Skip to content

Release 2022.01.17
Compare
Choose a tag to compare
@harshad16 harshad16 released this 17 Jan 18:45
· 820 commits to master since this release
v2022.01.17
e33fd34
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

we have completed the 1st release of 2022.
v2022.01.17 πŸŽ‰ 🎊 πŸ₯³

Features

TensorFlow 2.8 symbols

Thoth's database of TensorFlow symbols has been updated. It now keeps also symbols for the upcoming TensorFlow~=2.8.0 releases. This way, users of Thoth can get recommendations based on TF API used.

API endpoint for listing available Python package versions for environments

Starting this release, consumers of Thoth's user-api endpoints can list Python versions solved based on environments. An example can be an HTTP GET request to obtain all the releases of flask solved by Thoth for UBI8 Python 3.8 environment.

API endpoint for obtaining Python package metadata and dependency information

Yet another new endpoint exposes information about Python package metadata computed and kept up to date by the system. This endpoint shows metadata for versions of Python packages, but also includes dependency information that cannot be found on PyPI - this dependency information is specific for environments used to solve packages and does not include just "latest" as in case of deps.dev. The dependency information is kept up to date by the system (based on new releases monitored on indexes, analyzed, and solved by Thoth). This new endpoint replaces /python/package/metadata which is now obsolete and will be removed in one of the upcoming releases

Proper paginating in User API REST endpoints

Consumers of Thoth User API REST endpoints are now able to browse exposed content respecting pagination. The pagination information is available in HTTP response headers on endpoints that provide paginated entries. Notably, HTTP headers provide:

  • next - for the next page in the paginated response, if any
  • prev - for the previous page in the paginated response, if any
  • page - page number to show, allows also negative indexing which loops the pagination
  • per_page - number of entries shown per single page
  • entries_count - number of entries in total
  • page_count - number of pages available

Related:

thamos verify command to check lockfile hash

A new sub-command verifies the correctness of requirements based on their hash. This way, the newly introduced sub-command thamos verify shows if requirements for the configured runtime environments correspond to the lockfile created. By doing so, users can make sure there are no changes made that would require re-triggering new advise requests to the backend to generate a new lock file. This sub-command can be also used in tooling that uses Thamos to verify requirements were not adjusted and do not require a new lockfile.

Prescription refresh workflow has a new handler for image analysis

This handler uses information collected from image analysis to create prescriptions about container images. In this way, users can identify secure, maintained containers to run their applications directly from Thoth recommendations.

Polished and updated OpenAPI specification for Thoth User API

This release is shipped with polished and updated OpenAPI specification which documents endpoints, inputs, responses:

Added detailed Python package routing in Thoth Search

This release uses the new User API metadata endpoint that breaks down metadata into OS name, version, and Python version. Selectors were added to accommodate this change .

Prioritizing Thoth data and changing the name to search

In this release, Thoth Search is renamed to search and no longer uses PyPi data as a source. If Thoth has no info on a package, then it is given null values.

Managing Vulnerabilities with Thoth Tutorial

The Managing Vulnerabilities with Thoth tutorial based on cli-examples publicly accessible on Red Hat Scholars provides a reproducible example of vulnerability management for the stack of a simple application via the Thamos CLI, and contains further references to other functionalities available with Thoth.

Component Updates

Thanks for the amazing work everyone. πŸ’―

Assets 2
Loading