Release/3.15.5 -> main #3640
Merged
Release/3.15.5 -> main #3640
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Release/3.15.4
Add CHANGELOG entry for 3.15.4
Most of the ignored items are either not relevant anymore (because that dependency is already on a newer version) or it might make sense to reevaluate whether we should defer upgrading permanently.
* Set up grouped Dependabot updates for npm dependencies * Correctly use "devDependencies" group in package.json There were quite a few dependencies that should have been added to "devDependencies" in the first place. Changing this now so we can configure Dependabot to update all dev dependencies in a single PR.
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.8 to 7.23.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [yaml](https://github.com/eemeli/yaml) from 2.3.2 to 2.3.4. - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.3.2...v2.3.4) --- updated-dependencies: - dependency-name: yaml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.16.0 to 6.18.0. - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.18.0/packages/react-router-dom) --- updated-dependencies: - dependency-name: react-router-dom dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [react-countup](https://github.com/glennreyes/react-countup) from 6.4.2 to 6.5.0. - [Release notes](https://github.com/glennreyes/react-countup/releases) - [Commits](glennreyes/react-countup@v6.4.2...v6.5.0) --- updated-dependencies: - dependency-name: react-countup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [undici](https://github.com/nodejs/undici) from 5.22.1 to 5.26.3. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.22.1...v5.26.3) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@alephdata/followthemoney](https://github.com/alephdata/followthemoney) from 3.5.4 to 3.5.5. - [Release notes](https://github.com/alephdata/followthemoney/releases) - [Commits](alephdata/followthemoney@v3.5.4...v3.5.5) --- updated-dependencies: - dependency-name: "@alephdata/followthemoney" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…of-files Suggest alephclient for uploading lots of files instead of UI
Relates to #3384
Add worker scaling docs
…eads Explicitly disable servicelayer worker threads in Helm chart & env
* Update example values to work with current Postgres chart version * Add ingress class annotation to ensure the Nginx ingress doesn’t ignore the ingress resource * Use ES Helm chart for ES 7 Otherwise a Helm chart for ES 8 will be used, which by default installs ES 8 and has some breaking changes with regards to the structure of values. * Mark secret key ref for `SENTRY_DSN` as optional * Update K8s example This adjusts the example so that it can be easily run on a single-node K8s cluster provided by Docker Compose. I have also tweaked the default values to reduce the resources to a minimum and tried to make the example as easy to install as possible. * Emphasize that selecting the correct kubectl context may be necessary * Update default ingest-file version in Helm chart * Add note on Docker Desktop memory resource limits * Add note about `kubernetes.docker.internal` host * Add upgrade instructions * Simplify secrets setup * Document how to create a user, known issues * Fix typo * Replace deprecated `kubernetes.io/ingress.class` annotation As suggested by @stchris * Fix default ingest-file version in Helm chart (again…)
Update translations
Update playwright to 1.40
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.0.292 to 0.1.6. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@v0.0.292...v0.1.6) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Don't push helm charts prefixed test-
…-group chore: dependabot: group dev dependency bumps
….1.6 Bump ruff from 0.0.292 to 0.1.6
Bumps the dev-dependencies group with 2 updates: [black](https://github.com/psf/black) and [ruff](https://github.com/astral-sh/ruff). Updates `black` from 23.9.1 to 23.12.0 - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@23.9.1...23.12.0) Updates `ruff` from 0.0.292 to 0.1.9 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@v0.0.292...v0.1.9) --- updated-dependencies: - dependency-name: black dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…pendencies-2bfa9401d9 Bump the dev-dependencies group with 2 updates
Add linter run to PR checks
Updates the requirements on [faker](https://github.com/joke2k/faker) to permit the latest version. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v5.6.0...v22.0.0) --- updated-dependencies: - dependency-name: faker dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [apispec](https://github.com/marshmallow-code/apispec) from 6.3.0 to 6.3.1. - [Changelog](https://github.com/marshmallow-code/apispec/blob/dev/CHANGELOG.rst) - [Commits](marshmallow-code/apispec@6.3.0...6.3.1) --- updated-dependencies: - dependency-name: apispec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the dev-dependencies group with 1 update: [black](https://github.com/psf/black). Updates `black` from 23.12.0 to 23.12.1 - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@23.12.0...23.12.1) --- updated-dependencies: - dependency-name: black dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [authlib](https://github.com/lepture/authlib) from 0.15.5 to 1.3.0. - [Release notes](https://github.com/lepture/authlib/releases) - [Changelog](https://github.com/lepture/authlib/blob/master/docs/changelog.rst) - [Commits](lepture/authlib@v0.15.5...v1.3.0) --- updated-dependencies: - dependency-name: authlib dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [alembic](https://github.com/sqlalchemy/alembic) from 1.12.0 to 1.13.1. - [Release notes](https://github.com/sqlalchemy/alembic/releases) - [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/alembic/commits) --- updated-dependencies: - dependency-name: alembic dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [python-frontmatter](https://github.com/eyeseast/python-frontmatter) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/eyeseast/python-frontmatter/releases) - [Commits](eyeseast/python-frontmatter@v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: python-frontmatter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [marshmallow](https://github.com/marshmallow-code/marshmallow) from 2.19.2 to 3.20.1. - [Changelog](https://github.com/marshmallow-code/marshmallow/blob/dev/CHANGELOG.rst) - [Commits](marshmallow-code/marshmallow@2.19.2...3.20.1) --- updated-dependencies: - dependency-name: marshmallow dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.19.1 to 4.20.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](python-jsonschema/jsonschema@v4.19.1...v4.20.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: catileptic <alex.stefanescu@protonmail.com>
Bumps [blinker](https://github.com/pallets-eco/blinker) from 1.6.2 to 1.7.0. - [Release notes](https://github.com/pallets-eco/blinker/releases) - [Changelog](https://github.com/pallets-eco/blinker/blob/main/CHANGES.rst) - [Commits](pallets-eco/blinker@1.6.2...1.7.0) --- updated-dependencies: - dependency-name: blinker dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [normality](https://github.com/pudo/normality) from 2.4.0 to 2.5.0. - [Commits](pudo/normality@2.4.0...2.5.0) --- updated-dependencies: - dependency-name: normality dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [flask-babel](https://github.com/python-babel/flask-babel) from 3.1.0 to 4.0.0. - [Release notes](https://github.com/python-babel/flask-babel/releases) - [Changelog](https://github.com/python-babel/flask-babel/blob/master/CHANGELOG) - [Commits](python-babel/flask-babel@v3.1.0...v4.0.0) --- updated-dependencies: - dependency-name: flask-babel dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The official MinIO chart has been deprecated in favor or an official operator (which is a bit overkill for a simple dev setup). Also the MinIO version we were using was quite outdated.
* Add Prometheus instrumentation Closes #3214 * Fix missing bind argument * Run Prometheus exporter as a separate service * Expose number of streaming requests and number of streamed entities as metrics * Expose number of auth attempts as Prometheus metrics * Update Helm chart to expose metrics endpoints, setup ServiceMonitors * Handle requests without Authz object gracefully * Rename Prometheus label to "api_endpoint" to prevent naming clashes Prometheus Operator also uses the "endpoint" label and automatically renames "endpoint" labels exposed by the metrics endpoint to "exported_endpoints" which is ugly. * Add xref metrics * Use common prefix for all metric names Even though it is considered an anti-pattern to add a prefix with the name of the software or component to metrics (according to the official Prometheus documentation), I have decided to add a prefix. I’ve found that this makes it much easier to find relevant metrics. The main disadvantage of per-component prefixes queries become slightly more complex if you want to query the same metric (e.g. HTTP request duration) across multiple components. This isn’t super important in our case though, so I think the trade-off is acceptable. * Expose Python platform information as Prometheus metrics * Remove unused port, network policy from K8s specs Although I'm not 100% sure, the exposed port 3000 probably is a left-over from the past, possibly when convert-document was still part of ingest-file. The network policy prevented Prometheus from scraping ingest-file metrics (and as the metrics port is now the only port exposed by ingest-file, should be otherwise unnecessary). * Use keyword args to set Prometheus metric labels As suggested by @stchris * Bump servicelayer from 1.22.0 to 1.22.1 * Simplify entity streaming metrics code There’s no need to do batched metric increments until this becomes a performance bottleneck. * Limit maximum size of Prometheus multiprocessing directory * Do not let collector classes inherit from `object` I copied the boilerplate for custom collectors from the docs without thinking about it too much, but inheriting from `object` really isn’t necessary anymore in Python 3. The Prometheus client also exports an abstract `Collector` class -- it doesn’t do anything except providing type hints for the `collect` method which is nice. * Add `aleph_` prefix to Prometheus API metrics * Fix metrics name (singular -> plural) * Add documentation on how to test Prometheus instrumentation in local Kubernetes cluster
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.