This is an automated email from the ASF dual-hosted git repository. ephraimanierobi pushed a commit to branch v2-3-test in repository https://gitbox.apache.org/repos/asf/airflow.git
commit a9eca078cb66987366ca616921f83e1fe374aa30 Author: Ephraim Anierobi <[email protected]> AuthorDate: Thu Jun 30 17:14:51 2022 +0100 Add release note for 2.3.3 --- RELEASE_NOTES.rst | 114 ++++++++++++++++++++++++++++++++++++ newsfragments/24399.significant.rst | 31 ---------- newsfragments/24519.misc.rst | 1 - 3 files changed, 114 insertions(+), 32 deletions(-) diff --git a/RELEASE_NOTES.rst b/RELEASE_NOTES.rst index 9629aebedf..fa85317a4a 100644 --- a/RELEASE_NOTES.rst +++ b/RELEASE_NOTES.rst @@ -21,6 +21,120 @@ .. towncrier release notes start + +Airflow 2.3.3 (2022-07-04) +-------------------------- + +Significant Changes +^^^^^^^^^^^^^^^^^^^ + +- We've upgraded Flask Application Builder to a major version 4.*. + + Flask Application Builder is one of the important components of Airflow Webserver, as + it uses a lof of dependencies that are essential to run the webserver and integrate it + in enterprise environments - especially authentication. + + The FAB 4.* upgrades a number of dependencies to major releases, which upgrades them to versions + that have a number of security issues fixed. A lot of tests were performed to bring the dependencies + in a backwards-compatible way, however the dependencies themselves implement breaking changes in their + internals so it might be that some of those changes might impact the users in case they are using the + libraries for their onw purposes. + + One important change that you likely will need to apply to Oauth configuration is to add + ``server_metadata_url`` or ``jwks_uri`` and you can read about it more + in `this issue <https://github.com/dpgaspar/Flask-AppBuilder/issues/1861>`_. + + Here is the list of breaking changes in dependencies that comes together with FAB 4: + + * Flask from 1.X to 2.X `breaking changes <https://flask.palletsprojects.com/en/2.0.x/changes/#version-2-0-0>`_ + + * flask-jwt-extended 3.X to 4.X `breaking changes: <https://flask-jwt-extended.readthedocs.io/en/stable/v4_upgrade_guide/>`_ + + * Jinja2 2.X to 3.X `breaking changes: <https://jinja.palletsprojects.com/en/3.0.x/changes/#version-3-0-0>`_ + + * Werkzeug 1.X to 2.X `breaking changes <https://werkzeug.palletsprojects.com/en/2.0.x/changes/#version-2-0-0>`_ + + * pyJWT 1.X to 2.X `breaking changes: <https://pyjwt.readthedocs.io/en/stable/changelog.html#v2-0-0>`_ + + * Click 7.X to 8.X `breaking changes: <https://click.palletsprojects.com/en/8.0.x/changes/#version-8-0-0>`_ + + * itsdangerous 1.X to 2.X `breaking changes <https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst#version-200>`_ (#24399) + + +Bug Fixes +^^^^^^^^^ + +- Allow for ``LOGGING_LEVEL=DEBUG`` (#23360) +- Update Dockerfile (#24397) +- Fix grid date ticks (#24738) +- Debounce status highlighting in Grid view (#24710) +- Fix Grid vertical scrolling (#24684) +- don't try to render child rows for closed groups (#24637) +- Restore tooltip animation (#24503) +- Do not calculate grid root instances (#24528) +- Maintain grid view selection on filtering upstream (#23779) +- Speed up grid_data endpoint by 10x (#24284) +- Apply per-run log templates to log handlers (#24153) +- Don't crash scheduler if exec config has old k8s objects (#24117) +- ``TI.log_url`` fix for ``map_index`` (#24335) +- Fix migration ``0080_2_0_2`` - Replace null values before setting column not null (#24585) +- Patch ``sql_alchemy_conn`` if old Postgres schemes used (#24569) +- Seed ``log_template`` table (#24511) +- Fix deprecated ``log_id_template`` value (#24506) +- Fix toast messages (#24505) +- Add indexes for CASCADE deletes for task_instance (#24488) +- Return empty dict if Pod JSON encoding fails (#24478) +- Remove ``framer-motion`` from custom tooltip (#24449) +- Improve grid rendering performance with a custom tooltip (#24417) +- Check for run_id for grid group summaries (#24327) +- Optimize calendar view for cron scheduled DAGs (#24262) +- Use ``get_hostname`` instead of ``socket.getfqdn`` (#24260) +- Check that edge nodes actually exist (#24166) +- Fix ``useTasks`` crash on error (#24152) +- Do not fail requeued TIs (#23846) +- Reduce grid view API calls (#24083) +- Rename Permissions to Permission Pairs. (#24065) +- Replace ``use_task_execution_date`` with ``use_task_logical_date`` (#23983) +- Grid fix details button truncated and small UI tweaks (#23934) +- Add TaskInstance State ``REMOVED`` to finished states and success states (#23797) +- Fix mapped task immutability after clear (#23667) +- Fix permission issue for dag that has dot in name (#23510) +- Fix closing connection ``dbapi.get_pandas_df`` (#23452) +- Check bag DAG ``schedule_interval`` match tiemtable (#23113) +- Parse error for task added to multiple groups (#23071) + + +Doc only changes +^^^^^^^^^^^^^^^^ + +- docs: sqlalchemy link update (#24627) +- Update ui.rst (#24514) +- Update production-deployment.rst (#24121) +- Fix inverted section levels in best-practices.rst (#23968) +- Alphabetizes two tables (#23923) +- Clarify that users should not use Maria DB (#24556) +- Add imports to deferring code samples (#24544) +- Add note about image regeneration in June 2022 (#24524) +- Small cleanup of ``get_current_context()`` chapter (#24482) +- Docs: Fix default 2.2.5 log_id_template (#24455) +- Update description of installing providers separately from core (#24454) +- Mention context variables and logging (#24304) + + +Misc/Internal +^^^^^^^^^^^^^ + +- Remove internet explorer support (#24495) +- Fix flaky order of returned dag runs (#24405) +- Removing magic status code numbers from api_connecxion (#24050) +- Upgrade FAB to 4.1.2 (#24619) +- Switch Markdown engine to markdown-it-py (#19702) +- Update 'rich' to latest version across the board. (#24186) +- Get rid of TimedJSONWebSignatureSerializer (#24519) +- Update flask-appbuilder authlib/oauth dependency (#24516) +- The JWT claims in the request to retrieve logs have been standardized: we use "nbf" and "aud" claims for maturity and audience of the requests. Also "filename" payload field is used to keep log name. (#24519) + + Airflow 2.3.2 (2022-06-04) -------------------------- diff --git a/newsfragments/24399.significant.rst b/newsfragments/24399.significant.rst deleted file mode 100644 index 7f1833a8e8..0000000000 --- a/newsfragments/24399.significant.rst +++ /dev/null @@ -1,31 +0,0 @@ -We've upgraded Flask Application Builder to a major version 4.*. - -Flask Application Builder is one of the important components of Airflow Webserver, as -it uses a lof of dependencies that are essential to run the webserver and integrate it -in enterprise environments - especially authentication. - -The FAB 4.* upgrades a number of dependencies to major releases, which upgrades them to versions -that have a number of security issues fixed. A lot of tests were performed to bring the dependencies -in a backwards-compatible way, however the dependencies themselves implement breaking changes in their -internals so it might be that some of those changes might impact the users in case they are using the -libraries for their onw purposes. - -One important change that you likely will need to apply to Oauth configuration is to add -``server_metadata_url`` or ``jwks_uri`` and you can read about it more -in `this issue <https://github.com/dpgaspar/Flask-AppBuilder/issues/1861>`_. - -Here is the list of breaking changes in dependencies that comes together with FAB 4: - -* Flask from 1.X to 2.X `breaking changes <https://flask.palletsprojects.com/en/2.0.x/changes/#version-2-0-0>`_ - -* flask-jwt-extended 3.X to 4.X `breaking changes: <https://flask-jwt-extended.readthedocs.io/en/stable/v4_upgrade_guide/>`_ - -* Jinja2 2.X to 3.X `breaking changes: <https://jinja.palletsprojects.com/en/3.0.x/changes/#version-3-0-0>`_ - -* Werkzeug 1.X to 2.X `breaking changes <https://werkzeug.palletsprojects.com/en/2.0.x/changes/#version-2-0-0>`_ - -* pyJWT 1.X to 2.X `breaking changes: <https://pyjwt.readthedocs.io/en/stable/changelog.html#v2-0-0>`_ - -* Click 7.X to 8.X `breaking changes: <https://click.palletsprojects.com/en/8.0.x/changes/#version-8-0-0>`_ - -* itsdangerous 1.X to 2.X `breaking changes <https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst#version-200>`_ diff --git a/newsfragments/24519.misc.rst b/newsfragments/24519.misc.rst deleted file mode 100644 index 799d9141d2..0000000000 --- a/newsfragments/24519.misc.rst +++ /dev/null @@ -1 +0,0 @@ -The JWT claims in the request to retrieve logs have been standardized: we use "nbf" and "aud" claims for maturity and audience of the requests. Also "filename" payload field is used to keep log name.
