Safety vulnerability ID: 51348
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Elyra 3.12.0 updates its NPM dependency 'parse-url' to versions '^8.1.0' to include a security fix.
Latest version: 3.15.0
Elyra provides AI Centric extensions to JupyterLab
Pipeline runtime: Kubeflow Pipelines
Number of generic nodes: 0
Number of custom nodes: 1
Script dependencies: None specified
Notebook dependencies: None specified
Local file dependencies:
- url.txt
...
Improved component catalog connectors
The [Apache Airflow package component catalog connector](https://elyra.readthedocs.io/en/v3.12.0/user_guide/pipeline-components.html#apache-airflow-package-catalog), the [Apache Airflow provider package component catalog connector](https://elyra.readthedocs.io/en/v3.12.0/user_guide/pipeline-components.html#apache-airflow-provider-package-catalog), and the [URL component catalog connector](https://elyra.readthedocs.io/en/v3.12.0/user_guide/pipeline-components.html#url-component-catalog) now support secured environments where SSL server authenticity can only be validated using certificates based on private public key infrastructure with root and optionally intermediate certificate authorities that are _not publicly trusted_. Refer to the connector documentation links for details.
What's Changed
New Features
* Support disabling node output caching for custom KFP components by ptitzler in https://github.com/elyra-ai/elyra/pull/2905
* Support not publicly trusted certificates in built-in component catalog connectors by ptitzler in https://github.com/elyra-ai/elyra/pull/2912
* Make multi-valued input fields more user-friendly by kiersten-stokes in https://github.com/elyra-ai/elyra/pull/2927
* Pipeline editor: Allow for configuration of labels by ptitzler in https://github.com/elyra-ai/elyra/pull/2943
Bug Fixes
* Move CLI component cache build to occur before pre-processing by kiersten-stokes in https://github.com/elyra-ai/elyra/pull/2913
* Account for how canvas handles icon size by ajbozarth in https://github.com/elyra-ai/elyra/pull/2914
* Fix rendering of toleration effect in generic components by kiersten-stokes in https://github.com/elyra-ai/elyra/pull/2946
* Fix annotations and label processing by ptitzler in https://github.com/elyra-ai/elyra/pull/2947
Other
* simplify handlers test by ptitzler in https://github.com/elyra-ai/elyra/pull/2900
* Organize doc images by source doc by ptitzler in https://github.com/elyra-ai/elyra/pull/2910
* Improve content of the pipelines documentation topic by ptitzler in https://github.com/elyra-ai/elyra/pull/2909
* Update generic nodes to use static icon api by ajbozarth in https://github.com/elyra-ai/elyra/pull/2908
* Enable debugger on kernel change by karlaspuldaro in https://github.com/elyra-ai/elyra/pull/2903
* Error Dialog Integration Tests by vhada7 in https://github.com/elyra-ai/elyra/pull/2870
* Update Python icon to match JupyterLab by ajbozarth in https://github.com/elyra-ai/elyra/pull/2917
* Add initial support for rjsf in pipeline properties by marthacryan in https://github.com/elyra-ai/elyra/pull/2780
* Add migration section to the pipeline documentation topic by ptitzler in https://github.com/elyra-ai/elyra/pull/2928
* Document how to identify installed Elyra version by ptitzler in https://github.com/elyra-ai/elyra/pull/2930
* Update parse-url dependency due to CVE-2022-2900 by akchinSTC in https://github.com/elyra-ai/elyra/pull/2935
* Fix typo in filename by ptitzler in https://github.com/elyra-ai/elyra/pull/2940
* Explicitly specify units of gigabytes for RAM in Airflow DAG template by kiersten-stokes in https://github.com/elyra-ai/elyra/pull/2949
* Update pipeline editor node package to 1.10 by akchinSTC in https://github.com/elyra-ai/elyra/pull/2950
New Contributors
* vhada7 made their first contribution in https://github.com/elyra-ai/elyra/pull/2870
**Full Changelog**: https://github.com/elyra-ai/elyra/compare/v3.11.0...v3.12.0
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application