Safety vulnerability ID: 53399
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Octue 0.43.3 updates its dependency 'protobuf' to v3.20.3 to include a security fix.
Latest version: 0.61.0
A package providing template applications for data services, and a python SDK to the Octue API.
Summary
Make a number of improvements and fixes to message handling when using pull subscriptions. Also update the small amount of testing that interacts with GCP to use a dedicated separate GCP project.
<!--- SKIP AUTOGENERATED NOTES --->
Contents ([558](https://github.com/octue/octue-sdk-python/pull/558))
Enhancements
- Increase number of questions that can be asked concurrently in `Child.ask_multiple` to 32
- Make delivery acknowledgement and maximum hearbeat interval kwargs available in `Child.ask`
- Allow parents to start handling child responses from the first non-missed message (`n + 1`) if the first `n` were missed
- Add question UUID to heartbeat log messages
- Improve `PushSubscriptionCannotBePulled` error message
Fixes
- Mark question as delivered on receipt of first response from child in case the delivery acknowledgement message is missed
- Stop loss of delivered question UUIDs if local metadata file does not yet exist
- Avoid message gap greater than the delivery acknowledgement timeout causing failure to receive child messages
- Allow a start time of zero in message handler
Dependencies
- Update to latest versions of `protobuf` and `werkzeug` to avoid security issues
Operations
- Add terraform configuration for new test project
Refactoring
- Simplify nested conditional
- Minimise code within try/except block in `OrderedMessageHandler`
- Move message recording into `OrderedMessageHandler._handle_message`
- Factor out raising message handling error in message handler
- Rename `OrderedMessageHandler.received_messages` to `handled_messages`
Testing
- Use new URI for Strands JSON schemas in tests
- Use dedicated GCP project for testing services
<!--- END AUTOGENERATED NOTES --->
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application