-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump cryptography version with snowflake connector newer version #2896
Comments
Hi, bumping the version of Bumping the version will also help avoid dependency conflicts with libraries that have upgraded |
Thanks for the writeup @plotneishestvo, and for weighing in @plazar! We had an automated PR (#2858) to bump It sounds like your recommendation is:
I'd welcome a PR that upgrades both. We're very defensive with version requirements of |
Describe the bug
A clear and concise description of what the bug is. What command did you run? What happened?
Hi, we are trying to keep our dependencies up to date with security updates and I see that in the docker dependencies dbt has fixed version of cryptography 3.2 but in the snowflake plugin, it is still required cryptography version less than 3. The new snowflake connector library versions starting from 2.3.5 are supporting fixed cryptography version. Can we update those in dbt-snowflake plugin requirements too?
Steps To Reproduce
In as much detail as possible, please provide steps to reproduce the issue. Sample data that triggers the issue, example model code, etc is all very helpful here.
You can try to install with pip dbt with dbt-snowflake plugin along side with new cryptography and snowflake client versions
Expected behavior
A clear and concise description of what you expected to happen.
Pip installs in the same virtual env cryptography version >= 3.2 along side with dbt-snowflake and snowfalke-connector version >= 2.3.5
Screenshots and log output
If applicable, add screenshots or log output to help explain your problem.
log output:
System information
Which database are you using dbt with?
The output of
dbt --version
:Even though we still use 0.17.0 in the current latest master I still see vulnerable cryptography version
The operating system you're using:
MacOs and Linux
The output of
python --version
:Python 3.6.5
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: