Skip to content

Commit b41d74e

Browse files
author
Cloud Composer Team
committed
fixup! Composer dependencies patch
Pin version of requests package until issue with Docker is fixed: docker/docker-py#3257 Change-Id: I59d4882f47f4288226aaabf27554a0b7f9dfe514 GitOrigin-RevId: b46622d7a9d99dfcad2e073e5b6c07887e80542c
1 parent 518fec3 commit b41d74e

File tree

1 file changed

+10
-8
lines changed

1 file changed

+10
-8
lines changed

setup.py

+10-8
Original file line numberDiff line numberDiff line change
@@ -378,6 +378,8 @@ def write_version(filename: str = str(AIRFLOW_SOURCES_ROOT / "airflow" / "git_ve
378378
]
379379
composer_additional = [
380380
"aiodebug",
381+
# aiohttp and pygments in lower versions contain security vulnerabilities.
382+
"aiohttp>=3.8.5",
381383
# TODO: Internal bug - Remove after the issue is fixed in community
382384
# https://github.com/apache/airflow/issues/35434
383385
"connexion<=2.14.2",
@@ -386,13 +388,15 @@ def write_version(filename: str = str(AIRFLOW_SOURCES_ROOT / "airflow" / "git_ve
386388
"dbt-bigquery",
387389
"dbt-core",
388390
"firebase-admin",
391+
# TODO: remove once https://github.com/apache/airflow/issues/36897 is closed
392+
"Flask-Session<0.6.0",
389393
# Due to security vulnerability Flower version >= 2.0.0 required.
390394
"flower>=2.0.0",
391395
"gcsfs",
392396
"google-apitools",
393397
"google-cloud-aiplatform",
394398
"google-cloud-asset",
395-
# remove once https://github.com/apache/airflow/issues/39541 is resolved
399+
# TODO: remove once https://github.com/apache/airflow/issues/39541 is resolved
396400
"google-cloud-bigquery<3.21.0,>=3.0.1",
397401
"google-cloud-datacatalog-lineage-producer-client",
398402
"google-cloud-datastore",
@@ -405,18 +409,16 @@ def write_version(filename: str = str(AIRFLOW_SOURCES_ROOT / "airflow" / "git_ve
405409
"pip==23.2.1",
406410
"pyOpenSSL",
407411
"pipdeptree",
412+
"pygments>2.15.0",
413+
# TODO: remove once https://github.com/apache/airflow/issues/37156 closed
414+
"pytest<8.0.0",
415+
# TODO: remove once new version of Docker is released (https://github.com/docker/docker-py/pull/3257)
416+
"requests>=2.24.0,<3.0.0,!=2.32.*",
408417
"sqllineage",
409418
"sqlparse",
410419
"tensorflow",
411420
# Versions < 2.2.3 contain security vulnerabilities.
412421
"werkzeug>=2.2.3",
413-
# aiohttp and pygments in lower versions contain security vulnerabilities.
414-
"aiohttp>=3.8.5",
415-
"pygments>2.15.0",
416-
# remove once https://github.com/apache/airflow/issues/36897 is closed
417-
"Flask-Session<0.6.0",
418-
# TODO: Remove once https://github.com/apache/airflow/issues/37156 closed
419-
"pytest<8.0.0",
420422
]
421423
composer = (
422424
PROVIDER_DEPENDENCIES["mysql"][DEPS]

0 commit comments

Comments
 (0)