v1.17.4 Release Preparation

.github/workflows/release_notes.yml → .github/workflows/prepare_release.yml

@@ -1,10 +1,10 @@
-name: Release Notes Generator
+name: Release Prep
 
 on:
   workflow_dispatch:
     inputs:
       branch:
-        description: 'Branch to merge release notes into.'
+        description: 'Branch to merge release notes and code analysis into.'
         required: true
         default: 'main'
       version:
@@ -15,7 +15,7 @@ on:
           'Date of the release. Must be in format YYYY-MM-DD.'
 
 jobs:
-  releasenotesgeneration:
+  preparerelease:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -28,6 +28,8 @@ jobs:
         run: |
             python -m pip install --upgrade pip
             python -m pip install requests==2.31.0
+            python -m pip install bandit==1.7.7
+            python -m pip install .[test]
 
       - name: Generate release notes
         env:
@@ -37,16 +39,19 @@ jobs:
             -v ${{ inputs.version }}
             -d ${{ inputs.date }}
 
+      - name: Save static code analysis
+        run: bandit -r . -x ./tests,./scripts,./build -f txt -o static_code_analysis.txt --exit-zero
+
       - name: Create pull request
         id: cpr
         uses: peter-evans/create-pull-request@v4
         with:
           token: ${{ secrets.GH_ACCESS_TOKEN }}
-          commit-message: Release notes for v${{ inputs.version }}
+          commit-message: Prepare release for v${{ inputs.version }}
           author: "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>"
           committer: "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>"
-          title: v${{ inputs.version }} Release Notes
-          body: "This is an auto-generated PR to update the release notes."
-          branch: release-notes
+          title: v${{ inputs.version }} Release Preparation
+          body: "This is an auto-generated PR to prepare the release."
+          branch: prepared-release
           branch-suffix: short-commit-hash
           base: ${{ inputs.branch }}

HISTORY.md

@@ -1,6 +1,22 @@
 # Release Notes
 
-### v1.17.3 - 2024-12-17
+### v1.17.4 - 2025-01-09
+
+### New Features
+
+* Update the warning that's displayed when using HMA on complex schemas - Issue [#2277](https://github.com/sdv-dev/SDV/issues/2277) by @R-Palazzo
+
+### Bugs Fixed
+
+* Metadata `anonymize` doesn't produce the right `METADATA_SPEC_VERSION` - Issue [#2304](https://github.com/sdv-dev/SDV/issues/2304) by @R-Palazzo
+* GaussianCopula `get_learned_distributions` crashes if nothing was learned - Issue [#2297](https://github.com/sdv-dev/SDV/issues/2297) by @R-Palazzo
+* Sampling with HMA Synthesizer generates many `SingleTableMetadata` deprecation warnings - Issue [#2290](https://github.com/sdv-dev/SDV/issues/2290) by @R-Palazzo
+
+### Maintenance
+
+* Combine  `static_code_analysis.yml` with `release_notes.yml` - Issue [#2305](https://github.com/sdv-dev/SDV/issues/2305) by @R-Palazzo
+
+## v1.17.3 - 2024-12-17
 
 ### Maintenance
 

static_code_analysis.txt

@@ -1,18 +1,6 @@
-Run started:2024-12-17 20:19:16.200992
+Run started:2025-01-09 11:44:50.561554
 
 Test results:
->> Issue: [B105:hardcoded_password_string] Possible hardcoded password: '# Release Notes
-
-'
-   Severity: Low   Confidence: Medium
-   CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
-   More Info: https://bandit.readthedocs.io/en/1.7.7/plugins/b105_hardcoded_password_string.html
-   Location: ./scripts/release_notes_generator.py:134:12
-133	
-134	    token = '# Release Notes\n\n'
-135	    split_index = history.find(token) + len(token) + 1
-
---------------------------------------------------
 >> Issue: [B110:try_except_pass] Try, Except, Pass detected.
    Severity: Low   Confidence: High
    CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
@@ -43,6 +31,16 @@ Test results:
 17	    assert path.exists(), 'The expected file was not found.'
 18	    module_path = path.parent
 
+--------------------------------------------------
+>> Issue: [B306:blacklist] Use of insecure and deprecated function (mktemp).
+   Severity: Medium   Confidence: High
+   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
+   More Info: https://bandit.readthedocs.io/en/1.7.7/blacklists/blacklist_calls.html#b306-mktemp-q
+   Location: ./sdv/logging/utils.py:23:19
+22	    else:
+23	        tmp_path = tempfile.mktemp(dir=store_path, suffix='.yml')
+24	        shutil.copyfile(config_path, tmp_path)
+
 --------------------------------------------------
 >> Issue: [B110:try_except_pass] Try, Except, Pass detected.
    Severity: Low   Confidence: High
@@ -59,29 +57,29 @@ Test results:
    Severity: Low   Confidence: High
    CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
    More Info: https://bandit.readthedocs.io/en/1.7.7/plugins/b110_try_except_pass.html
-   Location: ./sdv/multi_table/hma.py:354:12
-353	                    index.append(foreign_key_value)
-354	            except Exception:
-355	                # Skip children rows subsets that fail
-356	                pass
-357	
+   Location: ./sdv/multi_table/hma.py:355:12
+354	                    index.append(foreign_key_value)
+355	            except Exception:
+356	                # Skip children rows subsets that fail
+357	                pass
+358	
 
 --------------------------------------------------
 
 Code scanned:
-	Total lines of code: 12942
+	Total lines of code: 12828
 	Total lines skipped (#nosec): 0
 	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
 
 Run metrics:
 	Total issues (by severity):
 		Undefined: 0
-		Low: 6
-		Medium: 0
+		Low: 5
+		Medium: 1
 		High: 0
 	Total issues (by confidence):
 		Undefined: 0
 		Low: 0
-		Medium: 2
-		High: 4
+		Medium: 1
+		High: 5
 Files skipped (0):