From 86efa5e805efc53b8996681fd3a188a8fe9e17d6 Mon Sep 17 00:00:00 2001 From: Francisco Arceo Date: Thu, 19 Dec 2024 09:13:21 -0500 Subject: [PATCH 01/11] Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- docs/README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/docs/README.md b/docs/README.md index 5e36e1ce40..36c83ed177 100644 --- a/docs/README.md +++ b/docs/README.md @@ -42,12 +42,15 @@ serving system must make a request to the feature store to retrieve feature valu ## Who is Feast for? -Feast helps ML platform/MLOps teams with DevOps experience productionize real-time models. Feast also helps these teams -build a feature platform that improves collaboration between data engineers, software engineers, machine learning -engineers, and data scientists. +Feast helps ML platform/MLOps teams with DevOps experience productionize real-time models. Feast also helps these teams build a feature platform that improves collaboration between data engineers, software engineers, machine learning engineers, and data scientists. -Feast is likely **not** the right tool if you -* are in an organization that’s just getting started with ML and is not yet sure what the business impact of ML is +* *For Data Scientists*: Feast is a a tool where you can easily define, store, and retrieve your features for both model development and model deployment. By using Feast, you can focus on what you do best: build features that power your AI/ML models and maximize the value of your data. + +* *For MLOps Engineers*: Feast is a library that allows you to connect your existing infrastructure (e.g., online database, application server, microservice, analytical database, and orchestration tooling) that enables your Data Scientists to ship features for their models to production using a friendly SDK without having to be concerned with software engineering challenges that occur from serving real-time production systems. By using Feast, you can focus on maintaining a resilient system, instead of implementing features for Data Scientists. + +* *For Data Engineers*: Feast provides a centralized catalog for storing feature definitions allowing one to maintain a single source of truth for feature data. It provides the abstraction for reading and writing to many different types of offline and online data stores. Using either the provided python SDK or the feature server service, users can write data to the online and/or offline stores and then read that data out again in either low-latency online scenarios for model inference, or in batch scenarios for model training. + +* *For AI Engineers*: Feast provides a platform designed to scale your AI applications by enabling seamless integration of richer data and facilitating fine-tuning. With Feast, you can optimize the performance of your AI models while ensuring a scalable and efficient data pipeline. ## What Feast is not? From 00c397fd1c409b96f56bf64c851c4c9572aa1481 Mon Sep 17 00:00:00 2001 From: Francisco Arceo Date: Thu, 19 Dec 2024 09:37:10 -0500 Subject: [PATCH 02/11] chore: Update quickstart.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- docs/getting-started/quickstart.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/getting-started/quickstart.md b/docs/getting-started/quickstart.md index d35446ce7f..a83897005f 100644 --- a/docs/getting-started/quickstart.md +++ b/docs/getting-started/quickstart.md @@ -10,6 +10,9 @@ Feast (Feature Store) is an open-source feature store designed to facilitate the * *For Data Engineers*: Feast provides a centralized catalog for storing feature definitions allowing one to maintain a single source of truth for feature data. It provides the abstraction for reading and writing to many different types of offline and online data stores. Using either the provided python SDK or the feature server service, users can write data to the online and/or offline stores and then read that data out again in either low-latency online scenarios for model inference, or in batch scenarios for model training. +* *For AI Engineers*: Feast provides a platform designed to scale your AI applications by enabling seamless integration of richer data and facilitating fine-tuning. With Feast, you can optimize the performance of your AI models while ensuring a scalable and efficient data pipeline. + + For more info refer to [Introduction to feast](../README.md) ## Prerequisites From 74a1950827d4ac2021b3501c117af25f6c20f427 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 19 Dec 2024 18:30:47 +0000 Subject: [PATCH 03/11] fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- java/pom.xml | 12 ++++++------ java/serving/pom.xml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/java/pom.xml b/java/pom.xml index 6b18588923..dbb24aa34f 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -41,9 +41,9 @@ UTF-8 UTF-8 - 1.30.2 + 1.53.0 3.12.2 - 3.16.1 + 3.25.5 1.111.1 0.8.0 1.9.10 @@ -61,7 +61,7 @@ 1.5.24 3.14.7 3.10 - 2.14.0 + 2.15.0 2.3.1 1.3.2 2.0.1.Final @@ -300,7 +300,7 @@ src/main/java/**/BatchLoadsWithResult.java - + @@ -365,7 +365,7 @@ [11.0,) - + @@ -376,7 +376,7 @@ - + diff --git a/java/serving/pom.xml b/java/serving/pom.xml index ca7f8a73b5..e10b58b8d9 100644 --- a/java/serving/pom.xml +++ b/java/serving/pom.xml @@ -126,7 +126,7 @@ com.azure azure-storage-blob - 12.25.2 + 12.26.1 com.azure @@ -192,7 +192,7 @@ io.jaegertracing jaeger-client - 1.3.2 + 1.8.1 io.opentracing @@ -240,7 +240,7 @@ com.google.cloud google-cloud-storage - 1.118.0 + 2.43.1 From 8b31eab530a196b7e8216b86de37e41ed462de9b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 19 Dec 2024 21:05:38 +0000 Subject: [PATCH 04/11] fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- sdk/python/feast/ui/package.json | 2 +- sdk/python/feast/ui/yarn.lock | 110 +++---------------------------- 2 files changed, 9 insertions(+), 103 deletions(-) diff --git a/sdk/python/feast/ui/package.json b/sdk/python/feast/ui/package.json index 0382cfafee..f1e28382da 100644 --- a/sdk/python/feast/ui/package.json +++ b/sdk/python/feast/ui/package.json @@ -4,7 +4,7 @@ "private": true, "dependencies": { "@elastic/datemath": "^5.0.3", - "@elastic/eui": "^55.0.1", + "@elastic/eui": "^72.0.0", "@emotion/react": "^11.9.0", "@feast-dev/feast-ui": "0.42.0", "@testing-library/jest-dom": "^5.16.4", diff --git a/sdk/python/feast/ui/yarn.lock b/sdk/python/feast/ui/yarn.lock index 2e6af4dc7c..065f75d8ea 100644 --- a/sdk/python/feast/ui/yarn.lock +++ b/sdk/python/feast/ui/yarn.lock @@ -1272,10 +1272,10 @@ dependencies: tslib "^1.9.3" -"@elastic/eui@^55.0.1": - version "55.1.2" - resolved "https://registry.yarnpkg.com/@elastic/eui/-/eui-55.1.2.tgz#dd0b42f5b26c5800d6a9cb2d4c2fe1afce9d3f07" - integrity sha512-wwZz5KxMIMFlqEsoCRiQBJDc4CrluS1d0sCOmQ5lhIzKhYc91MdxnqCk2i6YkhL4sSDf2Y9KAEuMXa+uweOWUA== +"@elastic/eui@^72.0.0": + version "72.2.0" + resolved "https://registry.yarnpkg.com/@elastic/eui/-/eui-72.2.0.tgz#0d89ec4c6d8a677ba41d086abd509c5a5ea09180" + integrity sha512-3JHKLWqbU1A6qMVkw0n1VZ5PaL07sd3N44tWsRCn+DEaDv9jq68ilEmY1wdYqKXw8VyFwcPbd8ZYZpdzBD2nPA== dependencies: "@types/chroma-js" "^2.0.0" "@types/lodash" "^4.14.160" @@ -1296,7 +1296,7 @@ react-beautiful-dnd "^13.1.0" react-dropzone "^11.5.3" react-element-to-jsx-string "^14.3.4" - react-focus-on "^3.5.4" + react-focus-on "^3.7.0" react-input-autosize "^3.0.0" react-is "^17.0.2" react-virtualized-auto-sizer "^1.0.6" @@ -1307,7 +1307,7 @@ rehype-stringify "^8.0.0" remark-breaks "^2.0.2" remark-emoji "^2.1.0" - remark-parse "^8.0.3" + remark-parse-no-trim "^8.0.4" remark-rehype "^8.0.0" tabbable "^5.2.1" text-diff "^1.0.1" @@ -3363,13 +3363,6 @@ argparse@^2.0.1: resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38" integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q== -aria-hidden@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/aria-hidden/-/aria-hidden-1.1.3.tgz#bb48de18dc84787a3c6eee113709c473c64ec254" - integrity sha512-RhVWFtKH5BiGMycI72q2RAFMLQi8JP9bLuQXgR5a8Znp7P5KOIADSJeyfI8PCVxLEp067B2HbP5JIiI/PXIZeA== - dependencies: - tslib "^1.0.0" - aria-hidden@^1.2.2: version "1.2.4" resolved "https://registry.yarnpkg.com/aria-hidden/-/aria-hidden-1.2.4.tgz#b78e383fdbc04d05762c78b4a25a501e736c4522" @@ -5724,13 +5717,6 @@ flatted@^3.1.0: resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.2.5.tgz#76c8584f4fc843db64702a6bd04ab7a8bd666da3" integrity sha512-WIWGi2L3DyTUvUrwRKgGi9TwxQMUEqPOPQBVi71R96jZXJdFskXEmf54BoZaS1kknGODoIGASGEzBUYdyMCBJg== -focus-lock@^0.11.2: - version "0.11.2" - resolved "https://registry.yarnpkg.com/focus-lock/-/focus-lock-0.11.2.tgz#aeef3caf1cea757797ac8afdebaec8fd9ab243ed" - integrity sha512-pZ2bO++NWLHhiKkgP1bEXHhR1/OjVcSvlCJ98aNJDFeb7H5OOQaO+SKOZle6041O9rv2tmbrO4JzClAvDUHf0g== - dependencies: - tslib "^2.0.3" - focus-lock@^1.3.5: version "1.3.5" resolved "https://registry.yarnpkg.com/focus-lock/-/focus-lock-1.3.5.tgz#aa644576e5ec47d227b57eb14e1efb2abf33914c" @@ -9103,32 +9089,7 @@ react-focus-lock@^2.11.3: use-callback-ref "^1.3.2" use-sidecar "^1.1.2" -react-focus-lock@^2.9.0: - version "2.9.1" - resolved "https://registry.yarnpkg.com/react-focus-lock/-/react-focus-lock-2.9.1.tgz#094cfc19b4f334122c73bb0bff65d77a0c92dd16" - integrity sha512-pSWOQrUmiKLkffPO6BpMXN7SNKXMsuOakl652IBuALAu1esk+IcpJyM+ALcYzPTTFz1rD0R54aB9A4HuP5t1Wg== - dependencies: - "@babel/runtime" "^7.0.0" - focus-lock "^0.11.2" - prop-types "^15.6.2" - react-clientside-effect "^1.2.6" - use-callback-ref "^1.3.0" - use-sidecar "^1.1.2" - -react-focus-on@^3.5.4: - version "3.6.0" - resolved "https://registry.yarnpkg.com/react-focus-on/-/react-focus-on-3.6.0.tgz#159e13082dad4ea1f07abe11254f0e981d5a7b79" - integrity sha512-onIRjpd9trAUenXNdDcvjc8KJUSklty4X/Gr7hAm/MzM7ekSF2pg9D8KBKL7ipige22IAPxLRRf/EmJji9KD6Q== - dependencies: - aria-hidden "^1.1.3" - react-focus-lock "^2.9.0" - react-remove-scroll "^2.5.2" - react-style-singleton "^2.2.0" - tslib "^2.3.1" - use-callback-ref "^1.3.0" - use-sidecar "^1.1.2" - -react-focus-on@^3.9.1: +react-focus-on@^3.7.0, react-focus-on@^3.9.1: version "3.9.4" resolved "https://registry.yarnpkg.com/react-focus-on/-/react-focus-on-3.9.4.tgz#0b6c13273d86243c330d1aa53af39290f543da7b" integrity sha512-NFKmeH6++wu8e7LJcbwV8TTd4L5w/U5LMXTMOdUcXhCcZ7F5VOvgeTHd4XN1PD7TNmdvldDu/ENROOykUQ4yQg== @@ -9209,14 +9170,6 @@ react-refresh@^0.11.0: resolved "https://registry.yarnpkg.com/react-refresh/-/react-refresh-0.11.0.tgz#77198b944733f0f1f1a90e791de4541f9f074046" integrity sha512-F27qZr8uUqwhWZboondsPx8tnC3Ct3SxZA3V5WyEvujRyyNv0VYPhoBg1gZ8/MV5tubQp76Trw8lTv9hzRBa+A== -react-remove-scroll-bar@^2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/react-remove-scroll-bar/-/react-remove-scroll-bar-2.3.1.tgz#9f13b05b249eaa57c8d646c1ebb83006b3581f5f" - integrity sha512-IvGX3mJclEF7+hga8APZczve1UyGMkMG+tjS0o/U1iLgvZRpjFAQEUBJ4JETfvbNlfNnZnoDyWJCICkA15Mghg== - dependencies: - react-style-singleton "^2.2.0" - tslib "^2.0.0" - react-remove-scroll-bar@^2.3.4, react-remove-scroll-bar@^2.3.6: version "2.3.6" resolved "https://registry.yarnpkg.com/react-remove-scroll-bar/-/react-remove-scroll-bar-2.3.6.tgz#3e585e9d163be84a010180b18721e851ac81a29c" @@ -9225,17 +9178,6 @@ react-remove-scroll-bar@^2.3.4, react-remove-scroll-bar@^2.3.6: react-style-singleton "^2.2.1" tslib "^2.0.0" -react-remove-scroll@^2.5.2: - version "2.5.3" - resolved "https://registry.yarnpkg.com/react-remove-scroll/-/react-remove-scroll-2.5.3.tgz#a152196e710e8e5811be39dc352fd8a90b05c961" - integrity sha512-NQ1bXrxKrnK5pFo/GhLkXeo3CrK5steI+5L+jynwwIemvZyfXqaL0L5BzwJd7CSwNCU723DZaccvjuyOdoy3Xw== - dependencies: - react-remove-scroll-bar "^2.3.1" - react-style-singleton "^2.2.0" - tslib "^2.0.0" - use-callback-ref "^1.3.0" - use-sidecar "^1.1.2" - react-remove-scroll@^2.6.0: version "2.6.0" resolved "https://registry.yarnpkg.com/react-remove-scroll/-/react-remove-scroll-2.6.0.tgz#fb03a0845d7768a4f1519a99fdb84983b793dc07" @@ -9317,15 +9259,6 @@ react-scripts@^5.0.0: optionalDependencies: fsevents "^2.3.2" -react-style-singleton@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/react-style-singleton/-/react-style-singleton-2.2.0.tgz#70f45f5fef97fdb9a52eed98d1839fa6b9032b22" - integrity sha512-nK7mN92DMYZEu3cQcAhfwE48NpzO5RpxjG4okbSqRRbfal9Pk+fG2RdQXTMp+f6all1hB9LIJSt+j7dCYrU11g== - dependencies: - get-nonce "^1.0.0" - invariant "^2.2.4" - tslib "^2.0.0" - react-style-singleton@^2.2.1: version "2.2.1" resolved "https://registry.yarnpkg.com/react-style-singleton/-/react-style-singleton-2.2.1.tgz#f99e420492b2d8f34d38308ff660b60d0b1205b4" @@ -9589,28 +9522,6 @@ remark-parse-no-trim@^8.0.4: vfile-location "^3.0.0" xtend "^4.0.1" -remark-parse@^8.0.3: - version "8.0.3" - resolved "https://registry.yarnpkg.com/remark-parse/-/remark-parse-8.0.3.tgz#9c62aa3b35b79a486454c690472906075f40c7e1" - integrity sha512-E1K9+QLGgggHxCQtLt++uXltxEprmWzNfg+MxpfHsZlrddKzZ/hZyWHDbK3/Ap8HJQqYJRXP+jHczdL6q6i85Q== - dependencies: - ccount "^1.0.0" - collapse-white-space "^1.0.2" - is-alphabetical "^1.0.0" - is-decimal "^1.0.0" - is-whitespace-character "^1.0.0" - is-word-character "^1.0.0" - markdown-escapes "^1.0.0" - parse-entities "^2.0.0" - repeat-string "^1.5.4" - state-toggle "^1.0.0" - trim "0.0.1" - trim-trailing-lines "^1.0.0" - unherit "^1.0.4" - unist-util-remove-position "^2.0.0" - vfile-location "^3.0.0" - xtend "^4.0.1" - remark-rehype@^8.0.0, remark-rehype@^8.1.0: version "8.1.0" resolved "https://registry.yarnpkg.com/remark-rehype/-/remark-rehype-8.1.0.tgz#610509a043484c1e697437fa5eb3fd992617c945" @@ -10643,11 +10554,6 @@ trim-trailing-lines@^1.0.0: resolved "https://registry.yarnpkg.com/trim-trailing-lines/-/trim-trailing-lines-1.1.4.tgz#bd4abbec7cc880462f10b2c8b5ce1d8d1ec7c2c0" integrity sha512-rjUWSqnfTNrjbB9NQWfPMH/xRK1deHeGsHoVfpxJ++XeYXE0d6B1En37AHfw3jtfTU7dzMzZL2jjpe8Qb5gLIQ== -trim@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/trim/-/trim-0.0.1.tgz#5858547f6b290757ee95cccc666fb50084c460dd" - integrity sha1-WFhUf2spB1fulczMZm+1AITEYN0= - trough@^1.0.0: version "1.0.5" resolved "https://registry.yarnpkg.com/trough/-/trough-1.0.5.tgz#b8b639cefad7d0bb2abd37d433ff8293efa5f406" @@ -10673,7 +10579,7 @@ tslib@2.6.2: resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.6.2.tgz#703ac29425e7b37cd6fd456e92404d46d1f3e4ae" integrity sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q== -tslib@^1.0.0, tslib@^1.8.1, tslib@^1.9.3: +tslib@^1.8.1, tslib@^1.9.3: version "1.14.1" resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.14.1.tgz#cf2d38bdc34a134bcaf1091c41f6619e2f672d00" integrity sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg== From 7d9eeea4dcd7c104147ea4a3728afe6f5dbb9a40 Mon Sep 17 00:00:00 2001 From: lokeshrangineni <19699092+lokeshrangineni@users.noreply.github.com> Date: Fri, 20 Dec 2024 00:04:31 -0500 Subject: [PATCH 05/11] Feature/lrangine master (#6) * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo Co-authored-by: snyk-bot Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo Co-authored-by: snyk-bot Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: snyk-bot Co-authored-by: Francisco Arceo Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- java/datatypes/pom.xml | 5 + java/pom.xml | 4 +- java/serving-client/pom.xml | 5 + java/serving/pom.xml | 5 + .../requirements/py3.10-ci-requirements.txt | 108 +++++++++--------- .../requirements/py3.10-requirements.txt | 34 +++--- .../requirements/py3.11-ci-requirements.txt | 107 ++++++++--------- .../requirements/py3.11-requirements.txt | 33 +++--- .../requirements/py3.9-ci-requirements.txt | 103 +++++++++-------- .../requirements/py3.9-requirements.txt | 30 ++--- setup.py | 6 +- 11 files changed, 235 insertions(+), 205 deletions(-) diff --git a/java/datatypes/pom.xml b/java/datatypes/pom.xml index b0ba049c57..967262d0e0 100644 --- a/java/datatypes/pom.xml +++ b/java/datatypes/pom.xml @@ -118,6 +118,11 @@ grpc-stub ${grpc.version} + + io.grpc + grpc-api + ${grpc.version} + javax.annotation javax.annotation-api diff --git a/java/pom.xml b/java/pom.xml index dbb24aa34f..0e8811e579 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -41,7 +41,7 @@ UTF-8 UTF-8 - 1.53.0 + 1.63.0 3.12.2 3.25.5 1.111.1 @@ -67,7 +67,7 @@ 2.0.1.Final 0.21.0 1.6.6 - 30.1-jre + 32.0.0-jre 3.4.34 4.1.101.Final diff --git a/java/serving-client/pom.xml b/java/serving-client/pom.xml index 7b8838a009..dc611b4a76 100644 --- a/java/serving-client/pom.xml +++ b/java/serving-client/pom.xml @@ -50,6 +50,11 @@ grpc-testing ${grpc.version} + + io.grpc + grpc-api + ${grpc.version} + com.google.protobuf protobuf-java-util diff --git a/java/serving/pom.xml b/java/serving/pom.xml index e10b58b8d9..89de7416a2 100644 --- a/java/serving/pom.xml +++ b/java/serving/pom.xml @@ -164,6 +164,11 @@ grpc-stub ${grpc.version} + + io.grpc + grpc-api + ${grpc.version} + io.grpc grpc-netty-shaded diff --git a/sdk/python/requirements/py3.10-ci-requirements.txt b/sdk/python/requirements/py3.10-ci-requirements.txt index f2b48d7362..6820a4785c 100644 --- a/sdk/python/requirements/py3.10-ci-requirements.txt +++ b/sdk/python/requirements/py3.10-ci-requirements.txt @@ -1,14 +1,14 @@ # This file was autogenerated by uv via the following command: # uv pip compile -p 3.10 --system --no-strip-extras setup.py --extra ci --output-file sdk/python/requirements/py3.10-ci-requirements.txt -aiobotocore==2.15.2 +aiobotocore==2.16.0 # via feast (setup.py) -aiohappyeyeballs==2.4.3 +aiohappyeyeballs==2.4.4 # via aiohttp -aiohttp==3.11.7 +aiohttp==3.11.11 # via aiobotocore aioitertools==0.12.0 # via aiobotocore -aiosignal==1.3.1 +aiosignal==1.3.2 # via aiohttp alabaster==0.7.16 # via sphinx @@ -16,7 +16,7 @@ altair==4.2.2 # via great-expectations annotated-types==0.7.0 # via pydantic -anyio==4.6.2.post1 +anyio==4.7.0 # via # httpx # jupyter-server @@ -25,7 +25,9 @@ anyio==4.6.2.post1 appnope==0.1.4 # via ipykernel argon2-cffi==23.1.0 - # via jupyter-server + # via + # jupyter-server + # minio argon2-cffi-bindings==21.2.0 # via argon2-cffi arrow==1.3.0 @@ -34,7 +36,7 @@ asn1crypto==1.5.1 # via snowflake-connector-python assertpy==1.1 # via feast (setup.py) -asttokens==2.4.1 +asttokens==3.0.0 # via stack-data async-lru==2.0.4 # via jupyterlab @@ -46,7 +48,7 @@ async-timeout==5.0.1 # redis atpublic==5.0 # via ibis-framework -attrs==24.2.0 +attrs==24.3.0 # via # aiohttp # jsonschema @@ -69,11 +71,11 @@ bigtree==0.22.3 # via feast (setup.py) bleach==6.2.0 # via nbconvert -boto3==1.35.36 +boto3==1.35.81 # via # feast (setup.py) # moto -botocore==1.35.36 +botocore==1.35.81 # via # aiobotocore # boto3 @@ -88,7 +90,7 @@ cachetools==5.5.0 # via google-auth cassandra-driver==3.29.2 # via feast (setup.py) -certifi==2024.8.30 +certifi==2024.12.14 # via # elastic-transport # httpcore @@ -128,9 +130,9 @@ comm==0.2.2 # ipywidgets couchbase==4.3.2 # via feast (setup.py) -coverage[toml]==7.6.8 +coverage[toml]==7.6.9 # via pytest-cov -cryptography==42.0.8 +cryptography==43.0.3 # via # feast (setup.py) # azure-identity @@ -146,21 +148,21 @@ cryptography==42.0.8 # types-redis cython==3.0.11 # via thriftpy2 -dask[dataframe]==2024.11.2 +dask[dataframe]==2024.12.1 # via # feast (setup.py) # dask-expr -dask-expr==1.1.19 +dask-expr==1.1.21 # via dask db-dtypes==1.3.1 # via google-cloud-bigquery -debugpy==1.8.9 +debugpy==1.8.11 # via ipykernel decorator==5.1.1 # via ipython defusedxml==0.7.1 # via nbconvert -deltalake==0.22.0 +deltalake==0.22.3 # via feast (setup.py) deprecation==2.1.0 # via python-keycloak @@ -176,7 +178,7 @@ duckdb==1.1.3 # via ibis-framework elastic-transport==8.15.1 # via elasticsearch -elasticsearch==8.16.0 +elasticsearch==8.17.0 # via feast (setup.py) entrypoints==0.4 # via altair @@ -193,9 +195,9 @@ executing==2.1.0 # via stack-data faiss-cpu==1.9.0.post1 # via feast (setup.py) -fastapi==0.115.5 +fastapi==0.115.6 # via feast (setup.py) -fastjsonschema==2.20.0 +fastjsonschema==2.21.1 # via nbformat filelock==3.16.1 # via @@ -213,7 +215,7 @@ fsspec==2024.9.0 # dask geomet==0.2.1.post1 # via cassandra-driver -google-api-core[grpc]==2.23.0 +google-api-core[grpc]==2.24.0 # via # feast (setup.py) # google-cloud-bigquery @@ -222,7 +224,7 @@ google-api-core[grpc]==2.23.0 # google-cloud-core # google-cloud-datastore # google-cloud-storage -google-auth==2.36.0 +google-auth==2.37.0 # via # google-api-core # google-cloud-bigquery @@ -244,9 +246,9 @@ google-cloud-core==2.4.1 # google-cloud-bigtable # google-cloud-datastore # google-cloud-storage -google-cloud-datastore==2.20.1 +google-cloud-datastore==2.20.2 # via feast (setup.py) -google-cloud-storage==2.18.2 +google-cloud-storage==2.19.0 # via feast (setup.py) google-crc32c==1.6.0 # via @@ -266,7 +268,7 @@ great-expectations==0.18.22 # via feast (setup.py) grpc-google-iam-v1==0.13.1 # via google-cloud-bigtable -grpcio==1.68.0 +grpcio==1.68.1 # via # feast (setup.py) # google-api-core @@ -347,7 +349,7 @@ iniconfig==2.0.0 # via pytest ipykernel==6.29.5 # via jupyterlab -ipython==8.29.0 +ipython==8.30.0 # via # great-expectations # ipykernel @@ -375,7 +377,7 @@ jmespath==1.0.1 # via # boto3 # botocore -json5==0.9.28 +json5==0.10.0 # via jupyterlab-server jsonpatch==1.33 # via great-expectations @@ -407,7 +409,7 @@ jupyter-core==5.7.2 # nbclient # nbconvert # nbformat -jupyter-events==0.10.0 +jupyter-events==0.11.0 # via jupyter-server jupyter-lsp==2.2.5 # via jupyterlab @@ -420,7 +422,7 @@ jupyter-server==2.14.2 # notebook-shim jupyter-server-terminals==0.5.3 # via jupyter-server -jupyterlab==4.2.6 +jupyterlab==4.3.4 # via notebook jupyterlab-pygments==0.3.0 # via nbconvert @@ -445,7 +447,7 @@ markupsafe==3.0.2 # jinja2 # nbconvert # werkzeug -marshmallow==3.23.1 +marshmallow==3.23.2 # via # environs # great-expectations @@ -457,7 +459,7 @@ mdurl==0.1.2 # via markdown-it-py milvus-lite==2.4.10 # via pymilvus -minio==7.1.0 +minio==7.2.11 # via feast (setup.py) mistune==3.0.2 # via @@ -487,7 +489,7 @@ mypy-extensions==1.0.0 # via mypy mypy-protobuf==3.3.0 # via feast (setup.py) -nbclient==0.10.0 +nbclient==0.10.2 # via nbconvert nbconvert==7.16.4 # via jupyter-server @@ -501,7 +503,7 @@ nest-asyncio==1.6.0 # via ipykernel nodeenv==1.9.1 # via pre-commit -notebook==7.2.2 +notebook==7.3.1 # via great-expectations notebook-shim==0.2.4 # via @@ -590,13 +592,13 @@ portalocker==2.10.1 # qdrant-client pre-commit==3.3.1 # via feast (setup.py) -prometheus-client==0.21.0 +prometheus-client==0.21.1 # via # feast (setup.py) # jupyter-server prompt-toolkit==3.0.48 # via ipython -propcache==0.2.0 +propcache==0.2.1 # via # aiohttp # yarl @@ -667,13 +669,15 @@ pybindgen==0.22.1 # via feast (setup.py) pycparser==2.22 # via cffi -pydantic==2.10.2 +pycryptodome==3.21.0 + # via minio +pydantic==2.10.4 # via # feast (setup.py) # fastapi # great-expectations # qdrant-client -pydantic-core==2.27.1 +pydantic-core==2.27.2 # via pydantic pygments==2.18.0 # via @@ -682,7 +686,7 @@ pygments==2.18.0 # nbconvert # rich # sphinx -pyjwt[crypto]==2.10.0 +pyjwt[crypto]==2.10.1 # via # feast (setup.py) # msal @@ -696,7 +700,7 @@ pymysql==1.1.1 # via feast (setup.py) pyodbc==5.2.0 # via feast (setup.py) -pyopenssl==24.2.1 +pyopenssl==24.3.0 # via snowflake-connector-python pyparsing==3.2.0 # via great-expectations @@ -752,7 +756,7 @@ python-dotenv==1.0.1 # via # environs # uvicorn -python-json-logger==2.0.7 +python-json-logger==3.2.1 # via jupyter-events python-keycloak==4.2.2 # via feast (setup.py) @@ -828,7 +832,7 @@ rfc3986-validator==0.1.1 # jupyter-events rich==13.9.4 # via ibis-framework -rpds-py==0.21.0 +rpds-py==0.22.3 # via # jsonschema # referencing @@ -838,7 +842,7 @@ ruamel-yaml==0.17.40 # via great-expectations ruamel-yaml-clib==0.2.12 # via ruamel-yaml -ruff==0.8.0 +ruff==0.8.4 # via feast (setup.py) s3transfer==0.10.4 # via boto3 @@ -856,9 +860,8 @@ setuptools==75.6.0 # singlestoredb singlestoredb==1.7.2 # via feast (setup.py) -six==1.16.0 +six==1.17.0 # via - # asttokens # azure-core # geomet # happybase @@ -873,7 +876,7 @@ sniffio==1.3.1 # httpx snowballstemmer==2.2.0 # via sphinx -snowflake-connector-python[pandas]==3.12.3 +snowflake-connector-python[pandas]==3.12.4 # via feast (setup.py) sortedcontainers==2.4.0 # via snowflake-connector-python @@ -923,7 +926,7 @@ tinycss2==1.4.0 # via nbconvert toml==0.10.2 # via feast (setup.py) -tomli==2.1.0 +tomli==2.2.1 # via # build # coverage @@ -969,7 +972,7 @@ traitlets==5.14.3 # nbclient # nbconvert # nbformat -trino==0.330.0 +trino==0.331.0 # via feast (setup.py) typeguard==4.4.1 # via feast (setup.py) @@ -983,7 +986,7 @@ types-pymysql==1.1.0.20241103 # via feast (setup.py) types-pyopenssl==24.1.0.20240722 # via types-redis -types-python-dateutil==2.9.0.20241003 +types-python-dateutil==2.9.0.20241206 # via # feast (setup.py) # arrow @@ -999,7 +1002,7 @@ types-setuptools==75.6.0.20241126 # via # feast (setup.py) # types-cffi -types-tabulate==0.9.0.20240106 +types-tabulate==0.9.0.20241207 # via feast (setup.py) types-urllib3==1.26.25.14 # via types-requests @@ -1015,6 +1018,7 @@ typing-extensions==4.12.2 # ibis-framework # ipython # jwcrypto + # minio # multidict # mypy # psycopg @@ -1050,7 +1054,7 @@ urllib3==2.2.3 # requests # responses # testcontainers -uvicorn[standard]==0.32.1 +uvicorn[standard]==0.34.0 # via # feast (setup.py) # uvicorn-worker @@ -1062,7 +1066,7 @@ virtualenv==20.23.0 # via # feast (setup.py) # pre-commit -watchfiles==1.0.0 +watchfiles==1.0.3 # via uvicorn wcwidth==0.2.13 # via prompt-toolkit @@ -1092,7 +1096,7 @@ wrapt==1.17.0 # testcontainers xmltodict==0.14.2 # via moto -yarl==1.18.0 +yarl==1.18.3 # via aiohttp zipp==3.21.0 # via importlib-metadata diff --git a/sdk/python/requirements/py3.10-requirements.txt b/sdk/python/requirements/py3.10-requirements.txt index 63a887e1aa..87b9cf04c9 100644 --- a/sdk/python/requirements/py3.10-requirements.txt +++ b/sdk/python/requirements/py3.10-requirements.txt @@ -2,17 +2,17 @@ # uv pip compile -p 3.10 --system --no-strip-extras setup.py --output-file sdk/python/requirements/py3.10-requirements.txt annotated-types==0.7.0 # via pydantic -anyio==4.6.2.post1 +anyio==4.7.0 # via # starlette # watchfiles -attrs==24.2.0 +attrs==24.3.0 # via # jsonschema # referencing bigtree==0.22.3 # via feast (setup.py) -certifi==2024.8.30 +certifi==2024.12.14 # via requests charset-normalizer==3.4.0 # via requests @@ -25,19 +25,19 @@ cloudpickle==3.1.0 # via dask colorama==0.4.6 # via feast (setup.py) -dask[dataframe]==2024.11.2 +dask[dataframe]==2024.12.1 # via # feast (setup.py) # dask-expr -dask-expr==1.1.19 +dask-expr==1.1.21 # via dask dill==0.3.9 # via feast (setup.py) exceptiongroup==1.2.2 # via anyio -fastapi==0.115.5 +fastapi==0.115.6 # via feast (setup.py) -fsspec==2024.10.0 +fsspec==2024.12.0 # via dask gunicorn==23.0.0 # via @@ -85,25 +85,25 @@ pandas==2.2.3 # dask-expr partd==1.4.2 # via dask -prometheus-client==0.21.0 +prometheus-client==0.21.1 # via feast (setup.py) protobuf==4.25.5 # via feast (setup.py) -psutil==6.1.0 +psutil==6.1.1 # via feast (setup.py) pyarrow==18.0.0 # via # feast (setup.py) # dask-expr -pydantic==2.10.2 +pydantic==2.10.4 # via # feast (setup.py) # fastapi -pydantic-core==2.27.1 +pydantic-core==2.27.2 # via pydantic pygments==2.18.0 # via feast (setup.py) -pyjwt==2.10.0 +pyjwt==2.10.1 # via feast (setup.py) python-dateutil==2.9.0.post0 # via pandas @@ -122,11 +122,11 @@ referencing==0.35.1 # jsonschema-specifications requests==2.32.3 # via feast (setup.py) -rpds-py==0.21.0 +rpds-py==0.22.3 # via # jsonschema # referencing -six==1.16.0 +six==1.17.0 # via python-dateutil sniffio==1.3.1 # via anyio @@ -140,7 +140,7 @@ tenacity==8.5.0 # via feast (setup.py) toml==0.10.2 # via feast (setup.py) -tomli==2.1.0 +tomli==2.2.1 # via mypy toolz==1.0.0 # via @@ -164,7 +164,7 @@ tzdata==2024.2 # via pandas urllib3==2.2.3 # via requests -uvicorn[standard]==0.32.1 +uvicorn[standard]==0.34.0 # via # feast (setup.py) # uvicorn-worker @@ -172,7 +172,7 @@ uvicorn-worker==0.2.0 # via feast (setup.py) uvloop==0.21.0 # via uvicorn -watchfiles==1.0.0 +watchfiles==1.0.3 # via uvicorn websockets==14.1 # via uvicorn diff --git a/sdk/python/requirements/py3.11-ci-requirements.txt b/sdk/python/requirements/py3.11-ci-requirements.txt index a9dceac08c..88e9a13425 100644 --- a/sdk/python/requirements/py3.11-ci-requirements.txt +++ b/sdk/python/requirements/py3.11-ci-requirements.txt @@ -1,14 +1,14 @@ # This file was autogenerated by uv via the following command: # uv pip compile -p 3.11 --system --no-strip-extras setup.py --extra ci --output-file sdk/python/requirements/py3.11-ci-requirements.txt -aiobotocore==2.15.2 +aiobotocore==2.16.0 # via feast (setup.py) -aiohappyeyeballs==2.4.3 +aiohappyeyeballs==2.4.4 # via aiohttp -aiohttp==3.11.7 +aiohttp==3.11.11 # via aiobotocore aioitertools==0.12.0 # via aiobotocore -aiosignal==1.3.1 +aiosignal==1.3.2 # via aiohttp alabaster==0.7.16 # via sphinx @@ -16,7 +16,7 @@ altair==4.2.2 # via great-expectations annotated-types==0.7.0 # via pydantic -anyio==4.6.2.post1 +anyio==4.7.0 # via # httpx # jupyter-server @@ -25,7 +25,9 @@ anyio==4.6.2.post1 appnope==0.1.4 # via ipykernel argon2-cffi==23.1.0 - # via jupyter-server + # via + # jupyter-server + # minio argon2-cffi-bindings==21.2.0 # via argon2-cffi arrow==1.3.0 @@ -34,7 +36,7 @@ asn1crypto==1.5.1 # via snowflake-connector-python assertpy==1.1 # via feast (setup.py) -asttokens==2.4.1 +asttokens==3.0.0 # via stack-data async-lru==2.0.4 # via jupyterlab @@ -44,7 +46,7 @@ async-timeout==5.0.1 # via redis atpublic==5.0 # via ibis-framework -attrs==24.2.0 +attrs==24.3.0 # via # aiohttp # jsonschema @@ -67,11 +69,11 @@ bigtree==0.22.3 # via feast (setup.py) bleach==6.2.0 # via nbconvert -boto3==1.35.36 +boto3==1.35.81 # via # feast (setup.py) # moto -botocore==1.35.36 +botocore==1.35.81 # via # aiobotocore # boto3 @@ -86,7 +88,7 @@ cachetools==5.5.0 # via google-auth cassandra-driver==3.29.2 # via feast (setup.py) -certifi==2024.8.30 +certifi==2024.12.14 # via # elastic-transport # httpcore @@ -126,9 +128,9 @@ comm==0.2.2 # ipywidgets couchbase==4.3.2 # via feast (setup.py) -coverage[toml]==7.6.8 +coverage[toml]==7.6.9 # via pytest-cov -cryptography==42.0.8 +cryptography==43.0.3 # via # feast (setup.py) # azure-identity @@ -144,21 +146,21 @@ cryptography==42.0.8 # types-redis cython==3.0.11 # via thriftpy2 -dask[dataframe]==2024.11.2 +dask[dataframe]==2024.12.1 # via # feast (setup.py) # dask-expr -dask-expr==1.1.19 +dask-expr==1.1.21 # via dask db-dtypes==1.3.1 # via google-cloud-bigquery -debugpy==1.8.9 +debugpy==1.8.11 # via ipykernel decorator==5.1.1 # via ipython defusedxml==0.7.1 # via nbconvert -deltalake==0.22.0 +deltalake==0.22.3 # via feast (setup.py) deprecation==2.1.0 # via python-keycloak @@ -174,7 +176,7 @@ duckdb==1.1.3 # via ibis-framework elastic-transport==8.15.1 # via elasticsearch -elasticsearch==8.16.0 +elasticsearch==8.17.0 # via feast (setup.py) entrypoints==0.4 # via altair @@ -186,9 +188,9 @@ executing==2.1.0 # via stack-data faiss-cpu==1.9.0.post1 # via feast (setup.py) -fastapi==0.115.5 +fastapi==0.115.6 # via feast (setup.py) -fastjsonschema==2.20.0 +fastjsonschema==2.21.1 # via nbformat filelock==3.16.1 # via @@ -206,7 +208,7 @@ fsspec==2024.9.0 # dask geomet==0.2.1.post1 # via cassandra-driver -google-api-core[grpc]==2.23.0 +google-api-core[grpc]==2.24.0 # via # feast (setup.py) # google-cloud-bigquery @@ -215,7 +217,7 @@ google-api-core[grpc]==2.23.0 # google-cloud-core # google-cloud-datastore # google-cloud-storage -google-auth==2.36.0 +google-auth==2.37.0 # via # google-api-core # google-cloud-bigquery @@ -237,9 +239,9 @@ google-cloud-core==2.4.1 # google-cloud-bigtable # google-cloud-datastore # google-cloud-storage -google-cloud-datastore==2.20.1 +google-cloud-datastore==2.20.2 # via feast (setup.py) -google-cloud-storage==2.18.2 +google-cloud-storage==2.19.0 # via feast (setup.py) google-crc32c==1.6.0 # via @@ -259,7 +261,7 @@ great-expectations==0.18.22 # via feast (setup.py) grpc-google-iam-v1==0.13.1 # via google-cloud-bigtable -grpcio==1.68.0 +grpcio==1.68.1 # via # feast (setup.py) # google-api-core @@ -338,7 +340,7 @@ iniconfig==2.0.0 # via pytest ipykernel==6.29.5 # via jupyterlab -ipython==8.29.0 +ipython==8.30.0 # via # great-expectations # ipykernel @@ -366,7 +368,7 @@ jmespath==1.0.1 # via # boto3 # botocore -json5==0.9.28 +json5==0.10.0 # via jupyterlab-server jsonpatch==1.33 # via great-expectations @@ -398,7 +400,7 @@ jupyter-core==5.7.2 # nbclient # nbconvert # nbformat -jupyter-events==0.10.0 +jupyter-events==0.11.0 # via jupyter-server jupyter-lsp==2.2.5 # via jupyterlab @@ -411,7 +413,7 @@ jupyter-server==2.14.2 # notebook-shim jupyter-server-terminals==0.5.3 # via jupyter-server -jupyterlab==4.2.6 +jupyterlab==4.3.4 # via notebook jupyterlab-pygments==0.3.0 # via nbconvert @@ -436,7 +438,7 @@ markupsafe==3.0.2 # jinja2 # nbconvert # werkzeug -marshmallow==3.23.1 +marshmallow==3.23.2 # via # environs # great-expectations @@ -448,7 +450,7 @@ mdurl==0.1.2 # via markdown-it-py milvus-lite==2.4.10 # via pymilvus -minio==7.1.0 +minio==7.2.11 # via feast (setup.py) mistune==3.0.2 # via @@ -478,7 +480,7 @@ mypy-extensions==1.0.0 # via mypy mypy-protobuf==3.3.0 # via feast (setup.py) -nbclient==0.10.0 +nbclient==0.10.2 # via nbconvert nbconvert==7.16.4 # via jupyter-server @@ -492,7 +494,7 @@ nest-asyncio==1.6.0 # via ipykernel nodeenv==1.9.1 # via pre-commit -notebook==7.2.2 +notebook==7.3.1 # via great-expectations notebook-shim==0.2.4 # via @@ -581,13 +583,13 @@ portalocker==2.10.1 # qdrant-client pre-commit==3.3.1 # via feast (setup.py) -prometheus-client==0.21.0 +prometheus-client==0.21.1 # via # feast (setup.py) # jupyter-server prompt-toolkit==3.0.48 # via ipython -propcache==0.2.0 +propcache==0.2.1 # via # aiohttp # yarl @@ -658,13 +660,15 @@ pybindgen==0.22.1 # via feast (setup.py) pycparser==2.22 # via cffi -pydantic==2.10.2 +pycryptodome==3.21.0 + # via minio +pydantic==2.10.4 # via # feast (setup.py) # fastapi # great-expectations # qdrant-client -pydantic-core==2.27.1 +pydantic-core==2.27.2 # via pydantic pygments==2.18.0 # via @@ -673,7 +677,7 @@ pygments==2.18.0 # nbconvert # rich # sphinx -pyjwt[crypto]==2.10.0 +pyjwt[crypto]==2.10.1 # via # feast (setup.py) # msal @@ -687,7 +691,7 @@ pymysql==1.1.1 # via feast (setup.py) pyodbc==5.2.0 # via feast (setup.py) -pyopenssl==24.2.1 +pyopenssl==24.3.0 # via snowflake-connector-python pyparsing==3.2.0 # via great-expectations @@ -743,7 +747,7 @@ python-dotenv==1.0.1 # via # environs # uvicorn -python-json-logger==2.0.7 +python-json-logger==3.2.1 # via jupyter-events python-keycloak==4.2.2 # via feast (setup.py) @@ -819,7 +823,7 @@ rfc3986-validator==0.1.1 # jupyter-events rich==13.9.4 # via ibis-framework -rpds-py==0.21.0 +rpds-py==0.22.3 # via # jsonschema # referencing @@ -829,7 +833,7 @@ ruamel-yaml==0.17.40 # via great-expectations ruamel-yaml-clib==0.2.12 # via ruamel-yaml -ruff==0.8.0 +ruff==0.8.4 # via feast (setup.py) s3transfer==0.10.4 # via boto3 @@ -847,9 +851,8 @@ setuptools==75.6.0 # singlestoredb singlestoredb==1.7.2 # via feast (setup.py) -six==1.16.0 +six==1.17.0 # via - # asttokens # azure-core # geomet # happybase @@ -864,7 +867,7 @@ sniffio==1.3.1 # httpx snowballstemmer==2.2.0 # via sphinx -snowflake-connector-python[pandas]==3.12.3 +snowflake-connector-python[pandas]==3.12.4 # via feast (setup.py) sortedcontainers==2.4.0 # via snowflake-connector-python @@ -950,7 +953,7 @@ traitlets==5.14.3 # nbclient # nbconvert # nbformat -trino==0.330.0 +trino==0.331.0 # via feast (setup.py) typeguard==4.4.1 # via feast (setup.py) @@ -964,7 +967,7 @@ types-pymysql==1.1.0.20241103 # via feast (setup.py) types-pyopenssl==24.1.0.20240722 # via types-redis -types-python-dateutil==2.9.0.20241003 +types-python-dateutil==2.9.0.20241206 # via # feast (setup.py) # arrow @@ -980,12 +983,13 @@ types-setuptools==75.6.0.20241126 # via # feast (setup.py) # types-cffi -types-tabulate==0.9.0.20240106 +types-tabulate==0.9.0.20241207 # via feast (setup.py) types-urllib3==1.26.25.14 # via types-requests typing-extensions==4.12.2 # via + # anyio # azure-core # azure-identity # azure-storage-blob @@ -994,6 +998,7 @@ typing-extensions==4.12.2 # ibis-framework # ipython # jwcrypto + # minio # mypy # psycopg # psycopg-pool @@ -1026,7 +1031,7 @@ urllib3==2.2.3 # requests # responses # testcontainers -uvicorn[standard]==0.32.1 +uvicorn[standard]==0.34.0 # via # feast (setup.py) # uvicorn-worker @@ -1038,7 +1043,7 @@ virtualenv==20.23.0 # via # feast (setup.py) # pre-commit -watchfiles==1.0.0 +watchfiles==1.0.3 # via uvicorn wcwidth==0.2.13 # via prompt-toolkit @@ -1068,7 +1073,7 @@ wrapt==1.17.0 # testcontainers xmltodict==0.14.2 # via moto -yarl==1.18.0 +yarl==1.18.3 # via aiohttp zipp==3.21.0 # via importlib-metadata diff --git a/sdk/python/requirements/py3.11-requirements.txt b/sdk/python/requirements/py3.11-requirements.txt index 42f89ecb6a..c536ef91ae 100644 --- a/sdk/python/requirements/py3.11-requirements.txt +++ b/sdk/python/requirements/py3.11-requirements.txt @@ -2,17 +2,17 @@ # uv pip compile -p 3.11 --system --no-strip-extras setup.py --output-file sdk/python/requirements/py3.11-requirements.txt annotated-types==0.7.0 # via pydantic -anyio==4.6.2.post1 +anyio==4.7.0 # via # starlette # watchfiles -attrs==24.2.0 +attrs==24.3.0 # via # jsonschema # referencing bigtree==0.22.3 # via feast (setup.py) -certifi==2024.8.30 +certifi==2024.12.14 # via requests charset-normalizer==3.4.0 # via requests @@ -25,17 +25,17 @@ cloudpickle==3.1.0 # via dask colorama==0.4.6 # via feast (setup.py) -dask[dataframe]==2024.11.2 +dask[dataframe]==2024.12.1 # via # feast (setup.py) # dask-expr -dask-expr==1.1.19 +dask-expr==1.1.21 # via dask dill==0.3.9 # via feast (setup.py) -fastapi==0.115.5 +fastapi==0.115.6 # via feast (setup.py) -fsspec==2024.10.0 +fsspec==2024.12.0 # via dask gunicorn==23.0.0 # via @@ -83,25 +83,25 @@ pandas==2.2.3 # dask-expr partd==1.4.2 # via dask -prometheus-client==0.21.0 +prometheus-client==0.21.1 # via feast (setup.py) protobuf==4.25.5 # via feast (setup.py) -psutil==6.1.0 +psutil==6.1.1 # via feast (setup.py) pyarrow==18.0.0 # via # feast (setup.py) # dask-expr -pydantic==2.10.2 +pydantic==2.10.4 # via # feast (setup.py) # fastapi -pydantic-core==2.27.1 +pydantic-core==2.27.2 # via pydantic pygments==2.18.0 # via feast (setup.py) -pyjwt==2.10.0 +pyjwt==2.10.1 # via feast (setup.py) python-dateutil==2.9.0.post0 # via pandas @@ -120,11 +120,11 @@ referencing==0.35.1 # jsonschema-specifications requests==2.32.3 # via feast (setup.py) -rpds-py==0.21.0 +rpds-py==0.22.3 # via # jsonschema # referencing -six==1.16.0 +six==1.17.0 # via python-dateutil sniffio==1.3.1 # via anyio @@ -148,6 +148,7 @@ typeguard==4.4.1 # via feast (setup.py) typing-extensions==4.12.2 # via + # anyio # fastapi # mypy # pydantic @@ -158,7 +159,7 @@ tzdata==2024.2 # via pandas urllib3==2.2.3 # via requests -uvicorn[standard]==0.32.1 +uvicorn[standard]==0.34.0 # via # feast (setup.py) # uvicorn-worker @@ -166,7 +167,7 @@ uvicorn-worker==0.2.0 # via feast (setup.py) uvloop==0.21.0 # via uvicorn -watchfiles==1.0.0 +watchfiles==1.0.3 # via uvicorn websockets==14.1 # via uvicorn diff --git a/sdk/python/requirements/py3.9-ci-requirements.txt b/sdk/python/requirements/py3.9-ci-requirements.txt index 556e709c20..0d8d257052 100644 --- a/sdk/python/requirements/py3.9-ci-requirements.txt +++ b/sdk/python/requirements/py3.9-ci-requirements.txt @@ -1,14 +1,14 @@ # This file was autogenerated by uv via the following command: # uv pip compile -p 3.9 --system --no-strip-extras setup.py --extra ci --output-file sdk/python/requirements/py3.9-ci-requirements.txt -aiobotocore==2.15.2 +aiobotocore==2.16.0 # via feast (setup.py) -aiohappyeyeballs==2.4.3 +aiohappyeyeballs==2.4.4 # via aiohttp -aiohttp==3.11.7 +aiohttp==3.11.11 # via aiobotocore aioitertools==0.12.0 # via aiobotocore -aiosignal==1.3.1 +aiosignal==1.3.2 # via aiohttp alabaster==0.7.16 # via sphinx @@ -16,7 +16,7 @@ altair==4.2.2 # via great-expectations annotated-types==0.7.0 # via pydantic -anyio==4.6.2.post1 +anyio==4.7.0 # via # httpx # jupyter-server @@ -25,7 +25,9 @@ anyio==4.6.2.post1 appnope==0.1.4 # via ipykernel argon2-cffi==23.1.0 - # via jupyter-server + # via + # jupyter-server + # minio argon2-cffi-bindings==21.2.0 # via argon2-cffi arrow==1.3.0 @@ -34,7 +36,7 @@ asn1crypto==1.5.1 # via snowflake-connector-python assertpy==1.1 # via feast (setup.py) -asttokens==2.4.1 +asttokens==3.0.0 # via stack-data async-lru==2.0.4 # via jupyterlab @@ -46,7 +48,7 @@ async-timeout==5.0.1 # redis atpublic==4.1.0 # via ibis-framework -attrs==24.2.0 +attrs==24.3.0 # via # aiohttp # jsonschema @@ -71,11 +73,11 @@ bigtree==0.22.3 # via feast (setup.py) bleach==6.2.0 # via nbconvert -boto3==1.35.36 +boto3==1.35.81 # via # feast (setup.py) # moto -botocore==1.35.36 +botocore==1.35.81 # via # aiobotocore # boto3 @@ -90,7 +92,7 @@ cachetools==5.5.0 # via google-auth cassandra-driver==3.29.2 # via feast (setup.py) -certifi==2024.8.30 +certifi==2024.12.14 # via # elastic-transport # httpcore @@ -130,9 +132,9 @@ comm==0.2.2 # ipywidgets couchbase==4.3.2 # via feast (setup.py) -coverage[toml]==7.6.8 +coverage[toml]==7.6.9 # via pytest-cov -cryptography==42.0.8 +cryptography==43.0.3 # via # feast (setup.py) # azure-identity @@ -156,13 +158,13 @@ dask-expr==1.1.10 # via dask db-dtypes==1.3.1 # via google-cloud-bigquery -debugpy==1.8.9 +debugpy==1.8.11 # via ipykernel decorator==5.1.1 # via ipython defusedxml==0.7.1 # via nbconvert -deltalake==0.22.0 +deltalake==0.22.3 # via feast (setup.py) deprecation==2.1.0 # via python-keycloak @@ -178,7 +180,7 @@ duckdb==0.10.3 # via ibis-framework elastic-transport==8.15.1 # via elasticsearch -elasticsearch==8.16.0 +elasticsearch==8.17.0 # via feast (setup.py) entrypoints==0.4 # via altair @@ -195,9 +197,9 @@ executing==2.1.0 # via stack-data faiss-cpu==1.9.0.post1 # via feast (setup.py) -fastapi==0.115.5 +fastapi==0.115.6 # via feast (setup.py) -fastjsonschema==2.20.0 +fastjsonschema==2.21.1 # via nbformat filelock==3.16.1 # via @@ -215,7 +217,7 @@ fsspec==2024.9.0 # dask geomet==0.2.1.post1 # via cassandra-driver -google-api-core[grpc]==2.23.0 +google-api-core[grpc]==2.24.0 # via # feast (setup.py) # google-cloud-bigquery @@ -224,7 +226,7 @@ google-api-core[grpc]==2.23.0 # google-cloud-core # google-cloud-datastore # google-cloud-storage -google-auth==2.36.0 +google-auth==2.37.0 # via # google-api-core # google-cloud-bigquery @@ -246,9 +248,9 @@ google-cloud-core==2.4.1 # google-cloud-bigtable # google-cloud-datastore # google-cloud-storage -google-cloud-datastore==2.20.1 +google-cloud-datastore==2.20.2 # via feast (setup.py) -google-cloud-storage==2.18.2 +google-cloud-storage==2.19.0 # via feast (setup.py) google-crc32c==1.6.0 # via @@ -268,7 +270,7 @@ great-expectations==0.18.22 # via feast (setup.py) grpc-google-iam-v1==0.13.1 # via google-cloud-bigtable -grpcio==1.68.0 +grpcio==1.68.1 # via # feast (setup.py) # google-api-core @@ -384,7 +386,7 @@ jmespath==1.0.1 # via # boto3 # botocore -json5==0.9.28 +json5==0.10.0 # via jupyterlab-server jsonpatch==1.33 # via great-expectations @@ -416,7 +418,7 @@ jupyter-core==5.7.2 # nbclient # nbconvert # nbformat -jupyter-events==0.10.0 +jupyter-events==0.11.0 # via jupyter-server jupyter-lsp==2.2.5 # via jupyterlab @@ -429,7 +431,7 @@ jupyter-server==2.14.2 # notebook-shim jupyter-server-terminals==0.5.3 # via jupyter-server -jupyterlab==4.2.6 +jupyterlab==4.3.4 # via notebook jupyterlab-pygments==0.3.0 # via nbconvert @@ -454,7 +456,7 @@ markupsafe==3.0.2 # jinja2 # nbconvert # werkzeug -marshmallow==3.23.1 +marshmallow==3.23.2 # via # environs # great-expectations @@ -466,7 +468,7 @@ mdurl==0.1.2 # via markdown-it-py milvus-lite==2.4.10 # via pymilvus -minio==7.1.0 +minio==7.2.11 # via feast (setup.py) mistune==3.0.2 # via @@ -496,7 +498,7 @@ mypy-extensions==1.0.0 # via mypy mypy-protobuf==3.3.0 # via feast (setup.py) -nbclient==0.10.0 +nbclient==0.10.2 # via nbconvert nbconvert==7.16.4 # via jupyter-server @@ -510,7 +512,7 @@ nest-asyncio==1.6.0 # via ipykernel nodeenv==1.9.1 # via pre-commit -notebook==7.2.2 +notebook==7.3.1 # via great-expectations notebook-shim==0.2.4 # via @@ -598,13 +600,13 @@ portalocker==2.10.1 # qdrant-client pre-commit==3.3.1 # via feast (setup.py) -prometheus-client==0.21.0 +prometheus-client==0.21.1 # via # feast (setup.py) # jupyter-server prompt-toolkit==3.0.48 # via ipython -propcache==0.2.0 +propcache==0.2.1 # via # aiohttp # yarl @@ -675,13 +677,15 @@ pybindgen==0.22.1 # via feast (setup.py) pycparser==2.22 # via cffi -pydantic==2.10.2 +pycryptodome==3.21.0 + # via minio +pydantic==2.10.4 # via # feast (setup.py) # fastapi # great-expectations # qdrant-client -pydantic-core==2.27.1 +pydantic-core==2.27.2 # via pydantic pygments==2.18.0 # via @@ -690,7 +694,7 @@ pygments==2.18.0 # nbconvert # rich # sphinx -pyjwt[crypto]==2.10.0 +pyjwt[crypto]==2.10.1 # via # feast (setup.py) # msal @@ -704,7 +708,7 @@ pymysql==1.1.1 # via feast (setup.py) pyodbc==5.2.0 # via feast (setup.py) -pyopenssl==24.2.1 +pyopenssl==24.3.0 # via snowflake-connector-python pyparsing==3.2.0 # via great-expectations @@ -760,7 +764,7 @@ python-dotenv==1.0.1 # via # environs # uvicorn -python-json-logger==2.0.7 +python-json-logger==3.2.1 # via jupyter-events python-keycloak==4.2.2 # via feast (setup.py) @@ -836,7 +840,7 @@ rfc3986-validator==0.1.1 # jupyter-events rich==13.9.4 # via ibis-framework -rpds-py==0.21.0 +rpds-py==0.22.3 # via # jsonschema # referencing @@ -846,7 +850,7 @@ ruamel-yaml==0.17.40 # via great-expectations ruamel-yaml-clib==0.2.12 # via ruamel-yaml -ruff==0.8.0 +ruff==0.8.4 # via feast (setup.py) s3transfer==0.10.4 # via boto3 @@ -864,9 +868,8 @@ setuptools==75.6.0 # singlestoredb singlestoredb==1.7.2 # via feast (setup.py) -six==1.16.0 +six==1.17.0 # via - # asttokens # azure-core # geomet # happybase @@ -881,7 +884,7 @@ sniffio==1.3.1 # httpx snowballstemmer==2.2.0 # via sphinx -snowflake-connector-python[pandas]==3.12.3 +snowflake-connector-python[pandas]==3.12.4 # via feast (setup.py) sortedcontainers==2.4.0 # via snowflake-connector-python @@ -931,7 +934,7 @@ tinycss2==1.4.0 # via nbconvert toml==0.10.2 # via feast (setup.py) -tomli==2.1.0 +tomli==2.2.1 # via # build # coverage @@ -977,7 +980,7 @@ traitlets==5.14.3 # nbclient # nbconvert # nbformat -trino==0.330.0 +trino==0.331.0 # via feast (setup.py) typeguard==4.4.1 # via feast (setup.py) @@ -991,7 +994,7 @@ types-pymysql==1.1.0.20241103 # via feast (setup.py) types-pyopenssl==24.1.0.20240722 # via types-redis -types-python-dateutil==2.9.0.20241003 +types-python-dateutil==2.9.0.20241206 # via # feast (setup.py) # arrow @@ -1007,7 +1010,7 @@ types-setuptools==75.6.0.20241126 # via # feast (setup.py) # types-cffi -types-tabulate==0.9.0.20240106 +types-tabulate==0.9.0.20241207 # via feast (setup.py) types-urllib3==1.26.25.14 # via types-requests @@ -1024,12 +1027,14 @@ typing-extensions==4.12.2 # ibis-framework # ipython # jwcrypto + # minio # multidict # mypy # psycopg # psycopg-pool # pydantic # pydantic-core + # python-json-logger # rich # snowflake-connector-python # sqlalchemy @@ -1061,7 +1066,7 @@ urllib3==1.26.20 # responses # snowflake-connector-python # testcontainers -uvicorn[standard]==0.32.1 +uvicorn[standard]==0.34.0 # via # feast (setup.py) # uvicorn-worker @@ -1073,7 +1078,7 @@ virtualenv==20.23.0 # via # feast (setup.py) # pre-commit -watchfiles==1.0.0 +watchfiles==1.0.3 # via uvicorn wcwidth==0.2.13 # via prompt-toolkit @@ -1103,7 +1108,7 @@ wrapt==1.17.0 # testcontainers xmltodict==0.14.2 # via moto -yarl==1.18.0 +yarl==1.18.3 # via aiohttp zipp==3.21.0 # via importlib-metadata diff --git a/sdk/python/requirements/py3.9-requirements.txt b/sdk/python/requirements/py3.9-requirements.txt index db7113dc2c..80f1e499e1 100644 --- a/sdk/python/requirements/py3.9-requirements.txt +++ b/sdk/python/requirements/py3.9-requirements.txt @@ -2,17 +2,17 @@ # uv pip compile -p 3.9 --system --no-strip-extras setup.py --output-file sdk/python/requirements/py3.9-requirements.txt annotated-types==0.7.0 # via pydantic -anyio==4.6.2.post1 +anyio==4.7.0 # via # starlette # watchfiles -attrs==24.2.0 +attrs==24.3.0 # via # jsonschema # referencing bigtree==0.22.3 # via feast (setup.py) -certifi==2024.8.30 +certifi==2024.12.14 # via requests charset-normalizer==3.4.0 # via requests @@ -35,9 +35,9 @@ dill==0.3.9 # via feast (setup.py) exceptiongroup==1.2.2 # via anyio -fastapi==0.115.5 +fastapi==0.115.6 # via feast (setup.py) -fsspec==2024.10.0 +fsspec==2024.12.0 # via dask gunicorn==23.0.0 # via @@ -87,25 +87,25 @@ pandas==2.2.3 # dask-expr partd==1.4.2 # via dask -prometheus-client==0.21.0 +prometheus-client==0.21.1 # via feast (setup.py) protobuf==4.25.5 # via feast (setup.py) -psutil==6.1.0 +psutil==6.1.1 # via feast (setup.py) pyarrow==18.0.0 # via # feast (setup.py) # dask-expr -pydantic==2.10.2 +pydantic==2.10.4 # via # feast (setup.py) # fastapi -pydantic-core==2.27.1 +pydantic-core==2.27.2 # via pydantic pygments==2.18.0 # via feast (setup.py) -pyjwt==2.10.0 +pyjwt==2.10.1 # via feast (setup.py) python-dateutil==2.9.0.post0 # via pandas @@ -124,11 +124,11 @@ referencing==0.35.1 # jsonschema-specifications requests==2.32.3 # via feast (setup.py) -rpds-py==0.21.0 +rpds-py==0.22.3 # via # jsonschema # referencing -six==1.16.0 +six==1.17.0 # via python-dateutil sniffio==1.3.1 # via anyio @@ -142,7 +142,7 @@ tenacity==8.5.0 # via feast (setup.py) toml==0.10.2 # via feast (setup.py) -tomli==2.1.0 +tomli==2.2.1 # via mypy toolz==1.0.0 # via @@ -167,7 +167,7 @@ tzdata==2024.2 # via pandas urllib3==2.2.3 # via requests -uvicorn[standard]==0.32.1 +uvicorn[standard]==0.34.0 # via # feast (setup.py) # uvicorn-worker @@ -175,7 +175,7 @@ uvicorn-worker==0.2.0 # via feast (setup.py) uvloop==0.21.0 # via uvicorn -watchfiles==1.0.0 +watchfiles==1.0.3 # via uvicorn websockets==14.1 # via uvicorn diff --git a/setup.py b/setup.py index 7593be4c37..59b881c971 100644 --- a/setup.py +++ b/setup.py @@ -162,14 +162,14 @@ [ "build", "virtualenv==20.23.0", - "cryptography>=35.0,<43", + "cryptography>=43.0,<44", "ruff>=0.8.0", "mypy-protobuf>=3.1", "grpcio-tools>=1.56.2,<2", "grpcio-testing>=1.56.2,<2", # FastAPI does not correctly pull starlette dependency on httpx see thread(https://github.com/tiangolo/fastapi/issues/5656). - "httpx>=0.23.3", - "minio==7.1.0", + "httpx==0.27.2", + "minio==7.2.11", "mock==2.0.0", "moto<5", "mypy>=1.4.1,<1.11.3", From 85d41ac06aa8c3a6ce21e6f99f36f96ebe70941a Mon Sep 17 00:00:00 2001 From: lokeshrangineni <19699092+lokeshrangineni@users.noreply.github.com> Date: Fri, 20 Dec 2024 00:11:59 -0500 Subject: [PATCH 06/11] Feature/lrangine master (#7) * feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Updated python-helm-demo example to use MinIO instead of GS (#4691) * Updated python-helm-demo example to use MinIO instead of GS Signed-off-by: Daniele Martinoli * Update examples/python-helm-demo/README.md Co-authored-by: Francisco Arceo Signed-off-by: Daniele Martinoli * Adding explicit wait to container to validate CI failures Signed-off-by: Daniele Martinoli * restored original conftest Signed-off-by: Daniele Martinoli --------- Signed-off-by: Daniele Martinoli Co-authored-by: Francisco Arceo Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Fixing some of the warnings with the github actions (#4763) Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo Co-authored-by: snyk-bot Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo Co-authored-by: snyk-bot Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the lettuce-core to fix the snyk vulnerability. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo Co-authored-by: Francisco Arceo Co-authored-by: snyk-bot Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- java/serving/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/serving/pom.xml b/java/serving/pom.xml index 89de7416a2..ad6a1121fa 100644 --- a/java/serving/pom.xml +++ b/java/serving/pom.xml @@ -383,7 +383,7 @@ io.lettuce lettuce-core - 6.0.2.RELEASE + 6.5.1.RELEASE org.apache.commons From 45c777f5bdade244d5536a7ecfa3785381dcb377 Mon Sep 17 00:00:00 2001 From: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Date: Fri, 20 Dec 2024 00:44:15 -0500 Subject: [PATCH 07/11] updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- java/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/pom.xml b/java/pom.xml index 0e8811e579..5e749c367e 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -69,7 +69,7 @@ 1.6.6 32.0.0-jre 3.4.34 - 4.1.101.Final + 5.0.0.Final Date: Fri, 20 Dec 2024 00:47:45 -0500 Subject: [PATCH 08/11] updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- java/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/pom.xml b/java/pom.xml index 5e749c367e..82c0a00ba2 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -69,7 +69,7 @@ 1.6.6 32.0.0-jre 3.4.34 - 5.0.0.Final + 4.1.96.Final Date: Fri, 20 Dec 2024 10:19:49 -0500 Subject: [PATCH 09/11] Updating aws java sdk libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- java/serving/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/serving/pom.xml b/java/serving/pom.xml index ad6a1121fa..1be4da1b62 100644 --- a/java/serving/pom.xml +++ b/java/serving/pom.xml @@ -258,13 +258,13 @@ com.amazonaws aws-java-sdk-s3 - 1.12.261 + 1.12.546 com.amazonaws aws-java-sdk-sts - 1.12.476 + 1.12.546 From cde8bcb788ba24f3f142d04185d0500e1ed26353 Mon Sep 17 00:00:00 2001 From: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Date: Fri, 20 Dec 2024 11:34:28 -0500 Subject: [PATCH 10/11] Adding verbose logs to debug the sudden failure of tests without any error messages. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index d7374d347c..604347f7e8 100644 --- a/Makefile +++ b/Makefile @@ -96,14 +96,14 @@ test-python-unit: python -m pytest -n 8 --color=yes sdk/python/tests test-python-integration: - python -m pytest -n 8 --integration --color=yes --durations=10 --timeout=1200 --timeout_method=thread --dist loadgroup \ +A python -m pytest --tb=short -v -n 8 --integration --color=yes --durations=10 --timeout=1200 --timeout_method=thread --dist loadgroup \ -k "(not snowflake or not test_historical_features_main)" \ sdk/python/tests test-python-integration-local: FEAST_IS_LOCAL_TEST=True \ FEAST_LOCAL_ONLINE_CONTAINER=True \ - python -m pytest -n 8 --color=yes --integration --durations=10 --timeout=1200 --timeout_method=thread --dist loadgroup \ + python -m pytest --tb=short -v -n 8 --color=yes --integration --durations=10 --timeout=1200 --timeout_method=thread --dist loadgroup \ -k "not test_lambda_materialization and not test_snowflake_materialization" \ sdk/python/tests From e6be70dbec4546cdb36320e4b1252b9a23fe4033 Mon Sep 17 00:00:00 2001 From: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Date: Fri, 20 Dec 2024 11:34:28 -0500 Subject: [PATCH 11/11] Adding verbose logs to debug the sudden failure of tests without any error messages. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 604347f7e8..de2ee568b6 100644 --- a/Makefile +++ b/Makefile @@ -96,7 +96,7 @@ test-python-unit: python -m pytest -n 8 --color=yes sdk/python/tests test-python-integration: -A python -m pytest --tb=short -v -n 8 --integration --color=yes --durations=10 --timeout=1200 --timeout_method=thread --dist loadgroup \ + python -m pytest --tb=short -v -n 8 --integration --color=yes --durations=10 --timeout=1200 --timeout_method=thread --dist loadgroup \ -k "(not snowflake or not test_historical_features_main)" \ sdk/python/tests