Releases: exasol/script-languages-container-tool
3.1.0
3.0.0
2.0.0
1.1.0
1.1.0 - 2025-01-29
Code name: Language Definition and Export optimization
Summary
This release optimizes the export step to minimize disk space. Also, it adds support for the language_definitions.json. Besides this it also contains some refactorings.
Features
- #245: Implemented support for Json for language definition
- #263: Extended language_definitions.json with deprecation fields
Refactoring
- #254: Replaced
set-outputGH command and updated Python Toolbox and ITDE - #257: Updated formating rules
- #256: Fixed type hints
- #258: Minimize disk space during export
- #253: Fixed help text for exaslct
Documentation
- #243: Removed incomplete title in user guide
1.0.0
Script-Languages-Container-Tool 1.0.0, released 2024-09-04
Code name: Major refactoring and new deployment API
Summary
This release changed the directory structure and aimed to separate the public and internal modules.
Also, the project now uses the exasol-toolbox to execute code quality CI jobs. There are new functions which
simplify the deployments of Script Language Containers on BucketFS.
The new API improves the generation of the Language Activation commands and provides new objects which contain
more detailed information about the installed Script Language Containers in BucketFS.
Features
#218: Added an option to ignore certificate errors for upload command
#231: Extended LanguageDefinitionComponents
Refactoring
#219: Replaced deprecated bucketfs API by new API
#171: Improved api generate_language_activation
#230: Created new method deploy with similar parameters as in python-extension-common
#234: Removed starter scripts
#237: Changed paths of package
0.21.0
0.20.0
Script-Languages-Container-Tool 0.20.0, released 2024-07-09
Code name: Fix vulnerabilities
Summary
This release fixes the following vulnerabilities by updating dependencies:
- CVE-2024-35195 in dependency
requestsin versions <2.32.0caused by requestsSessionobject not verifying requests after making first request withverify=False - CVE-2024-37891 in transitive dependency via
boto3tourllib3in versions <2.2.2caused by proxy-authorization request header not to be stripped during cross-origin redirects as no update of notebook-connector is available, yet. - GHSA-w235-7p84-xx57 in transitive dependency via
luigitotornadoin versions <6.4.1enabling CRLF injection inCurlAsyncHTTPClientheaders. - GHSA-753j-mpmx-qq6g in transitive dependency via
luigitotornadoin versions <6.4.1due to inconsistent interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
However, the release ignores the following vulnerabilities
- GHSA-753j-mpmx-qq6g in dependency
configobjin versions ≤5.0.8being ReDoS exploitable by developers using values in a server-side configuration file as SLCT is used only client side and a patched version is not available, yet.
Security Issues
- #216: Updated dependencies to fix vulnerabilities
0.19.0: Updated dependencies
Summary
This releases updated the dependency to exasol-integration-test-docker-environment and updates to Python3.10.
Refactorings
- #212: Updating dependencies and Python