Update Licenses (#876)

* Change licenses * Set 3.0.0 as upper bound on pytorch version * Remove macos from ci builds * Update changelog in prep for release * Add security to CI * Replace binom_test with binomtest * Fix Scikit-learn CalibratedClassifierCV signature and binomtest return value * Update contributing.md * Remove references to open source in README.md
SeldonIO · Jan 22, 2024 · ec3429e · ec3429e
1 parent 7dcac8a
commit ec3429e
Show file tree

Hide file tree

Showing 18 changed files with 5,383 additions and 4,831 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -35,11 +35,9 @@ jobs:
       matrix:
         os: [ ubuntu-latest ]
         python-version: [ '3.8', '3.9', '3.10', '3.11']
-        include: # Run macos and windows tests on only one python version
+        include: # Run windows tests on only one python version
           - os: windows-latest
             python-version: '3.10' # torch 1.x not available on Windows or MacOS for Python 3.11
-          - os: macos-latest
-            python-version: '3.10'
 
     steps:
       - name: Checkout code
@@ -68,9 +66,6 @@ jobs:
 
       - name: Test with pytest
         run: |
-          if [ "$RUNNER_OS" == "macOS" ]; then  # Avoid numba/OpenMP segfault in CVMDrift (https://github.com/SeldonIO/alibi-detect/issues/648)
-            export NUMBA_THREADING_LAYER="workqueue"
-          fi
           pytest --randomly-seed=0 alibi_detect
           # Note: The pytest-randomly seed is fixed at 0 for now. Once the legacy np.random.seed(0)'s 
           # are removed from tests, this can be removed, allowing all tests to use random seeds.

diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
@@ -0,0 +1,59 @@
+name: Security Scan
+
+on:
+  push:
+    branches:
+      - master
+      - release/*
+  schedule:
+    - cron: "0 0 * * 1"
+  workflow_dispatch:
+
+jobs:
+  scan-code:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+      - name: Install dependencies
+        run: |
+          pip install .[all]
+      - name: Create requirements.txt
+        run: |
+          # Snyk has issues working with complex setup.py files (e.g.
+          # https://github.com/snyk/cli/issues/1367).
+          # To account for this, we set up the environment and then dump it
+          # into a `requirements.txt` - this env includes both production and
+          # development dependencies.
+          # TODO: Once we move into Poetry, this can be replaced for the lock
+          # file.
+          pip freeze > requirements.txt
+      - name: Security Scan
+        uses: snyk/actions/python-3.10@master
+        with:
+          args: --fail-on=upgradable
+            --severity-threshold=high
+            --all-projects
+            --exclude=tests,testing,docs
+            --sarif-file-output=snyk-code.sarif
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+  static-code-analysis:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Static Code Analysis Scan
+        uses: snyk/actions/python-3.10@master
+        with:
+          command: code test
+          args: --fail-on=upgradable
+            --severity-threshold=high
+            --all-projects
+            --exclude=tests,docs
+            --sarif-file-output=snyk-sat.sarif
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/.github/workflows/test_all_notebooks.yml b/.github/workflows/test_all_notebooks.yml
@@ -21,11 +21,9 @@ jobs:
       matrix:
         os: [ ubuntu-latest ]
         python-version: [ '3.8', '3.9', '3.10', '3.11' ]
-        include: # Run macos and windows tests on only one python version
+        include: # Run windows tests on only one python version
           - os: windows-latest
-            python-version: '3.10' # torch 1.x not available on Windows or MacOS for Python 3.11
-          - os: macos-latest
-            python-version: '3.10'
+            python-version: '3.10' # torch 1.x not available on Windows for Python 3.11
 
     steps:
       - name: Checkout code

diff --git a/.github/workflows/test_changed_notebooks.yml b/.github/workflows/test_changed_notebooks.yml
@@ -28,11 +28,9 @@ jobs:
       matrix:
         os: [ ubuntu-latest ]
         python-version: [ '3.8', '3.9', '3.10', '3.11' ]
-        include: # Run macos and windows tests on only one python version
+        include: # Run windows tests on only one python version
           - os: windows-latest
-            python-version: '3.10' # torch 1.x not available on Windows or MacOS for Python 3.11
-          - os: macos-latest
-            python-version: '3.10'
+            python-version: '3.10' # torch 1.x not available on Windows for Python 3.11
 
     steps:
       - name: Checkout code

diff --git a/.snyk b/.snyk
@@ -0,0 +1,2 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,42 @@
 # Change Log
 
+## [v0.11.5](https://github.com/SeldonIO/alibi-detect/tree/v0.11.5) (2024-22-01)
+[Full Changelog](https://github.com/SeldonIO/alibi-detect/compare/v0.11.4...v0.11.5)
+
+This is a patch release fixing several bugs, updating dependencies and a change of license.
+
+### Added
+- Allow pickle when loading numpy array file ([#836](https://github.com/SeldonIO/alibi-detect/pull/836))
+- Add abbreviations in the getting_started page ([#863](https://github.com/SeldonIO/alibi-detect/pull/863))
+
+### Fixed
+- Remove scale_identity_multiplier to support tensorflow-probability 0.20 ([#828](https://github.com/SeldonIO/alibi-detect/pull/828))
+- Docs/dont load sklearn detectors in notebooks ([#842](https://github.com/SeldonIO/alibi-detect/pull/842))
+- Add notebooks tests for 3.11 ([#840](https://github.com/SeldonIO/alibi-detect/pull/840)) & ([#841](https://github.com/SeldonIO/alibi-detect/pull/841))
+- Split tox ci job into seperate jobs ([#843](https://github.com/SeldonIO/alibi-detect/pull/843))
+- Fix E721 linting errors ([#846](https://github.com/SeldonIO/alibi-detect/pull/846))
+- Change legacy tf optimizers types to forwardrefs ([#858](https://github.com/SeldonIO/alibi-detect/pull/858))
+- Remove deprecated multichannel keyword from skimage.filters.gaussian ([#857](https://github.com/SeldonIO/alibi-detect/pull/857))
+- Update Alibi_Detect_Logo_rgb image with white stroked letters ([#862](https://github.com/SeldonIO/alibi-detect/pull/862))
+- Update typechecking for mypy 1.7.0 ([#866](https://github.com/SeldonIO/alibi-detect/pull/866))
+
+### Changed
+- Alibi-Detect License change from Apache to Business Source License 1.1 ([#876](https://github.com/SeldonIO/alibi-detect/pull/876))
+
+### Development
+- Set 3.0.0 as upper bound on pytorch version (link tbd)
+- Update myst-parser requirement upper bound from 2.0 to 3.0 ([#815](https://github.com/SeldonIO/alibi-detect/pull/815))
+- Update pillow requirement upper bound from 10.0.0 to 11.0.0 ([#822](https://github.com/SeldonIO/alibi-detect/pull/822))
+- Update xgboost requirement upper bound from 2.0.0 to 3.0.0 ([#850](https://github.com/SeldonIO/alibi-detect/pull/850))
+- Bump tensorflow and tfp ([#860](https://github.com/SeldonIO/alibi-detect/pull/860))
+- Bump sphinx-design from 0.4.1 to 0.5.0 ([#845](https://github.com/SeldonIO/alibi-detect/pull/845))
+- Update scikit-image requirement ([#855](https://github.com/SeldonIO/alibi-detect/pull/855))
+- Update sphinxcontrib-apidoc requirement ([#848](https://github.com/SeldonIO/alibi-detect/pull/848))
+- Update numba requirement ([#851](https://github.com/SeldonIO/alibi-detect/pull/851))
+- Remove macos from ci ([#876](https://github.com/SeldonIO/alibi-detect/pull/876))
+- Add security scans to CI ([#876](https://github.com/SeldonIO/alibi-detect/pull/876))
+
+
 ## [v0.11.4](https://github.com/SeldonIO/alibi-detect/tree/v0.11.4) (2023-07-07)
 [Full Changelog](https://github.com/SeldonIO/alibi-detect/compare/v0.11.3...v0.11.4)
 

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -3,7 +3,7 @@
 We welcome PRs from the community. This document outlines the standard
 practices and development tools we use.
 
-When you contribute code, you affirm that the contribution is your original work and that you license the work to the project under the project's open source license. Whether or not you state this explicitly, by submitting any copyrighted material via pull request, email, or other means you agree to license the material under the project's open source license and warrant that you have the legal authority to do so.
+When you contribute code, you affirm that the contribution is your original work and that you license the work to the project under the project's license. Whether or not you state this explicitly, by submitting any copyrighted material via pull request, email, or other means you agree to license the material under the project's license and warrant that you have the legal authority to do so.
 
 ## Getting started
 The easiest way to get started is to install all the development dependencies
@@ -180,8 +180,6 @@ the CI Guthub Action runner.
 
 - If the registered public SSH key is not your default private SSH key, you will need to specify the path manually, like so: ssh -i <path-to-key> <tmate-connection-string>.
 - Once you have finished debugging, you can continue the workflow (i.e. let the full build CI run) by running `touch continue` whilst in the root directory (`~/work/alibi-detect/alibi-detect`). This will close the tmate session.
-- This new capability is currently temperamental on the `MacOS` build due to [this issue](https://github.com/mxschmitt/action-tmate/issues/69). If the MacOS build fails all the builds are failed. If this happens, it is 
-recommended to retrigger only the workflow build of interest e.g. `ubuntu-latest, 3.10`, and then follow the instructions above from step 3.
 
 ## Optional Dependencies