DC/OS - The Datacenter Operating System

dcos, updated 🕥 2022-12-27 15:36:49

DC/OS - The Datacenter Operating System

The easiest way to run microservices, big data, and containers in production.

DC/OS End of Life

Support for DC/OS ends on October 31, 2021. We will continue to provide support for our current DC/OS customers per their contracts, of course. However, we will no longer be investing in new features or capabilities or maintaining the related repositories. If a customer wishes to continue use of the DC/OS Enterprise platform or other non-free DC/OS components, the customer can purchase an End-of-Life License or Perpetual Use License, however support is not included in these licenses and continued use of DC/OS will be at your own discretion and risk.

We want to thank all of our loyal customers, particularly those DC/OS users who were fellow pioneers in the growth of the cloud native landscape from the beginning.

What is DC/OS?

Like traditional operating systems, DC/OS is system software that manages computer hardware and software resources and provides common services for computer programs.

Unlike traditional operating systems, DC/OS spans multiple machines within a network, aggregating their resources to maximize utilization by distributed applications.

To learn more, see the DC/OS Overview.

How Do I...?

Learn More - https://dcos.io/
Find the Docs - https://dcos.io/docs/
Install - https://dcos.io/install/
Get Started - https://dcos.io/get-started/
Get Help - http://chat.dcos.io/
Join the Discussion - https://groups.google.com/a/dcos.io/d/forum/users
Report an Issue - https://jira.dcos.io
Contribute - https://dcos.io/contribute/

Releases

DC/OS releases are publicly available on http://dcos.io/releases/

Release artifacts are managed by Mesosphere on Amazon S3, using a CloudFront cache.

To find the git SHA of any given release, check the latest commit in the versioned branches on GitHub: https://github.com/dcos/dcos/branches/

| Release Type | URL Pattern | |--------------|--------------------| | Latest Stable| https://downloads.dcos.io/dcos/stable/dcos_generate_config.sh | | Latest Master| https://downloads.dcos.io/dcos/testing/master/dcos_generate_config.sh | | Latest Build of Specific PR| https://downloads.dcos.io/dcos/testing/pull/<github-pr-number>/dcos_generate_config.sh |

Development Environment

Linux is required for building and testing DC/OS.

Linux distribution:
- Docker doesn't have all the features needed on OS X or Windows
- tar needs to be GNU tar for the set of flags used
- unzip needs to be installed
pre-commit
tox
git 1.8.5+
Docker 1.11+
- Install Instructions for various distributions. Docker needs to be configured so your user can run docker containers. The command docker run alpine /bin/echo 'Hello, World!' when run at a new terminal as your user should just print "Hello, World!". If it says something like "Unable to find image 'alpine:latest' locally" then re-run and the message should go away.
Python 3.6
- Arch Linux: sudo pacman -S python
- Fedora 23 Workstation: Already installed by default / no steps
- Ubuntu 16.04 LTS:
  - pyenv-installer
  - Python dependencies: sudo apt-get install make build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev wget curl llvm libncurses5-dev libncursesw5-dev xz-utils liblzma-dev python3-venv
  - Install Python 3.6.3: pyenv install 3.6.3
  - Create DC/OS virtualenv: pyenv virtualenv 3.6.3 dcos
  - Activate environment: pyenv activate dcos
Over 10GB of free disk space and 8GB of RAM
- The build makes use of hard links, so if you're using VirtualBox the disk space cannot be a synced folder.
Optional pxz (speeds up package and bootstrap compression)
- ArchLinux: pxz-git in the AUR. The pxz package corrupts tarballs fairly frequently.
- Fedora 23: sudo dnf install pxz

Unit Tests

Unit tests can be run locally but require the development environment specified above.

tox

Tox is used to run the codebase unit tests, as well as coding standard checks. The config is in tox.ini.

Integration Tests

Integration tests can be run on any deployed DC/OS cluster. For installation instructions, see https://dcos.io/install/.

Integration tests are installed via the dcos-integration-test Pkgpanda package.

Integration test files are stored on the DC/OS master node at /opt/mesosphere/active/dcos-integration-test. Therefore, in order to test changes to test files, move files from packages/dcos-integration-test/extra/ in your checkout to /opt/mesosphere/active/dcos-integration-test on the master node.

The canonical source of the test suite's results is the continuous integration system. There may be differences between the results of running the integration tests as described in this document and the results given by the continuous integration system. In particular, some tests may pass on the continuous integration system and fail locally or vice versa.

Minimum Requirements

1 master node
2 private agent nodes
1 public agent node
Task resource allocation is currently insignificantly small
DC/OS itself requires at least 2 (virtual) cpu cores on each node

Instructions

SSH into a master node The tests can be run via Pytest while SSH'd as root into a master node of the cluster to be tested.
Switch to root

sudo su -
Add the test user

dcos-shell python /opt/mesosphere/bin/dcos_add_user.py [email protected]

Running the above mentioned command will result in an output

User [email protected] successfully added

This test user has a known login token with far future expiration. DO NOT USE IN PRODUCTION. After the test, remember to delete the test user.

For more information, see User Management.
Run the tests using pytest in the cluster.

cd /opt/mesosphere/active/dcos-integration-test dcos-shell pytest

Using a Docker Cluster with miniDC/OS

One way to run the integration tests is to use the miniDC/OS CLI.

This lets you create, run and manage clusters in test environments. Each DC/OS node is represented by a Docker container.

Setup DC/OS in containers using the miniDC/OS CLI.

For example, after installing the miniDC/OS CLI, create a cluster:

minidcos docker download-installer minidcos docker create /tmp/dcos_generate_config.sh \ --masters 1 \ --agents 2 \ --public-agents 1 \ --cluster-id default

Run minidcos docker wait

Wait for DC/OS to start. Running wait command allows to make sure that the cluster is set up properly before any other actions that could otherwise cause errors in pytest command in the next step.

Run pytest on a master node.

For example:

minidcos docker run --test-env pytest

Destroy the cluster.

minidcos docker destroy

End-to-end Tests

E2E tests start a cluster as part of the test. These are useful for testing specific configurations or performing more disruptive tests.

To run the e2e tests, download a DC/OS installer, create a Python virtualenv, and run:

cd test-e2e pip install -r requirements.txt export DCOS_E2E_GENCONF_PATH=${PWD}/dcos_generate_config.sh export DCOS_E2E_TMP_DIR_PATH=/tmp export DCOS_E2E_LOG_DIR=/tmp/logs pytest

Tests are annotated to be skipped if specific files are unchanged. This only applies to non-train Pull Requests run by D2iQ CI. In other cases, including running locally, all tests will run. You can use pytest arguments to restrict tests to a specific subset.

Build

DC/OS can be built locally but requires the development environment specified above.

DC/OS builds are packaged as a self-extracting Docker image wrapped in a bash script called dcos_generate_config.sh.

WARNING: Building a release from scratch the first time on a modern dev machine (4 cores / 8 hyper threads, SSD, reasonable internet bandwidth) takes about 1 hour.

Instructions

./build_local.sh

That will run a simple local build, and output the resulting DC/OS installers to ./packages/cache/dcos_generate_config.sh:

$ ./packages/cache/dcos_generate_config.sh

See the section on running in Docker to test the installer.

Build Details

If you look inside of the bash script build_local.sh there are the commands with descriptions of each.

The general flow is to: 1. Check the environment is reasonable 2. Write a release tool configuration if one doesn't exist 3. Setup a python virtualenv where we can install the DC/OS python tools to in order to run them 4. Install the DC/OS python tools to the virtualenv 5. Build the release using the release tool

These steps can all be done by hand and customized / tweaked like standard python projects. You can hand create a virtualenvironment, and then do an editable pip install (pip install -e) to have a "live" working environment (as you change code you can run the tool and see the results).

Release Tool Configuration

This release tool always loads the config in dcos-release.config.yaml in the current directory.

The config is YAML. Inside it has two main sections. storage which contains a dictionary of different storage providers which the built artifacts should be sent to, and options which sets general DC/OS build configuration options.

Config values can either be specified directly, or you may use $ prefixed environment variables (the env variable must set the whole value).

Storage Providers

All the available storage providers are in release/storage. The configuration is a dictionary of a reference name for the storage provider (local, aws, my_azure), to the configuration.

Each storage provider (ex: aws.py) is an available kind prefix. The dictionary factories defines the suffix for a particular kind. For instance kind: aws_s3 would map to the S3StorageProvider.

The configuration options for a storage provider are the storage provider's constructor parameters.

Sample config storage that will save to my home directory (/home/cmaloney): yaml storage: local: kind: local_path path: /home/cmaloney/dcos-artifacts

Sample config that will store to a local archive path as well as AWS S3. To authenticate with AWS S3, reference the boto3 docs to learn how to configure access. yaml storage: aws: kind: aws_s3 bucket: downloads.dcos.io object_prefix: dcos download_url: https://downloads.dcos.io/dcos/ local: kind: local_path path: /mnt/big_artifact_store/dcos/

Repo Structure

DC/OS itself is composed of many individual components precisely configured to work together in concert.

This repo contains the release and package building tools necessary to produce installers for various on-premises and cloud platforms.

| Directory | Contents | | --------- | -------- | | cloud_images | Base OS image building tools | config | Release configuration | docs | Documentation | flake8_dcos_lint | Flake8 plugin for testing code quality | dcos_installer | Backend for Web, SSH, and some bits of the Advanced installer. Code is being cleaned up | gen | Python library for rendering yaml config files for various platforms into packages, with utilities to do things like make "late binding" config set by CloudFormation | packages | Packages which make up DC/OS (Mesos, Marathon, AdminRouter, etc). These packages are built by pkgpanda, and combined into a "bootstrap" tarball for deployment. | pkgpanda | DC/OS baseline/host package management system. Tools for building, deploying, upgrading, and bundling packages together which live on the root filesystem of a machine / underneath Mesos. | release | Release tools for DC/OS. (Building releases, building installers for releases, promoting between channels) | ssh | AsyncIO based parallel ssh library used by the installer | test_util | various scripts, utilities to help with integration testing

Pull Requests Statuses

Pull requests automatically trigger a new DC/OS build and run several tests. These are the details on the various status checks against a DC/OS Pull Request.

| Status Check | Purpose | Source and Dependencies | |------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------| | continuous-integration/jenkins/pr-head | Admin Router Endpoint tests | dcos/dcos/packages/adminrouter/extra/src/test-harness Docker Dependency: dcos/dcos/packages/adminrouter | | mergebot/enterprise/build-status/aggregate | EE Test Enforcement | Private mesosphere/dcos-enterprise repo is tested against the SHA.| | mergebot/enterprise/has_ship-it | Code Review Enforcement | Private Mergebot service in prod cluster | | mergebot/enterprise/review/approved/min_2 | Code Review Enforcement | Mergebot service in prod cluster | | mergebot/has_ship-it | Code Review Enforcement | Mergebot service in prod cluster | | mergebot/review/approved/min_2 | Code Review Enforcement | Mergebot service in prod cluster | | teamcity/dcos/build/dcos | Builds DCOS Image (dcos_generate_config.sh) | gen/build_deploy/bash.py | | teamcity/dcos/build/tox | Runs check-style, unit-tests | tox.ini | | teamcity/dcos/test/aws/cloudformation/simple | Deployment using single-master-cloudformation.json and runs integration tests | gen/build_deploy/aws.py, | | teamcity/dcos/test/terraform/aws/onprem/static/group{1..n} | Installation via dcos_generation_config.sh and runs Integration Tests | gen/build_deploy/bash.py, | | teamcity/dcos/test/test-e2e/group{1..n} | End to End Tests. Each Test launches a cluster, exercises a functionality. | test-e2e

Required vs Non-Required Status checks

A PR status check may be marked as Required or Not-Required (Default). The required status checks are necessary for applying a ship-it label, which makes the PR eligible for merge. A non-required status check is completely informational, and the success or the failure of the status check does not, in any way, impact the merge of the PR.

The required status checks are encoded in the repo's megebot-config (For .e.g: https://github.com/dcos/dcos/blob/master/mergebot-config.json#L38) and are enforced by mergebot.

Issues

build(deps): bump setuptools from 41.1.0 to 65.5.1 in /packages/dcos-integration-test

opened on 2022-12-27 15:36:49 by dependabot[bot]

Bumps setuptools from 41.1.0 to 65.5.1.

Release notes

Sourced from setuptools's releases.

v65.5.1

No release notes provided.

v65.5.0

No release notes provided.

v65.4.1

No release notes provided.

v65.4.0

No release notes provided.

v65.3.0

No release notes provided.

v65.2.0

No release notes provided.

v65.1.1

No release notes provided.

v65.1.0

No release notes provided.

v65.0.2

No release notes provided.

v65.0.1

No release notes provided.

v65.0.0

No release notes provided.

v64.0.3

No release notes provided.

v64.0.2

No release notes provided.

v64.0.1

No release notes provided.

v64.0.0

No release notes provided.

v63.4.3

No release notes provided.

v63.4.2

No release notes provided.

... (truncated)

Changelog

Sourced from setuptools's changelog.

v65.5.1

Misc ^^^^

#3638: Drop a test dependency on the mock package, always use :external+python:py:mod:unittest.mock -- by :user:hroncok

#3659: Fixed REDoS vector in package_index.

v65.5.0

Changes ^^^^^^^

#3624: Fixed editable install for multi-module/no-package src-layout projects.

#3626: Minor refactorings to support distutils using stdlib logging module.

Documentation changes ^^^^^^^^^^^^^^^^^^^^^

#3419: Updated the example version numbers to be compliant with PEP-440 on the "Specifying Your Project’s Version" page of the user guide.

Misc ^^^^

#3569: Improved information about conflicting entries in the current working directory and editable install (in documentation and as an informational warning).

#3576: Updated version of validate_pyproject.

v65.4.1

Misc ^^^^

#3613: Fixed encoding errors in expand.StaticModule when system default encoding doesn't match expectations for source files.

#3617: Merge with pypa/[email protected] including fix for pypa/distutils#181.

v65.4.0

Changes ^^^^^^^

#3609: Merge with pypa/[email protected] including support for DIST_EXTRA_CONFIG in pypa/distutils#177.

v65.3.0

... (truncated)

Commits

a462cb5 Bump version: 65.5.0 → 65.5.1
de35d8b Merge pull request #3656 from bmorris3/typos
58e23de Update changelog. Ref #3659.
43a9c9b Limit the amount of whitespace to search/backtrack. Fixes #3659.
5791343 Add test capturing failed expectation. Ref #3659.
1f97905 ⚫ Fade to black.
6254567 Remove workaround for emacs.
729b180 ⚫ Fade to black.
c068081 Typo corrections
f777a40 Suppress deprecation warning in --rsyncdir. Workaround for #3655.
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dcos/dcos/network/alerts).

build(deps): bump wheel from 0.33.1 to 0.38.1

opened on 2022-12-26 20:53:01 by dependabot[bot]

Bumps wheel from 0.33.1 to 0.38.1.

Changelog

Sourced from wheel's changelog.

Release Notes

UNRELEASED

Updated vendored packaging to 22.0

0.38.4 (2022-11-09)

Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

0.38.3 (2022-11-08)

Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

0.38.2 (2022-11-05)

Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

0.38.1 (2022-11-04)

Removed install dependency on setuptools

The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

0.38.0 (2022-10-21)

Dropped support for Python < 3.7

Updated vendored packaging to 21.3

Replaced all uses of distutils with setuptools

The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.

Fixed potential DoS attack via the WHEEL_INFO_RE regular expression

Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

0.37.1 (2021-12-22)

Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)

Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

0.37.0 (2021-08-09)

Added official Python 3.10 support

Updated vendored packaging library to v20.9

... (truncated)

Commits

6f1608d Created a new release
cf8f5ef Moved news item from PR #484 to its proper place
9ec2016 Removed install dependency on setuptools (#483)
747e1f6 Fixed PyPy SOABI parsing (#484)
7627548 [pre-commit.ci] pre-commit autoupdate (#480)
7b9e8e1 Test on Python 3.11 final
a04dfef Updated the pypi-publish action
94bb62c Fixed docs not building due to code style changes
d635664 Updated the codecov action to the latest version
fcb94cd Updated version to match the release
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

build(deps): bump wheel from 0.33.1 to 0.38.1 in /test-e2e

opened on 2022-12-26 20:52:55 by dependabot[bot]

Bumps wheel from 0.33.1 to 0.38.1.

Changelog

Sourced from wheel's changelog.

Release Notes

UNRELEASED

Updated vendored packaging to 22.0

0.38.4 (2022-11-09)

Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

0.38.3 (2022-11-08)

Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

0.38.2 (2022-11-05)

Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

0.38.1 (2022-11-04)

Removed install dependency on setuptools

The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

0.38.0 (2022-10-21)

Dropped support for Python < 3.7

Updated vendored packaging to 21.3

Replaced all uses of distutils with setuptools

The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.

Fixed potential DoS attack via the WHEEL_INFO_RE regular expression

Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

0.37.1 (2021-12-22)

Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)

Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

0.37.0 (2021-08-09)

Added official Python 3.10 support

Updated vendored packaging library to v20.9

... (truncated)

Commits

6f1608d Created a new release
cf8f5ef Moved news item from PR #484 to its proper place
9ec2016 Removed install dependency on setuptools (#483)
747e1f6 Fixed PyPy SOABI parsing (#484)
7627548 [pre-commit.ci] pre-commit autoupdate (#480)
7b9e8e1 Test on Python 3.11 final
a04dfef Updated the pypi-publish action
94bb62c Fixed docs not building due to code style changes
d635664 Updated the codecov action to the latest version
fcb94cd Updated version to match the release
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

CVE-2007-4559 Patch

opened on 2022-11-03 13:31:19 by TrellixVulnTeam

Patching CVE-2007-4559

Hi, we are security researchers from the Advanced Research Center at Trellix. We have began a campaign to patch a widespread bug named CVE-2007-4559. CVE-2007-4559 is a 15 year old bug in the Python tarfile package. By using extract() or extractall() on a tarfile object without sanitizing input, a maliciously crafted .tar file could perform a directory path traversal attack. We found at least one unsantized extractall() in your codebase and are providing a patch for you via pull request. The patch essentially checks to see if all tarfile members will be extracted safely and throws an exception otherwise. We encourage you to use this patch or your own solution to secure against CVE-2007-4559. Further technical information about the vulnerability can be found in this blog.

If you have further questions you may contact us through this projects lead researcher Kasimir Schulz.

build(deps): bump pyjwt from 1.7.1 to 2.4.0 in /test-e2e

opened on 2022-05-25 06:12:55 by dependabot[bot]

Bumps pyjwt from 1.7.1 to 2.4.0.

Release notes

Sourced from pyjwt's releases.

2.4.0

Security

[CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24

What's Changed

Add support for Python 3.10 by @hugovk in jpadilla/pyjwt#699

Don't use implicit optionals by @rekyungmin in jpadilla/pyjwt#705

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#708

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#710

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#711

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#712

documentation fix: show correct scope for decode_complete() by @sseering in jpadilla/pyjwt#661

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#716

Explicit check the key for ECAlgorithm by @estin in jpadilla/pyjwt#713

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#720

api_jwk: Add PyJWKSet.getitem by @woodruffw in jpadilla/pyjwt#725

Update usage.rst by @guneybilen in jpadilla/pyjwt#727

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#728

fix: Update copyright information by @kkirsche in jpadilla/pyjwt#729

Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in jpadilla/pyjwt#734

Fixed typo in usage.rst by @israelabraham in jpadilla/pyjwt#738

Add detached payload support for JWS encoding and decoding by @fviard in jpadilla/pyjwt#723

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#740

Raise DeprecationWarning for jwt.decode(verify=...) by @akx in jpadilla/pyjwt#742

Don't mutate options dictionary in .decode_complete() by @akx in jpadilla/pyjwt#743

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#748

Replace various string interpolations with f-strings by @akx in jpadilla/pyjwt#744

Update CHANGELOG.rst by @hipertracker in jpadilla/pyjwt#751

New Contributors

@hugovk made their first contribution in jpadilla/pyjwt#699

@rekyungmin made their first contribution in jpadilla/pyjwt#705

@sseering made their first contribution in jpadilla/pyjwt#661

@estin made their first contribution in jpadilla/pyjwt#713

@woodruffw made their first contribution in jpadilla/pyjwt#725

@guneybilen made their first contribution in jpadilla/pyjwt#727

@dmahr1 made their first contribution in jpadilla/pyjwt#734

@israelabraham made their first contribution in jpadilla/pyjwt#738

@fviard made their first contribution in jpadilla/pyjwt#723

@akx made their first contribution in jpadilla/pyjwt#742

@hipertracker made their first contribution in jpadilla/pyjwt#751

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0

2.3.0

What's Changed

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#700

Add exception chaining by @ehdgua01 in jpadilla/pyjwt#702

Revert "Remove arbitrary kwargs." by @auvipy in jpadilla/pyjwt#701

... (truncated)

Changelog

Sourced from pyjwt's changelog.

`v2.4.0 <https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0>`__

Security


- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
Changed

- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713
- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742

Fixed
~~~~~

- Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705
- documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661
- fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729
- Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743

Added
~~~~~

- Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699
- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725
- Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727
- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734
- Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738
- Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723
- Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744
- Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751

`v2.3.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.2.0...2.3.0&gt;`__
-----------------------------------------------------------------------

Fixed
~~~~~

- Revert &quot;Remove arbitrary kwargs.&quot; `[#701](https://github.com/jpadilla/pyjwt/issues/701) &lt;https://github.com/jpadilla/pyjwt/pull/701&gt;`__

Added
~~~~~

- Add exception chaining `[#702](https://github.com/jpadilla/pyjwt/issues/702) &lt;https://github.com/jpadilla/pyjwt/pull/702&gt;`__

`v2.2.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0&gt;`__
-----------------------------------------------------------------------

&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>

<ul>
<li><a href="https://github.com/jpadilla/pyjwt/commit/83ff831a4d11190e3a0bed781da43f8d84352653"><code>83ff831</code></a> chore: update changelog</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/4c1ce8fd9019dd312ff257b5141cdb6d897379d9"><code>4c1ce8f</code></a> chore: update changelog</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/96f3f0275745c5a455c019a0d3476a054980e8ea"><code>96f3f02</code></a> fix: failing advisory test</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc"><code>9c52867</code></a> Merge pull request from GHSA-ffqj-6fqr-9h24</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/24b29adfebcb4f057a3cef5aaf35653bc0c1c8cc"><code>24b29ad</code></a> Update CHANGELOG.rst (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/751">#751</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/31f5acb8fb3ec6cdfe2b1b0a4a8f329b5f3ca67f"><code>31f5acb</code></a> Replace various string interpolations with f-strings (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/744">#744</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/5581a31c21de70444c1162bcfa29f7e0fc86edda"><code>5581a31</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/748">#748</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/3d4d82248f1120c87f1f4e0e8793eaa1d54843a6"><code>3d4d822</code></a> Don't mutate options dictionary in .decode_complete() (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/743">#743</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/1f1fe15bb41846c602b3e106176b2c692b93a613"><code>1f1fe15</code></a> Add a deprecation warning when jwt.decode() is called with the legacy verify=...</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/35fa28e59d99b99c6a780d2a029a74d6bbba8b1e"><code>35fa28e</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/740">#740</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/1.7.1...2.4.0">compare view</a></li>
</ul>
</details>

<br />



[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=1.7.1&new-version=2.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---


Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dcos/dcos/network/alerts).



build(deps): bump pyjwt from 1.7.1 to 2.4.0 in /packages/dcos-integration-test

opened on 2022-05-25 03:15:18 by dependabot[bot]
Bumps pyjwt from 1.7.1 to 2.4.0.

Release notes
Sourced from pyjwt's releases.

2.4.0
Security

[CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24

What's Changed

Add support for Python 3.10 by @hugovk in jpadilla/pyjwt#699
Don't use implicit optionals by @rekyungmin in jpadilla/pyjwt#705
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#708
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#710
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#711
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#712
documentation fix: show correct scope for decode_complete() by @sseering in jpadilla/pyjwt#661
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#716
Explicit check the key for ECAlgorithm by @estin in jpadilla/pyjwt#713
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#720
api_jwk: Add PyJWKSet.getitem by @woodruffw in jpadilla/pyjwt#725
Update usage.rst by @guneybilen in jpadilla/pyjwt#727
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#728
fix: Update copyright information by @kkirsche in jpadilla/pyjwt#729
Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in jpadilla/pyjwt#734
Fixed typo in usage.rst by @israelabraham in jpadilla/pyjwt#738
Add detached payload support for JWS encoding and decoding by @fviard in jpadilla/pyjwt#723
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#740
Raise DeprecationWarning for jwt.decode(verify=...) by @akx in jpadilla/pyjwt#742
Don't mutate options dictionary in .decode_complete() by @akx in jpadilla/pyjwt#743
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#748
Replace various string interpolations with f-strings by @akx in jpadilla/pyjwt#744
Update CHANGELOG.rst by @hipertracker in jpadilla/pyjwt#751

New Contributors

@hugovk made their first contribution in jpadilla/pyjwt#699
@rekyungmin made their first contribution in jpadilla/pyjwt#705
@sseering made their first contribution in jpadilla/pyjwt#661
@estin made their first contribution in jpadilla/pyjwt#713
@woodruffw made their first contribution in jpadilla/pyjwt#725
@guneybilen made their first contribution in jpadilla/pyjwt#727
@dmahr1 made their first contribution in jpadilla/pyjwt#734
@israelabraham made their first contribution in jpadilla/pyjwt#738
@fviard made their first contribution in jpadilla/pyjwt#723
@akx made their first contribution in jpadilla/pyjwt#742
@hipertracker made their first contribution in jpadilla/pyjwt#751

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0
2.3.0
What's Changed

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#700
Add exception chaining by @ehdgua01 in jpadilla/pyjwt#702
Revert "Remove arbitrary kwargs." by @auvipy in jpadilla/pyjwt#701



... (truncated)


Changelog
Sourced from pyjwt's changelog.

v2.4.0 <https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0>__
Security

- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
Changed

- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713
- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742

Fixed
~~~~~

- Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705
- documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661
- fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729
- Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743

Added
~~~~~

- Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699
- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725
- Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727
- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734
- Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738
- Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723
- Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744
- Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751

`v2.3.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.2.0...2.3.0&gt;`__
-----------------------------------------------------------------------

Fixed
~~~~~

- Revert &quot;Remove arbitrary kwargs.&quot; `[#701](https://github.com/jpadilla/pyjwt/issues/701) &lt;https://github.com/jpadilla/pyjwt/pull/701&gt;`__

Added
~~~~~

- Add exception chaining `[#702](https://github.com/jpadilla/pyjwt/issues/702) &lt;https://github.com/jpadilla/pyjwt/pull/702&gt;`__

`v2.2.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0&gt;`__
-----------------------------------------------------------------------

&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>

<ul>
<li><a href="https://github.com/jpadilla/pyjwt/commit/83ff831a4d11190e3a0bed781da43f8d84352653"><code>83ff831</code></a> chore: update changelog</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/4c1ce8fd9019dd312ff257b5141cdb6d897379d9"><code>4c1ce8f</code></a> chore: update changelog</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/96f3f0275745c5a455c019a0d3476a054980e8ea"><code>96f3f02</code></a> fix: failing advisory test</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc"><code>9c52867</code></a> Merge pull request from GHSA-ffqj-6fqr-9h24</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/24b29adfebcb4f057a3cef5aaf35653bc0c1c8cc"><code>24b29ad</code></a> Update CHANGELOG.rst (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/751">#751</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/31f5acb8fb3ec6cdfe2b1b0a4a8f329b5f3ca67f"><code>31f5acb</code></a> Replace various string interpolations with f-strings (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/744">#744</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/5581a31c21de70444c1162bcfa29f7e0fc86edda"><code>5581a31</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/748">#748</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/3d4d82248f1120c87f1f4e0e8793eaa1d54843a6"><code>3d4d822</code></a> Don't mutate options dictionary in .decode_complete() (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/743">#743</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/1f1fe15bb41846c602b3e106176b2c692b93a613"><code>1f1fe15</code></a> Add a deprecation warning when jwt.decode() is called with the legacy verify=...</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/35fa28e59d99b99c6a780d2a029a74d6bbba8b1e"><code>35fa28e</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/740">#740</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/1.7.1...2.4.0">compare view</a></li>
</ul>
</details>

<br />



[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=1.7.1&new-version=2.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---


Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dcos/dcos/network/alerts).



        
        
        Releases


Latest 1.9 release branch 2017-10-17 20:51:39


This is not an official release but just a pointer


Latest 1.8 release branch 2017-02-09 13:15:07


This is not an official release but just a pointer


    
        
            
                
                    
                    
                    DC/OS
                    
                
                
                Datacenter Operating System
                
                
                    GitHub Repository
                
                
                
                    Homepage
                
                
            
        
        
        
            
                
                    
                    dcos
                    
                    mesos
                    
                    python
                    
                    package-manager
                    
                    marathon
                    
                    mesos-dns
                    
                    docker
                    
                    cluster
                    
                    dcos-testing-guild