Bump the 3-2-auth-ui-package-updates group across 1 directory with 19 updates#65152
Closed
Conversation
…nd scheduled builds (#64673) (#64675) UI E2E tests are expensive and should only run when UI files actually changed or the "full tests needed" label is explicitly set. Previously they ran on every push to main, canary build, scheduled run, and any PR that triggered derived full_tests_needed (env file changes, large PRs, etc.). (cherry picked from commit b15a5c9) Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
…4713) (#64717) Temporary switch to the latest commit of infrastructure-actions allowlist-check until apache/infrastructure-actions#662 is merged, which will provide a proper tagged release. (cherry picked from commit 04b3dd0) Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
Bumps the github-actions-updates group with 3 updates: [actions/setup-go](https://github.com/actions/setup-go), [github/codeql-action](https://github.com/github/codeql-action) and [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv). Updates `actions/setup-go` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@4b73464...4a36011) Updates `github/codeql-action` from 4.32.6 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@0d579ff...c10b806) Updates `astral-sh/setup-uv` from 7.6.0 to 8.0.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@37802ad...cec2083) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: astral-sh/setup-uv dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…logging e2e (#64697) (#64698) Refactor ci_image_build to delegate to prod_image_build instead of duplicating conditions. Add ci-image-build assertions to all 5 remote logging e2e test cases to verify CI image is built when remote logging files change. (cherry picked from commit 3cf4f51) Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
…rflow (#63882) (#64758) * Fix start_date in example DAGs to avoid TZ conversion overflow * Update airflow-core/src/airflow/example_dags/example_inlet_event_extra.py * Update airflow-core/src/airflow/example_dags/example_inlet_event_extra.py * Update airflow-core/src/airflow/example_dags/example_outlet_event_extra.py * Update airflow-core/src/airflow/example_dags/example_outlet_event_extra.py * Apply suggestion from @yuseok89 --------- (cherry picked from commit db5e555) Co-authored-by: HuangWei <huangwei@apache.org> Co-authored-by: yuseok89 <yuseok89@gmail.com>
…64720) Reset the OTel SDK's Once() guard on _METER_PROVIDER_SET_ONCE before calling set_meter_provider() in get_otel_logger(). When a forked child process re-initializes Stats (detected via PID mismatch in stats.py), the inherited Once._done = True flag prevents the new MeterProvider from being registered. The child falls back to the parent's stale provider whose PeriodicExportingMetricReader thread is dead after fork, causing task-level metrics like ti.finish to be silently dropped. The fix resets _done and _METER_PROVIDER before each set_meter_provider() call. On first initialization (no fork), _done is already False so this is a no-op. On re-initialization after fork, it allows the new provider to be set correctly. (cherry picked from commit ff77bd2) Closes: #64690 Co-authored-by: Michael Black <4128408+MichaelRBlack@users.noreply.github.com>
…log download (#64235) (#64640) * Fix #62414: Remove spurious blank lines in filtered task log download When log level or source filters were applied, renderStructuredLog returned empty strings for dropped lines. Joining those with newlines still inserted blank lines, often at the start of the downloaded file. * Fix prek formatting in Logs.tsx and logDownloadContent.test.ts Reformats getLogString arrow function to stay within line length limit, and fixes object key ordering (content before continuation_token) in test fixtures to match Prettier's alphabetical sorting. (cherry picked from commit 32ac564) Co-authored-by: Bernardo Gunzburger Lopes <130933290+bennyc0de@users.noreply.github.com>
…vironment (#64536) (#64769) * Build CI image before syncing breeze lock in version upgrades When upgrade_important_versions.py detects changed versions, force-build the CI image for Python 3.10 before running breeze's uv sync so that the lock file is generated against the updated image. * CI: Upgrade important CI environment (cherry picked from commit 1522953)
…tes (#64542) (#64772) * fix(ui): correct external link target and add rel attributes with test * fix(ui): correct external link target and add rel attributes with test * fix(ui): correct external link target and add rel attributes with test * fix: apply UI formatting (cherry picked from commit 8509dc9) Co-authored-by: Mayank Aggarwal <aggarwalmayank184@gmail.com>
…uns (#64584) (#64809) Changes to .txt and .md files that are not part of the doc build should not trigger the full test suite. This adds a new TEXT_NON_DOC_FILES file group to selective checks and an only_text_non_doc_files_changed property so these files are subtracted from the "remaining files" set, avoiding unnecessary CI runs for text-only, non-doc-build changes. Also removes the overly broad `^dev/.*` pattern from the test-always file group since dev/ changes should be evaluated by more specific file group patterns. (cherry picked from commit aca2d59)
…s instead of separate CI jobs (#64780) (#64810) Non-provider mypy checks (airflow-core, task-sdk, airflow-ctl, dev, scripts, devel-common) now run locally via uv as regular prek hooks in the pre-commit stage, instead of running as separate mypy CI jobs in the CI image checks workflow. This means they run as part of the regular static checks job in CI and automatically on every local commit. The folder-level mypy checks (which check entire directories at once for comprehensive cross-file type checking) replace the previous file-level incremental checks. Provider mypy checks still run via breeze as a dedicated CI job, now embedded directly in the main CI workflow (ci-amd-arm.yml) instead of being dispatched through the ci-image-checks reusable workflow. The selective checks logic skips non-provider mypy hooks when their relevant files haven't changed, unless devel-common/pyproject.toml changes on main (which affects all mypy configurations). (cherry picked from commit 0ce1dd7)
…single-dict arguments (#64773) * Fix dict args in structlog positional formatting When a dict was passed as a positional argument to a log message (e.g. log.warning('message %s', {'a': 10})), both the structlog bound logger and the stdlib logging path would try named substitution first, causing TypeError for positional format specifiers like %s. Fix both paths to match CPython's stdlib logging behavior: try positional formatting (msg % args) first, fall back to named substitution (msg % args[0]) only on TypeError/KeyError. - In _make_airflow_structlogger.meth(): try event % args first, fall back to named substitution on failure - Add positional_arguments_formatter() to replace structlog's built-in PositionalArgumentsFormatter, which has the same ordering bug for stdlib logging records Fixes #62201 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> (cherry picked from commit e1e4bdb) * fix: add missing blank line before parametrize decorator (cherry picked from commit 9c6e3a4) --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
) (#64729) Verify rustup-init binary with SHA256 checksum instead of curl-pipe-sh Download the rustup-init binary directly and verify its SHA256 checksum before execution, instead of piping the shell installer script through sh. Pin rustup-init to version 1.29.0 with hardcoded SHA256 checksums for amd64 and arm64, matching the existing cosign verification pattern. This prevents a compromised server from serving a tampered binary with a matching checksum. (cherry picked from commit 1b28933) Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
…allback) (#64552) (#64852) * Add .worktrees/ to .gitignore * Make Theme tokens field optional to allow CSS-only or empty theme configs * Add integration test: CSS-only theme passes config endpoint validation * Docs: note that Theme tokens is optional, empty config restores OSS defaults * Improve CSS-only theme test: also assert icon fields absent from response * Add newsfragment for optional theme tokens * Rename newsfragment to PR #64552 * Fix TypeScript errors in createTheme for optional tokens support The API schema for Theme became opaque ({[key: string]: unknown}) after @model_serializer was added to Theme in Python to exclude None values. This broke theme.ts in two ways: - userTheme.tokens typed as unknown, not assignable to TokenDefinition - mergeConfigs() called with undefined, which it doesn't accept Fix by conditionally spreading tokens/globalCss (guarding for CSS-only themes) and casting to Record<string, unknown> which is assignable to TokenDefinition. Use conditional mergeConfigs call to avoid passing undefined. * Fix Theme OpenAPI schema collapsing to untyped object The @model_serializer(mode="wrap") on Theme and ThemeColors caused Pydantic to generate additionalProperties:true for both models in the OpenAPI spec, losing typed fields (tokens, globalCss, icon) and breaking TypeScript types to {[key: string]: unknown}. Fix: remove wrap serializers from Theme/ThemeColors; add @field_serializer("theme") to ConfigResponse with model_dump(exclude_none=True) to preserve None-exclusion behavior scoped to the theme field only. Add ConfigDict(json_schema_mode_override="validation") to ConfigResponse so schema generation uses type annotations rather than the field serializer's dict return type, keeping the $ref: Theme link intact. Also removes unrelated .worktrees/ entry from .gitignore. (cherry picked from commit a06896f) Co-authored-by: Constance Martineau <constance.alyssa.martineau@gmail.com>
…4752) (#64853) * Fix Gantt view "Error invalid date" on running DagRun (#64599) The Gantt chart scale calculation used new Date() to parse date strings, which fails for non-UTC timezone abbreviations, returning NaN and crashing Chart.js's time scale. Changes: - Replace new Date().getTime() with dayjs().valueOf() for reliable date parsing in the x-axis scale min/max calculations. - Add unit tests for Gantt chart scale calculations and data transformation covering completed tasks, running tasks with null end dates, groups with null dates, and ISO date string validity. * Address review feedback: fix static checks and consistency - Fix object property ordering in test data (alphabetical) - Import vi as type-only from vitest - Fix duration field position in selectedRun objects - Make dayjs null handling consistent between max and min scale calculations (remove unnecessary ?? undefined) * Fix ESLint no-empty-function error in Gantt utils test * Fix TypeScript type errors in Gantt utils tests Update test fixtures to match current generated types: - Add has_missed_deadline to GridRunsResponse objects - Remove dag_id and map_index from GanttTaskInstance objects - Add depth to GridTask objects - Add task_display_name to LightGridTaskInstanceSummary objects * Fix translate type to use TFunction in Gantt utils tests (cherry picked from commit 0b2efb9) Co-authored-by: Ashir Alam <alamashir@gmail.com>
…tes away from auth pages (#63873) (#64854) When a user opens a Security panel (e.g. Users) and clicks the Airflow logo inside the embedded FAB iframe, the iframe navigates to '/' which causes the React SPA to render inside the iframe, including its own Nav sidebar. This produces a duplicate navigation bar alongside the outer app's sidebar. Fix: before calling navigate('/'), set iframe.src = 'about:blank' to immediately clear the iframe content so the inner React app has no chance to render its Nav. A isRedirecting ref guards against the extra onLoad event that setting src to about:blank would otherwise trigger. Closes #63805 (cherry picked from commit 545baf4) Co-authored-by: nagasrisai <59650078+nagasrisai@users.noreply.github.com>
…age action (#64872) (#64873) Jobs that use the prepare_breeze_and_image composite action all had a duplicate "Free up disk space" step. Centralize it in the action to reduce repetition. Jobs that don't use the action (e.g. summarize warnings) keep their own copy. (cherry picked from commit 1d67953) Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
Contributor
|
Something off happened here |
Contributor
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
Contributor
|
@dependabot recreate |
Contributor
Author
|
Looks like this PR is closed. If the branch still exists, you can re-open the PR and then use |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the 3-2-auth-ui-package-updates group with 19 updates in the /airflow-core/src/airflow/api_fastapi/auth/managers/simple/ui directory:
0.94.00.95.05.90.215.97.01.13.61.15.019.2.419.2.58.0.18.1.019.2.419.2.57.71.27.72.17.13.17.14.02.0.02.1.02.0.32.0.58.57.08.58.18.57.08.58.18.57.08.58.14.1.04.1.410.0.310.2.05.6.05.8.08.57.08.58.18.0.58.0.84.1.04.1.4Updates
@hey-api/openapi-tsfrom 0.94.0 to 0.95.0Release notes
Sourced from
@hey-api/openapi-ts's releases.... (truncated)
Changelog
Sourced from
@hey-api/openapi-ts's changelog.... (truncated)
Commits
5e1eaeaMerge pull request #3664 from hey-api/changeset-release/mainacd0e9dci: release632638fMerge pull request #3675 from hey-api/refactor/dsl-from-value8aa4698refactor: rename fromValue file to from-value11db9afMerge pull request #3674 from hey-api/docs/sponsors-mintlify-3a32e70bdocs: remove Mintlify from sponsors3efbe9bMerge pull request #3673 from hey-api/docs/sponsors-mintlify-2bd2bf6edocs: remove Mintlify from sponsors1162b4aMerge pull request #3672 from hey-api/docs/soon-to-vote5f696b7docs: update soon label to voteUpdates
@tanstack/react-queryfrom 5.90.21 to 5.97.0Release notes
Sourced from
@tanstack/react-query's releases.... (truncated)
Changelog
Sourced from
@tanstack/react-query's changelog.... (truncated)
Commits
125067cci: Version Packages (#10436)f699190test(react-query): replace hardcoded query keys with 'queryKey()' utility (#1...f3d3eeatest(*): replace deprecated 'toMatchTypeOf' with 'toExtend' (#10413)3d6e001test(react-query/useSuspenseQueries): replace 'async/await sleep' with 'sleep...7d7a21ctest(react-query): replace 'async/await sleep' with 'sleep().then()' in test ...5ca721fci: Version Packages (#10379)75052a7ci: Version Packages (#10370)73e783bci: Version Packages (#10364)14a97b7test(react-query): replace 'import React' with 'import * as React' in 'usePre...fd8c068test({react,preact}-query/useSuspenseQueries): merge redundant second 'descri...Updates
axiosfrom 1.13.6 to 1.15.0Release notes
Sourced from axios's releases.
... (truncated)
Changelog
Sourced from axios's changelog.
... (truncated)
Commits
772a4e5chore(release): prepare release 1.15.0 (#10671)4b07137chore(deps-dev): bump vite from 8.0.0 to 8.0.5 in /tests/smoke/esm (#10663)51e57b3chore(deps-dev): bump vite from 8.0.2 to 8.0.5 (#10664)fba1a77chore(deps-dev): bump vite from 8.0.2 to 8.0.5 in /tests/module/esm (#10665)0bf6e28chore(deps): bump denoland/setup-deno in the github-actions group (#10669)8107157chore(deps-dev): bump the development_dependencies group with 4 updates (#10670)e66530eci: require npm-publish environment for releases (#10666)49f23cbchore(sponsor): update sponsor block (#10668)3631854fix: unrestricted cloud metadata exfiltration via header injection chain (#10...fb3befbfix: no_proxy hostname normalization bypass leads to ssrf (#10661)Install script changes
This version modifies
preparescript that runs during installation. Review the package contents before updating.Updates
reactfrom 19.2.4 to 19.2.5Release notes
Sourced from react's releases.
Commits
23f4f9f19.2.5Updates
react-cookiefrom 8.0.1 to 8.1.0Release notes
Sourced from react-cookie's releases.
... (truncated)
Commits
e597546Bump to v8.1.0 (#948)9480fc5Revert from .mts to .ts files (#947)ba4bf65fix: refactor useLayoutEffect to follow React Hook rules and update SSR tests...99a80f7chore: fix types for react components (#939)a5ae6b9Potential fix for code scanning alert no. 2: Workflow does not contain permis...ac30565Potential fix for code scanning alert no. 1: Workflow does not contain permis...78cd882Upgrade libraries (#944)3442112chore(deps): update dependency@types/reactto ^19.1.2 (#921)b988767chore(deps): update yarn to v4.9.1 (#919)060bf39chore(deps): lock file maintenance (#918)Updates
react-domfrom 19.2.4 to 19.2.5Release notes
Sourced from react-dom's releases.
Commits
23f4f9f19.2.5Updates
react-hook-formfrom 7.71.2 to 7.72.1Release notes
Sourced from react-hook-form's releases.
Commits
724e5637.72.1ba649e9🐞 test: add isDirty check for numeric string keys in defaultValues (issue #13...2f56eb0🛖 build(deps): bump yaml from 1.10.2 to 1.10.3 in /app (#13335)f29f546👯 combine duplicated code (#13328)2cfc8a5🐞 fix: prevent setValue with shouldDirty from polluting unrelated dirty field...44e8815🐞 fix: memoize control in HookFormControlContext to prevent render conflicts ...302d160🐞 fix: isNameInFieldArray should check all ancestor paths for nested field ar...d7ccd70🦾 dev deps upgrade (#13325)fddf779🐞 fix: #13320 formState.isValid incorrect on Controller re-mount (#13324)26ae54e🛖 build(deps-dev): bump rollup from 4.53.3 to 4.59.0 (#13323)Updates
react-router-domfrom 7.13.1 to 7.14.0Changelog
Sourced from react-router-dom's changelog.
Commits
e31077bchore: Update version for release (#14945)6683e85chore: Update version for release (pre) (#14943)aadb56fchore: Update version for release (#14908)c68a9b3chore: Update version for release (pre) (#14893)Updates
@7nohe/openapi-react-query-codegenfrom 2.0.0 to 2.1.0Release notes
Sourced from
@7nohe/openapi-react-query-codegen's releases.Commits
b0c732bchore: release v2.1.01d5006fchore: add missing path for react-router-7-app in biome.jsondc3c833ci: migrate npm release workflow to trusted publishing (#193)bee536dSupport TypeScript5.9.x and hey-api/openapi-ts 0.92.x (#192)Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for
@7nohe/openapi-react-query-codegensince your current version.Updates
@eslint/compatfrom 2.0.3 to 2.0.5Release notes
Sourced from
@eslint/compat's releases.