object storage - [1616](https://github.com/elyra-ai/elyra/pull/1616)
- Only allow for KFP Notebook patche releases
- Exclude single-line comments from content parsing - [1601](https://github.com/elyra-ai/elyra/pull/1601)
- Display message when no code snippet or tag is defined - [1603](https://github.com/elyra-ai/elyra/pull/1603)
- Update README release doc links to specific Elyra version - [1588](https://github.com/elyra-ai/elyra/pull/1588)
- Update submit button labels and dialog - [1598](https://github.com/elyra-ai/elyra/pull/1598)
- Fix links to pipelines documentation topic - [1604](https://github.com/elyra-ai/elyra/pull/1604)
- Use unittest mock module to avoid flake8 failure - [1607](https://github.com/elyra-ai/elyra/pull/1607)
- Update OpenAPI spec to cover new contents/properties endpoint - [1579](https://github.com/elyra-ai/elyra/pull/1579)
- Switch to using the new pipeline editor package - [1221](https://github.com/elyra-ai/elyra/pull/1221)
- Serve pipeline configuration from server - [1551](https://github.com/elyra-ai/elyra/pull/1551)
- Exported KFP pipeline yaml missing cos_directory parameter - [1563](https://github.com/elyra-ai/elyra/pull/1563)
- Update jupyterlab-git extension to v0.30.0 - [1584](https://github.com/elyra-ai/elyra/pull/1584)
- Build elyra-image from released artifacts for non dev tags - [1536](https://github.com/elyra-ai/elyra/pull/1536)
- Improve messaging for COS credential exceptions - [1575](https://github.com/elyra-ai/elyra/pull/1575)
- Adds material ui dependency to ui-components package - [1567](https://github.com/elyra-ai/elyra/pull/1567)
- Refactor to use Python 3.x super invocation - [1577](https://github.com/elyra-ai/elyra/pull/1577)
- Update docs with link to Kubeflow Notebook Server recipe - [1561](https://github.com/elyra-ai/elyra/pull/1561)
- Add cos_secret option to runtime metadata configuration - [1529](https://github.com/elyra-ai/elyra/pull/1529)
- Expose user_namespace parameter in Airflow runtime schema - [1545](https://github.com/elyra-ai/elyra/pull/1545)
- Update Elyra container image makefile target on docs - [1533](https://github.com/elyra-ai/elyra/pull/1533)
- Fix language check on inserting code snippets into Script Editor - [1527](https://github.com/elyra-ai/elyra/pull/1527)
- Update list of documented Makefile targets - [1553](https://github.com/elyra-ai/elyra/pull/1553)
- Refactor environmental variable discovery into backend service - [1460](https://github.com/elyra-ai/elyra/pull/1460)
- Use yarn lock for Elyra builds - [1555](https://github.com/elyra-ai/elyra/pull/1555)
- Update project MANIFEST.in with missing files - [1552](https://github.com/elyra-ai/elyra/pull/1552)
- Update Airflow Notebook to 0.0.5 - [1548](https://github.com/elyra-ai/elyra/pull/1548)
- Fix description of the exported Apache Airflow DAG file - [1539](https://github.com/elyra-ai/elyra/pull/1539)
- Pin the testutils and filebrowser version - [1541](https://github.com/elyra-ai/elyra/pull/1541)
- Refactor container related Makefile targets - [1531](https://github.com/elyra-ai/elyra/pull/1531)
- Add Code Snippet CLI documentation and refactor existing content - [1528](https://github.com/elyra-ai/elyra/pull/1528)
- Add new build/publish container images targets to Makefile - [1526](https://github.com/elyra-ai/elyra/pull/1526)
- Update kf-notebook container image documentation - [1514](https://github.com/elyra-ai/elyra/pull/1514)
- Fix dependency suggestion in submit notebook dialog - [1510](https://github.com/elyra-ai/elyra/pull/1510)
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application