From 78bfaea335d67ec2266134ef278698f047a86a99 Mon Sep 17 00:00:00 2001 From: minmingzhu <45281494+minmingzhu@users.noreply.github.com> Date: Tue, 26 Mar 2024 02:22:42 +0000 Subject: [PATCH 1/2] [ML-374] Added OpenSSF Best Practices badge to readme (#375) * update spark to 3.3.3 Signed-off-by: minmingzhu * add openssf url link Signed-off-by: minmingzhu * Update dev_cron.yml * Update dev_cron.yml --------- Signed-off-by: minmingzhu --- .github/workflows/dev_cron.yml | 2 +- README.md | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dev_cron.yml b/.github/workflows/dev_cron.yml index 8a7c8d886..eb44208f0 100644 --- a/.github/workflows/dev_cron.yml +++ b/.github/workflows/dev_cron.yml @@ -24,7 +24,7 @@ on: - opened - edited - synchronize - + permissions: read-all jobs: diff --git a/README.md b/README.md index 55afbf855..909d717a2 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,9 @@ ##### \* Optimized Analytics Package for Spark* Platform is under Apache 2.0 (https://www.apache.org/licenses/LICENSE-2.0). +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/oap-project/oap-mllib/badge)](https://securityscorecards.dev/viewer/?uri=github.com/oap-project/oap-mllib) +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/8460/badge)](https://www.bestpractices.dev/projects/8460) + # Introduction ## The Problem From 0a533f85f660ce5e69129ee248191262e8503ecb Mon Sep 17 00:00:00 2001 From: minmingzhu <45281494+minmingzhu@users.noreply.github.com> Date: Tue, 26 Mar 2024 02:22:58 +0000 Subject: [PATCH 2/2] Revert "[ML-374] Fix openssf issue where a pip dependency is detected as not being pinned by a hash." (#376) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Revert "[ML-374] Fix openssf issue where a pip dependency is detected as not …" This reverts commit 904d683430394c68240446f239e367643d1cc33f. * Update dev_cron.yml * Update dev_cron.yml --- dev/test-cluster/requirements.txt | 38 ------------------------------- dev/test-cluster/setup-python3.sh | 2 +- 2 files changed, 1 insertion(+), 39 deletions(-) delete mode 100644 dev/test-cluster/requirements.txt diff --git a/dev/test-cluster/requirements.txt b/dev/test-cluster/requirements.txt deleted file mode 100644 index 7b7766f12..000000000 --- a/dev/test-cluster/requirements.txt +++ /dev/null @@ -1,38 +0,0 @@ -# -# This file is autogenerated by pip-compile with Python 3.9 -# by the following command: -# -# pip-compile --generate-hashes requirements.in -# -numpy==1.21.2 \ - --hash=sha256:09858463db6dd9f78b2a1a05c93f3b33d4f65975771e90d2cf7aadb7c2f66edf \ - --hash=sha256:209666ce9d4a817e8a4597cd475b71b4878a85fa4b8db41d79fdb4fdee01dde2 \ - --hash=sha256:298156f4d3d46815eaf0fcf0a03f9625fc7631692bd1ad851517ab93c3168fc6 \ - --hash=sha256:30fc68307c0155d2a75ad19844224be0f2c6f06572d958db4e2053f816b859ad \ - --hash=sha256:423216d8afc5923b15df86037c6053bf030d15cc9e3224206ef868c2d63dd6dc \ - --hash=sha256:426a00b68b0d21f2deb2ace3c6d677e611ad5a612d2c76494e24a562a930c254 \ - --hash=sha256:466e682264b14982012887e90346d33435c984b7fead7b85e634903795c8fdb0 \ - --hash=sha256:51a7b9db0a2941434cd930dacaafe0fc9da8f3d6157f9d12f761bbde93f46218 \ - --hash=sha256:52a664323273c08f3b473548bf87c8145b7513afd63e4ebba8496ecd3853df13 \ - --hash=sha256:550564024dc5ceee9421a86fc0fb378aa9d222d4d0f858f6669eff7410c89bef \ - --hash=sha256:5de64950137f3a50b76ce93556db392e8f1f954c2d8207f78a92d1f79aa9f737 \ - --hash=sha256:640c1ccfd56724f2955c237b6ccce2e5b8607c3bc1cc51d3933b8c48d1da3723 \ - --hash=sha256:7fdc7689daf3b845934d67cb221ba8d250fdca20ac0334fea32f7091b93f00d3 \ - --hash=sha256:805459ad8baaf815883d0d6f86e45b3b0b67d823a8f3fa39b1ed9c45eaf5edf1 \ - --hash=sha256:92a0ab128b07799dd5b9077a9af075a63467d03ebac6f8a93e6440abfea4120d \ - --hash=sha256:9f2dc79c093f6c5113718d3d90c283f11463d77daa4e83aeeac088ec6a0bda52 \ - --hash=sha256:a5109345f5ce7ddb3840f5970de71c34a0ff7fceb133c9441283bb8250f532a3 \ - --hash=sha256:a55e4d81c4260386f71d22294795c87609164e22b28ba0d435850fbdf82fc0c5 \ - --hash=sha256:a9da45b748caad72ea4a4ed57e9cd382089f33c5ec330a804eb420a496fa760f \ - --hash=sha256:b160b9a99ecc6559d9e6d461b95c8eec21461b332f80267ad2c10394b9503496 \ - --hash=sha256:b342064e647d099ca765f19672696ad50c953cac95b566af1492fd142283580f \ - --hash=sha256:b5e8590b9245803c849e09bae070a8e1ff444f45e3f0bed558dd722119eea724 \ - --hash=sha256:bf75d5825ef47aa51d669b03ce635ecb84d69311e05eccea083f31c7570c9931 \ - --hash=sha256:c01b59b33c7c3ba90744f2c695be571a3bd40ab2ba7f3d169ffa6db3cfba614f \ - --hash=sha256:d96a6a7d74af56feb11e9a443150216578ea07b7450f7c05df40eec90af7f4a7 \ - --hash=sha256:dd0e3651d210068d13e18503d75aaa45656eef51ef0b261f891788589db2cc38 \ - --hash=sha256:e167b9805de54367dcb2043519382be541117503ce99e3291cc9b41ca0a83557 \ - --hash=sha256:e42029e184008a5fd3d819323345e25e2337b0ac7f5c135b7623308530209d57 \ - --hash=sha256:f545c082eeb09ae678dd451a1b1dbf17babd8a0d7adea02897a76e639afca310 \ - --hash=sha256:fde50062d67d805bc96f1a9ecc0d37bfc2a8f02b937d2c50824d186aa91f2419 - # via -r requirements.in diff --git a/dev/test-cluster/setup-python3.sh b/dev/test-cluster/setup-python3.sh index 53f4ac7e3..4aeedd41e 100755 --- a/dev/test-cluster/setup-python3.sh +++ b/dev/test-cluster/setup-python3.sh @@ -3,7 +3,7 @@ sudo apt-get update -q sudo apt-get install -y -q python3-pip python3-setuptools python3-wheel -pip3 install --user -q -r requirements.txt +pip3 install --user numpy -q sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10