build: update jinja to 2.10.1.#6623
Conversation
GitHub was complaining that 2.10 was problematic security wise; I don't think it's an issue in our environment, but this should make the warnings go away. Signed-off-by: Harvey Tuch <htuch@google.com>
|
Prior to 2.10.1 they provided developer generated tars and shas. 2.10.1 doesn't have these so if we want to pull into |
|
@moderation I'm not so concerned about bumping to 2.10.1 for the Bazel side, since this is only test code consuming, but I think it would be a valuable followup to ensure that we are able to maintain consistent versions of Jinja going forward. I wonder if we can mechanically extract the version and verify it in some test from the requirements.txt and repository_locations.bzl. |
|
/retest |
|
🔨 rebuilding |
junr03
left a comment
junr03
left a comment
There was a problem hiding this comment.
lgtm. @moderation do you mind opening a small issue to track the bazel side, and the consistent versioning across the repo? I feel that otherwise we are just going to forget about it. Thanks!
|
Going to merge this to remove the warning. Let's definitely get the other issue opened per @junr03 |
|
Tracking at #6634 |
* master: (26 commits) docs: update docs to recommend /retest repokitteh command (envoyproxy#6655) http timeout integration test: wait for 15s for upstream reset (envoyproxy#6646) access log: add response code details to the access log formatter (envoyproxy#6626) build: add ppc build badge to README (envoyproxy#6629) Revert dispatcher stats (envoyproxy#6649) Batch implementation with timer (envoyproxy#6452) fault filter: reset token bucket on data start (envoyproxy#6627) event: update libevent dependency to fix race condition (envoyproxy#6637) examples: standardize docker-compose version and yaml extension (envoyproxy#6613) quiche: Implement SpdyUnsafeArena using SpdySimpleArena (envoyproxy#6612) router: support customizable retry back-off intervals (envoyproxy#6568) api: create OpenRCA service proto file (envoyproxy#6497) ext_authz: option for clearing route cache of authorized requests (envoyproxy#6503) build: update jinja to 2.10.1. (envoyproxy#6623) tools: check spelling in pre-push hook (envoyproxy#6631) security: blameless postmortem template. (envoyproxy#6553) Implementing Endpoint lease for ClusterLoadAssigment (envoyproxy#6477) add HTTP integration tests exercising timeouts (envoyproxy#6621) event: fix DispatcherImplTest::InitializeStats flake (envoyproxy#6619) Add tag extractor for RDS route config name (envoyproxy#6618) ... Signed-off-by: Michael Puncel <mpuncel@squareup.com>
5 participants
GitHub was complaining that 2.10 was problematic security wise; I don't
think it's an issue in our environment, but this should make the
warnings go away.
Signed-off-by: Harvey Tuch htuch@google.com