xuang7 opened a new issue, #5588: URL: https://github.com/apache/texera/issues/5588
### Task Summary License-binary drift on `release/v1.2` ([run](https://github.com/apache/texera/actions/runs/27225018240), 2026-06-09). **Where:** - build / pyamber (ubuntu-latest, 3.12) — Check installed Python packages against per-module LICENSE-binary files **Drift (transitive) in `amber/LICENSE-binary-python` (recorded → bundled):** - aiohttp 3.13.5 → 3.14.1 - filelock 3.29.0 → 3.29.1 - hf-xet 1.5.0 → 1.5.1 - huggingface-hub 1.16.1 → 1.18.0 - idna 3.16 → 3.18 - safetensors 0.7.0 → 0.8.0 - tifffile 2026.5.15 → 2026.6.1 - tqdm 4.67.3 → 4.68.2 - update-checker 0.18.0 → 1.0.0 **How to resolve:** refresh `amber/LICENSE-binary-python` to the bundled versions, then re-run the License Binary Checker on `release/v1.2` to confirm green. `main` and `release/v1.2` currently share an identical `amber/LICENSE-binary-python`, so the fix should be a single refresh PR on `main` (closing the main drift tracker #5297), labeled `release/v1.2` to auto-backport — covering both branches. Transitive deps keep drifting (more packages than the 2026-06-05 run), so the refresh is best done at RC-prep time so it matches the RC build. Part of #5365. Related: #5297 (main drift tracker). ### Task Type - [ ] Refactor / Cleanup - [x] DevOps / Deployment / CI - [ ] Testing / QA - [ ] Documentation - [ ] Performance - [ ] Other -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
