Merge develop into infrahub-develop#1023
Merged
Merged
Conversation
- Add npm overrides in docs/package.json for 12 vulnerable transitive deps (postcss, follow-redirects, lodash, path-to-regexp, serialize-javascript, node-forge, picomatch, rollup, markdown-it, ajv, qs, webpack) and regenerate docs/package-lock.json against current registry. - Bump requests dev dependency floor to >=2.33.0 to clear GHSA-gc5v-m9x4-r6x2 (Insecure Temp File Reuse in extract_zipped_paths). Resolves the 27 currently open Dependabot alerts. `npm audit` reports 0 vulnerabilities after the lockfile regeneration.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ests Replace patch()-heavy unit tests for display_schema_load_errors with integration tests that exercise the real server response → renderer path, so we catch any drift between the schema-load endpoint's error shape and CLI handling (particularly for extensions paths). Add an optional Console parameter to display_schema_load_errors so tests can capture rendered output via dependency injection instead of patching the module-level console. Keep valid_error_path covered as a fast parametrized unit test with no patchin
Replace on with a Literal of nodes, generics, relationships so the accepted values are explicit at the type level. Matches the set already enforced at runtime by valid_error_path
…notate _render_schema_error parsing branches
* docs: adjust links following doc migration * docs: further adjust
…le.capture() and hoist SchemaContainer alias
Bumps [ujson](https://github.com/ultrajson/ultrajson) from 5.12.0 to 5.12.1. - [Release notes](https://github.com/ultrajson/ultrajson/releases) - [Commits](ultrajson/ultrajson@5.12.0...5.12.1) --- updated-dependencies: - dependency-name: ujson dependency-version: 5.12.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
chore(deps): bump ujson from 5.12.0 to 5.12.1
fix(ctl): handle extensions paths in display_schema_load_errors (#1007)
chore(deps): patch transitive vulns in docs and bump requests dev floor
* chore(deps): patch transitive vulns in docs and bump requests dev floor - Add npm overrides in docs/package.json for 12 vulnerable transitive deps (postcss, follow-redirects, lodash, path-to-regexp, serialize-javascript, node-forge, picomatch, rollup, markdown-it, ajv, qs, webpack) and regenerate docs/package-lock.json against current registry. - Bump requests dev dependency floor to >=2.33.0 to clear GHSA-gc5v-m9x4-r6x2 (Insecure Temp File Reuse in extract_zipped_paths). Resolves the 27 currently open Dependabot alerts. `npm audit` reports 0 vulnerabilities after the lockfile regeneration. * fix(ctl): handle extensions paths in display_schema_load_errors (#1007) * chore(changelog): add newsfragment for #1007 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * test(ctl): replace brittle schema-load-error mocks with integration tests Replace patch()-heavy unit tests for display_schema_load_errors with integration tests that exercise the real server response → renderer path, so we catch any drift between the schema-load endpoint's error shape and CLI handling (particularly for extensions paths). Add an optional Console parameter to display_schema_load_errors so tests can capture rendered output via dependency injection instead of patching the module-level console. Keep valid_error_path covered as a fast parametrized unit test with no patchin * refactor(ctl): type schema get_node container as Literal Replace on with a Literal of nodes, generics, relationships so the accepted values are explicit at the type level. Matches the set already enforced at runtime by valid_error_path * fix(ctl): default missing msg/type keys in schema error renderer * fix(ctl): guard out-of-range index in _resolve_attribute_label and annotate _render_schema_error parsing branches * docs: adjust links following doc migration (#1016) * docs: adjust links following doc migration * docs: further adjust * refactor(ctl): address schema-load review feedback and use rich console.capture() and hoist SchemaContainer alias * chore(deps): bump ujson from 5.12.0 to 5.12.1 Bumps [ujson](https://github.com/ultrajson/ultrajson) from 5.12.0 to 5.12.1. - [Release notes](https://github.com/ultrajson/ultrajson/releases) - [Commits](ultrajson/ultrajson@5.12.0...5.12.1) --- updated-dependencies: - dependency-name: ujson dependency-version: 5.12.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Pete Crocker <pete@petecrocker.com> Co-authored-by: Iddo <iddocohen@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Co-authored-by: Baptiste <32564248+BaptisteGi@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Ogenstad <patrick@ogenstad.com>
Deploying infrahub-sdk-python with
|
| Latest commit: |
2de8b09
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://c77c8e49.infrahub-sdk-python.pages.dev |
| Branch Preview URL: | https://develop.infrahub-sdk-python.pages.dev |
github-actions
Bot
added
the
type/documentation
Codecov Report❌ Patch coverage is
@@ Coverage Diff @@
## infrahub-develop #1023 +/- ##
====================================================
- Coverage 81.56% 81.54% -0.03%
====================================================
Files 134 134
Lines 11454 11479 +25
Branches 1730 1735 +5
====================================================
+ Hits 9343 9361 +18
- Misses 1565 1570 +5
- Partials 546 548 +2
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merging develop into infrahub-develop after merging pull request #1018.
Summary by cubic
Fixes infrahubctl schema error rendering and patches vulnerable docs dependencies. Errors from schema
extensions:now print as clear one-line messages instead of crashing;requestsandujsonare bumped for security.Bug Fixes
extensions:validation errors ininfrahubctl schema load; no moreValueErrorcrash.Dependencies
package-lock.json(0 vulns after).requestsfloor to>=2.33.0and bumpujsonto5.12.1.Written for commit 2de8b09. Summary will update on new commits.