Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azure-storage-blob package update to 12.1.0 #1371

Closed
pymia opened this issue Jan 27, 2020 · 9 comments · Fixed by #2310
Closed

azure-storage-blob package update to 12.1.0 #1371

pymia opened this issue Jan 27, 2020 · 9 comments · Fixed by #2310
Assignees
@adriangonz
Labels
priority/p2
Milestone
1.3

Comments

@pymia
Copy link

pymia commented Jan 27, 2020

the latest azure-storage-blob is 12.1.0, Seldon is using azure-storage-blob >= 2.0.1, < 3.0.0, which is the legacy version. It will be great to update to the latest package.
@pymia pymia added the triage Needs to be triaged and prioritised accordingly label Jan 27, 2020
@ukclivecox ukclivecox removed the triage Needs to be triaged and prioritised accordingly label Jan 31, 2020
@ukclivecox ukclivecox added this to the 1.1 milestone Jan 31, 2020
@ukclivecox
Copy link
Contributor

Lets put fix in kfserving project as that is where the code is.

@axsaucedo axsaucedo modified the milestones: 1.1, 1.2 Feb 17, 2020
@ukclivecox ukclivecox removed this from the 1.2 milestone Apr 23, 2020
@adriangonz
Copy link
Contributor

/priority p2

@axsaucedo axsaucedo added this to the 1.2 milestone Jul 15, 2020
@ukclivecox ukclivecox modified the milestones: 1.2, 1.3 Jul 16, 2020
@anggao
Copy link
Contributor

anggao commented Jul 31, 2020

Would be great to have this fixed in v1.3, as mlflow 1.10.0 has requirement azure-storage-blob>=12.0

@anggao
Copy link
Contributor

anggao commented Aug 6, 2020

@axsaucedo If this can be included in the patch release would be great, thank you!

@axsaucedo
Copy link
Contributor

It seems we just got flagged a (medium) vulnerability from azure storage, so we'll have to prioritise. Report: https://snyk.io/vuln/SNYK-PYTHON-IPADDRESS-590065

@axsaucedo
Copy link
Contributor

Currently the storage.py dependency is linked to the kfserving dependencies, so we'll have to update it there https://github.com/kubeflow/kfserving/blob/master/python/kfserving/requirements.txt

@axsaucedo
Copy link
Contributor

Just to follow-up on this one, it seems that the vulnerability is still TBC on resolve timeline. We'll have to confirm it gets resolved with the iptables library first. There is an open issue that is looking at it phihag/ipaddress#55

@anggao
Copy link
Contributor

anggao commented Aug 18, 2020

There is a ticket in kfserving to upgrade it: kserve/kserve#923

@ukclivecox
Copy link
Contributor

We plan to remove storage.py to reduce dependencies in the python module.

@adriangonz adriangonz mentioned this issue Aug 21, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@adriangonz adriangonz

Labels
priority/p2
Projects
None yet
Milestone
1.3
Development

Successfully merging a pull request may close this issue.

Remove cloud storage from Python package adriangonz/seldon-core
6 participants
@anggao @axsaucedo @adriangonz @pymia @ukclivecox @seldondev