bbovenzi commented on code in PR #24762: URL: https://github.com/apache/airflow/pull/24762#discussion_r911437899
########## RELEASE_NOTES.rst: ########## @@ -21,7 +21,121 @@ .. towncrier release notes start -Airflow 2.3.2 (2021-06-04) + +Airflow 2.3.3 (2022-07-04) +-------------------------- + +Significant Changes +^^^^^^^^^^^^^^^^^^^ + +- We've upgraded Flask Application Builder to a major version 4.*. + + Flask Application Builder is one of the important components of Airflow Webserver, as + it uses a lof of dependencies that are essential to run the webserver and integrate it + in enterprise environments - especially authentication. + + The FAB 4.* upgrades a number of dependencies to major releases, which upgrades them to versions + that have a number of security issues fixed. A lot of tests were performed to bring the dependencies + in a backwards-compatible way, however the dependencies themselves implement breaking changes in their + internals so it might be that some of those changes might impact the users in case they are using the + libraries for their onw purposes. + + One important change that you likely will need to apply to Oauth configuration is to add + ``server_metadata_url`` or ``jwks_uri`` and you can read about it more + in `this issue <https://github.com/dpgaspar/Flask-AppBuilder/issues/1861>`_. + + Here is the list of breaking changes in dependencies that comes together with FAB 4: + + * Flask from 1.X to 2.X `breaking changes <https://flask.palletsprojects.com/en/2.0.x/changes/#version-2-0-0>`_ + + * flask-jwt-extended 3.X to 4.X `breaking changes: <https://flask-jwt-extended.readthedocs.io/en/stable/v4_upgrade_guide/>`_ + + * Jinja2 2.X to 3.X `breaking changes: <https://jinja.palletsprojects.com/en/3.0.x/changes/#version-3-0-0>`_ + + * Werkzeug 1.X to 2.X `breaking changes <https://werkzeug.palletsprojects.com/en/2.0.x/changes/#version-2-0-0>`_ + + * pyJWT 1.X to 2.X `breaking changes: <https://pyjwt.readthedocs.io/en/stable/changelog.html#v2-0-0>`_ + + * Click 7.X to 8.X `breaking changes: <https://click.palletsprojects.com/en/8.0.x/changes/#version-8-0-0>`_ + + * itsdangerous 1.X to 2.X `breaking changes <https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst#version-200>`_ (#24399) + + +Bug Fixes +^^^^^^^^^ + +- Allow for ``LOGGING_LEVEL=DEBUG`` (#23360) +- Update Dockerfile (#24397) +- Fix grid date ticks (#24738) +- Debounce status highlighting in Grid view (#24710) +- Fix Grid vertical scrolling (#24684) +- don't try to render child rows for closed groups (#24637) +- Restore tooltip animation (#24503) Review Comment: ```suggestion - Restore tooltip animation (#24503) ``` This was fixing another commit here. Not a bug fix for release. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
