[release-announce] blazar-dashboard 4.0.0 (victoria)

no-reply at openstack.org no-reply at openstack.org
Wed Oct 14 10:07:38 UTC 2020 

We are ecstatic to announce the release of:

blazar-dashboard 4.0.0: Horizon plugin for the Blazar Reservation
Service for OpenStack

This release is part of the victoria release series.

The source is available from:

    https://opendev.org/openstack/blazar-dashboard

Download the package from:

    https://tarballs.openstack.org/blazar-dashboard/

Please report issues through:

    https://bugs.launchpad.net/blazar/+bugs

For more details, please see below.

4.0.0
^^^^^

Security Issues

* Uses "json.loads` instead of ``eval()" for JSON parsing, which
  could allow users of the Blazar dashboard to trigger code execution
  on the Horizon host as the user the Horizon service runs under.

Changes in blazar-dashboard 3.0.0..4.0.0
----------------------------------------

5c7608d Use json.loads instead of eval for JSON parsing
77d4edc Update TOX_CONSTRAINTS_FILE for stable/victoria
85a2a1a Update .gitreview for stable/victoria
f494ec1 Cleanup for Refactor-error-messages
1bc2c22 drop mock from lower-constraints and requirements
daf0e0d Stop to use the __future__ module.
dd86bf5 Add Python3 victoria unit tests
b3d4325 Update master for stable/ussuri
d249b80 Switch to newer openstackdocstheme and reno versions
76040f4 Bump default tox env from py37 to py38
049594c Add py38 package metadata
98944bf Fix hacking min version to 3.0.1
4209178 Fix build of html docs


Diffstat (except docs and test files)
-------------------------------------

.gitreview                                                  |  1 +
.zuul.yaml                                                  |  2 +-
blazar_dashboard/api/client.py                              |  5 ++---
blazar_dashboard/content/hosts/forms.py                     |  9 +++++----
blazar_dashboard/content/hosts/workflows.py                 |  7 ++++---
blazar_dashboard/content/leases/forms.py                    | 11 ++++++-----
blazar_dashboard/test/test_data/blazar_data.py              |  4 ++--
lower-constraints.txt                                       |  1 -
releasenotes/notes/remove-use-of-eval-ef359dec791c97cd.yaml |  6 ++++++
releasenotes/source/conf.py                                 |  9 +++++----
releasenotes/source/index.rst                               |  1 +
releasenotes/source/ussuri.rst                              |  6 ++++++
setup.cfg                                                   |  1 +
test-requirements.txt                                       |  3 +--
tox.ini                                                     | 10 +++++-----
17 files changed, 55 insertions(+), 37 deletions(-)


Requirements updates
--------------------

diff --git a/test-requirements.txt b/test-requirements.txt
index b993b1e..6ec717e 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -10 +10 @@
-hacking>=3.0,<3.1.0 # Apache-2.0
+hacking>=3.0.1,<3.1.0 # Apache-2.0
@@ -13 +12,0 @@ coverage!=4.4,>=4.0 # Apache-2.0
-mock>=2.0.0 # BSD

More information about the Release-announce mailing list