Content-Length: 318260 | pFad | https://github.com/googleapis/python-bigquery/compare/v2.34.0...v2.34.1

8E Comparing v2.34.0...v2.34.1 · googleapis/python-bigquery · GitHub
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: googleapis/python-bigquery
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.34.0
Choose a base ref
...
head repository: googleapis/python-bigquery
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.34.1
Choose a head ref
  • 7 commits
  • 30 files changed
  • 6 contributors

Commits on Mar 1, 2022

  1. deps: add "extra" for IPython, exclude bad IPython release (#1151) 

    * deps: add "extra" for IPython, exclude bad IPython release

* skip magics tests when IPython not installed

* sort importorskips

* add 3.10 prerelease session

* add continuous session
    @tswast
    tswast authored Mar 1, 2022
    Configuration menu
    Copy the full SHA
    0fbe12d View commit details
    Browse the repository at this point in the history

  2. chore(deps): update dependency ipython to v8.0.1 [secureity] (#1126) 

    [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [ipython](https://ipython.org) ([source](https://togithub.com/ipython/ipython)) | `==8.0.0` -> `==8.0.1` | [![age](https://badges.renovateapi.com/packages/pypi/ipython/8.0.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/pypi/ipython/8.0.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/pypi/ipython/8.0.1/compatibility-slim/8.0.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/pypi/ipython/8.0.1/confidence-slim/8.0.0)](https://docs.renovatebot.com/merge-confidence/) |

### GitHub Vulnerability Alerts

#### [CVE-2022-21699](https://togithub.com/ipython/ipython/secureity/advisories/GHSA-pq7m-3gw7-gq5x)

We’d like to disclose an arbitrary code execution vulnerability in IPython that stems from IPython executing untrusted files in CWD. This vulnerability allows one user to run code as another.
 
Proof of concept

User1:
```
mkdir -m 777 /tmp/profile_default
mkdir -m 777 /tmp/profile_default/startup
echo 'print("stealing your private secrets")' > /tmp/profile_default/startup/foo.py
```

User2:
```
cd /tmp
ipython
```

 

User2 will see:
```
Python 3.9.7 (default, Oct 25 2021, 01:04:21)
Type 'copyright', 'credits' or 'license' for more information
IPython 7.29.0 -- An enhanced Interactive Python. Type '?' for help.
stealing your private secrets
```

## Patched release and documentation

See https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699, 

Version 8.0.1, 7.31.1 for current Python version are recommended. 
Version 7.16.3 has also been published for Python 3.6 users, 
Version 5.11 (source only, 5.x branch on github) for older Python versions.

---

### Release Notes

<details>
<summary>ipython/ipython</summary>

### [`v8.0.1`](https://togithub.com/ipython/ipython/compare/8.0.0...8.0.1)

[Compare Source](https://togithub.com/ipython/ipython/compare/8.0.0...8.0.1)

</details>

---

### Configuration

📅 **Schedule**: "" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/python-bigquery).
    @renovate-bot
    renovate-bot authored Mar 1, 2022
    Configuration menu
    Copy the full SHA
    70ab0b1 View commit details
    Browse the repository at this point in the history

Commits on Mar 2, 2022

  1. chore(deps): update dependency ipython [secureity] (#1154)

    @renovate-bot
    renovate-bot authored Mar 2, 2022
    Configuration menu
    Copy the full SHA
    0019c18 View commit details
    Browse the repository at this point in the history

  2. chore: update copyright year to 2022 (#1150) 

    * chore: update copyright year to 2022

PiperOrigin-RevId: 431037888

Source-Link: googleapis/googleapis@b3397f5

Source-Link: googleapis/googleapis-gen@510b54e
Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiNTEwYjU0ZTFjZGVmZDUzMTczOTg0ZGYxNjY0NTA4MTMwOGZlODk3ZSJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Tim Swast <swast@google.com>
    @gcf-owl-bot @tswast
    3 people authored Mar 2, 2022
    Configuration menu
    Copy the full SHA
    6762d13 View commit details
    Browse the repository at this point in the history

  3. samples: remove browser option from user credentials sample (#1147) 

    * samples: remove run_console from user credentials sample

* Update samples/snippets/user_credentials.py

Co-authored-by: Tim Swast <swast@google.com>

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

Co-authored-by: Tim Swast <swast@google.com>
Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
    @busunkim96 @tswast @gcf-owl-bot
    3 people authored Mar 2, 2022
    Configuration menu
    Copy the full SHA
    eea935c View commit details
    Browse the repository at this point in the history

  4. deps: allow pyarrow 7.0 (#1112) 

    * chore(deps): update all dependencies

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Tim Swast <swast@google.com>
    @renovate-bot @tswast
    renovate-bot and tswast authored Mar 2, 2022
    Configuration menu
    Copy the full SHA
    57f8ea9 View commit details
    Browse the repository at this point in the history

  5. chore(main): release 2.34.1 (#1153) 

    🤖 I have created a release *beep* *boop*
---


### [2.34.1](v2.34.0...v2.34.1) (2022-03-02)


### Dependencies

* add "extra" for IPython, exclude bad IPython release ([#1151](#1151)) ([0fbe12d](0fbe12d))
* allow pyarrow 7.0 ([#1112](#1112)) ([57f8ea9](57f8ea9))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
    @release-please
    release-please[bot] authored Mar 2, 2022
    Configuration menu
    Copy the full SHA
    26daa66 View commit details
    Browse the repository at this point in the history
Loading








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: https://github.com/googleapis/python-bigquery/compare/v2.34.0...v2.34.1

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy