Releases: GSA/notifications-api
Releases · GSA/notifications-api
7-22-2025 Production Deploy
What's Changed
- Bump cyclonedx-python-lib from 10.2.0 to 10.3.0 by @dependabot[bot] in #1806
- Bump pytest-xdist from 3.7.0 to 3.8.0 by @dependabot[bot] in #1807
- Bump cryptography from 45.0.4 to 45.0.5 by @dependabot[bot] in #1808
- increase code coverage to 94% by @terrazoon in #1804
- Bump typing-extensions from 4.14.0 to 4.14.1 by @dependabot[bot] in #1809
- Bump cloudfoundry-client from 1.38.5 to 1.38.6 by @dependabot[bot] in #1813
- Bump moto from 5.1.6 to 5.1.8 by @dependabot[bot] in #1812
- Bump bandit from 1.8.5 to 1.8.6 by @dependabot[bot] in #1811
- more tests by @terrazoon in #1810
- Bump phonenumbers from 9.0.8 to 9.0.9 by @dependabot[bot] in #1816
- Bump cyclonedx-python-lib from 10.3.0 to 10.4.1 by @dependabot[bot] in #1815
- Bump alembic from 1.16.2 to 1.16.3 by @dependabot[bot] in #1814
- fix cronitor task name by @terrazoon in #1819
- fix acceptable_finish_time by @terrazoon in #1820
- fix eventlet sleep by @terrazoon in #1825
- Bump certifi from 2025.6.15 to 2025.7.9 by @dependabot[bot] in #1821
- Bump aiohttp from 3.12.13 to 3.12.14 by @dependabot[bot] in #1827
- Bump alembic from 1.16.3 to 1.16.4 by @dependabot[bot] in #1826
- fix cronitor by @terrazoon in #1824
- add eventlet debugging by @terrazoon in #1828
- whoops by @terrazoon in #1830
- fix celery bug by @terrazoon in #1832
- Bump freezegun from 1.5.2 to 1.5.3 by @dependabot[bot] in #1833
- Bump certifi from 2025.7.9 to 2025.7.14 by @dependabot[bot] in #1834
- Celery tasks by @terrazoon in #1835
- fix monkeypatching by @terrazoon in #1836
- Bump faker from 37.4.0 to 37.4.2 by @dependabot[bot] in #1837
- more invite debug by @terrazoon in #1838
- reduce eventlet concurrency and turn off debug by @terrazoon in #1839
- Bump jsonschema from 4.24.0 to 4.24.1 by @dependabot[bot] in #1840
- fix minor bug where subject is missing by @terrazoon in #1842
- Bump s3transfer from 0.13.0 to 0.13.1 by @dependabot[bot] in #1843
- Bump jsonschema from 4.24.1 to 4.25.0 by @dependabot[bot] in #1844
- Bump phonenumbers from 9.0.9 to 9.0.10 by @dependabot[bot] in #1845
- Updated dependabot yml to remove depecrated review assignment by @alexjanousekGSA in #1846
- Bump virtualenv from 20.31.2 to 20.32.0 by @dependabot[bot] in #1847
- Bump cyclonedx-python-lib from 10.4.1 to 11.0.0 by @dependabot[bot] in #1848
- add system certs package by @terrazoon in #1849
- revert pip-system-certs by @terrazoon in #1850
Full Changelog: 06/30/2025...7-22-2025
Contributors
terrazoon, dependabot, and alexjanousekGSA
Assets 2
06-30-2025 Production Deploy
What's Changed
- Bump aiohttp from 3.12.12 to 3.12.13 by @dependabot in #1783
- Bump alembic from 1.16.1 to 1.16.2 by @dependabot in #1781
- Bump moto from 5.1.5 to 5.1.6 by @dependabot in #1782
- Bump cachetools from 6.0.0 to 6.1.0 by @dependabot in #1780
- Bump pytest-cov from 6.1.1 to 6.2.1 by @dependabot in #1777
- add warning to log out before accepting invite by @terrazoon in #1775
- fix drift by @terrazoon in #1778
- Updating dependencies before dependabot by @alexjanousekGSA in #1772
- bring code from the notifications-python-client project into our project by @terrazoon in #1766
- Bump newrelic from 10.13.0 to 10.14.0 by @dependabot in #1787
- Bump cloudfoundry-client from 1.38.3 to 1.38.4 by @dependabot in #1789
- Bump flake8 from 7.2.0 to 7.3.0 by @dependabot in #1788
- Bump cloudfoundry-client from 1.38.4 to 1.38.5 by @dependabot in #1792
- Bump numpy from 2.3.0 to 2.3.1 by @dependabot in #1791
- Bump eventlet from 0.40.0 to 0.40.1 by @dependabot in #1795
- Bump python-dotenv from 1.1.0 to 1.1.1 by @dependabot in #1794
- clean up logs by @terrazoon in #1793
- fix drift by @terrazoon in #1784
- Updated readme by @alexjanousekGSA in #1796
- fix input handling by @terrazoon in #1786
- upgrade to python 3.13.2 by @terrazoon in #1785
- revert python upgrade again by @terrazoon in #1798
- Bump click-plugins from 1.1.1 to 1.1.1.2 by @dependabot in #1800
- Bump phonenumbers from 9.0.7 to 9.0.8 by @dependabot in #1799
- more input checking by @terrazoon in #1802
- Bump lxml from 5.4.0 to 6.0.0 by @dependabot in #1803
- Updated the job listing query to sort by the most recent activity by @heyitsmebev in #1797
- upgrade to python 3.12.9 by @terrazoon in #1801
Full Changelog: 06-16-2025...06/30/2025
Contributors
terrazoon, dependabot, and 2 other contributors
Assets 2
06/16/2025 Production Deploy
Picks up changes to message limits
06/12/2025 Production Deploy
What's Changed
- Remove extra vulnerability from our ignore list by @ccostino in #1747
- Update daily checks to match PR checks by @ccostino in #1748
- Bump celery from 5.5.2 to 5.5.3 by @dependabot in #1750
- Bump pytest from 8.3.5 to 8.4.0 by @dependabot in #1751
- python upgrade to 3.13.2 by @terrazoon in #1745
- get rid of oscrypto by @terrazoon in #1752
- Unpin egress proxy release by @ccostino in #1754
- improve debug of external issues by @terrazoon in #1755
- Add one more cert environment variable by @ccostino in #1756
- Python manual unwind by @terrazoon in #1761
- Bump requests from 2.32.3 to 2.32.4 by @dependabot in #1763
- Bump phonenumbers from 9.0.6 to 9.0.7 by @dependabot in #1762
- Bump newrelic from 10.12.0 to 10.13.0 by @dependabot in #1764
- Update Marshmallow and SQLAlchemy dependencies by @ccostino in #1678
- Bump cryptography from 45.0.3 to 45.0.4 by @dependabot in #1771
- Bump cyclonedx-python-lib from 10.1.0 to 10.2.0 by @dependabot in #1769
- Bump aiohttp from 3.12.11 to 3.12.12 by @dependabot in #1770
- Add new ADR 0014: Localize the notifications-python-client library by @ccostino in #1767
- check which services have csvs by @terrazoon in #1758
- Bump faker from 37.3.0 to 37.4.0 by @dependabot in #1773
Full Changelog: 5-30-2025...06-12-25
Contributors
ccostino, terrazoon, and dependabot
Assets 2
5/30/2025 Production Deploy
What's Changed
- change page size by @terrazoon in #1726
- Added @socketio.on(connect) and @socketio.on(disconnect) by @heyitsmebev in #1730
- Added false positive fix for scan by @alexjanousekGSA in #1721
- Bump jsonschema from 4.23.0 to 4.24.0 by @dependabot in #1734
- Bump pytest-mock from 3.14.0 to 3.14.1 by @dependabot in #1733
- Bump moto from 5.1.4 to 5.1.5 by @dependabot in #1736
- Bump cachetools from 5.4.0 to 6.0.0 by @dependabot in #1731
- Bump pytest-xdist from 3.6.1 to 3.7.0 by @dependabot in #1735
- Socket.IO 400 errors by @heyitsmebev in #1732
- Bump freezegun from 1.5.1 to 1.5.2 by @dependabot in #1741
- Bump setuptools from 80.8.0 to 80.9.0 by @dependabot in #1740
- Bump cryptography from 45.0.2 to 45.0.3 by @dependabot in #1739
- Updated pip-audit ignore-vulns by @ccostino in #1743
- Bump phonenumbers from 9.0.5 to 9.0.6 by @dependabot in #1742
- upgrade poetry by @terrazoon in #1738
- Add detect-secrets documentation by @ccostino in #1744
Full Changelog: 05-22-2025...5-30-2025
Contributors
ccostino, terrazoon, and 3 other contributors
Assets 2
05/22/2025 Production Deploy
What's Changed
- Update no_proxy and S3 error handling by @ccostino in #1697
- Pin egress proxy release by @ccostino in #1701
- Bump setuptools from 80.3.1 to 80.4.0 by @dependabot in #1700
- Bump phonenumbers from 9.0.4 to 9.0.5 by @dependabot in #1698
- try to replace blocking sleep call with nonblocking sleep call by @terrazoon in #1702
- revert eventlet upgrade by @terrazoon in #1706
- Bump newrelic from 10.11.0 to 10.12.0 by @dependabot in #1705
- Bump flask from 3.1.0 to 3.1.1 by @dependabot in #1707
- fix regenerate_job_cache by @terrazoon in #1710
- Bump setuptools from 80.4.0 to 80.6.0 by @dependabot in #1713
- Bump exceptiongroup from 1.2.2 to 1.3.0 by @dependabot in #1703
- Bump click from 8.1.8 to 8.2.0 by @dependabot in #1704
- Bump sqlalchemy from 2.0.40 to 2.0.41 by @dependabot in #1712
- Bump faker from 37.1.0 to 37.3.0 by @dependabot in #1711
- Bump setuptools from 80.6.0 to 80.7.1 by @dependabot in #1714
- Bump cryptography from 44.0.3 to 45.0.2 by @dependabot in #1718
- Bump cloudfoundry-client from 1.38.2 to 1.38.3 by @dependabot in #1715
- Bump shapely from 2.1.0 to 2.1.1 by @dependabot in #1717
- Bump numpy from 2.2.5 to 2.2.6 by @dependabot in #1716
- Update dependabot assignee by @alexjanousekGSA in #1722
- add sleep, more error handling, better debug message by @terrazoon in #1719
- Bump setuptools from 80.7.1 to 80.8.0 by @dependabot in #1723
- switch to fips endpoint by @terrazoon in #1724
- update readme by @heyitsmebev in #1725
- Bump click from 8.2.0 to 8.2.1 by @dependabot in #1727
- Bump alembic from 1.15.2 to 1.16.0 by @dependabot in #1728
Full Changelog: 05-07-2025...05-22-2025
Contributors
ccostino, terrazoon, and 3 other contributors
Assets 2
05-07-2025 Production Deploy
What's Changed
- Bump h11 from 0.14.0 to 0.16.0 by @dependabot in #1669
- Update instructions for managing DNS and domain configuration by @ccostino in #1673
- Add runbook for reviewing daily scans by @ccostino in #1676
- Expand the credential/secret rotation runbook by @ccostino in #1677
- Bump phonenumbers from 8.13.55 to 9.0.4 by @dependabot in #1675
- Bump celery from 5.4.0 to 5.5.2 by @dependabot in #1674
- Bump setuptools from 75.9.1 to 80.1.0 by @dependabot in #1680
- Bump alembic from 1.13.2 to 1.15.2 by @dependabot in #1679
- Bump faker from 26.3.0 to 37.1.0 by @dependabot in #1671
- Bump notifications-python-client from 10.0.0 to 10.0.1 by @dependabot in #1684
- Bump beautifulsoup4 from 4.12.3 to 4.13.4 by @dependabot in #1683
- Bump markupsafe from 2.1.5 to 3.0.2 by @dependabot in #1681
- Bump isort from 5.13.2 to 6.0.1 by @dependabot in #1685
- Bump sqlalchemy from 2.0.31 to 2.0.40 by @dependabot in #1682
- Bump newrelic from 10.9.0 to 10.11.0 by @dependabot in #1690
- Bump cryptography from 44.0.2 to 44.0.3 by @dependabot in #1689
- Bump certifi from 2025.1.31 to 2025.4.26 by @dependabot in #1688
- Bump python-dotenv from 1.0.1 to 1.1.0 by @dependabot in #1687
- Bump charset-normalizer from 3.4.1 to 3.4.2 by @dependabot in #1686
- Pin virtualenv to a compatible version by @ccostino in #1693
- Bump lxml from 5.3.1 to 5.4.0 by @dependabot in #1691
- Bump setuptools from 80.1.0 to 80.3.1 by @dependabot in #1692
Full Changelog: 4-24-2025...05-07-2025
Contributors
ccostino and dependabot
Assets 2
04-24-2025 Production Deploy
What's Changed
- fix default case for US numbers by @terrazoon in #1655
- 2401 add in flask socketio for api calls rather than using ajax by @heyitsmebev in #1634
- Bump eventlet from 0.36.1 to 0.39.1 by @dependabot in #1660
- Bump numpy from 2.2.4 to 2.2.5 by @dependabot in #1659
- Bump moto from 5.1.0 to 5.1.4 by @dependabot in #1658
- Bump click from 8.1.7 to 8.1.8 by @dependabot in #1657
- Bump flask-migrate from 4.0.7 to 4.1.0 by @dependabot in #1662
- Bump python-json-logger from 2.0.7 to 3.3.0 by @dependabot in #1663
- Bump packaging from 24.2 to 25.0 by @dependabot in #1664
- refreshing login.gov cert instructions by @terrazoon in #1656
Full Changelog: 04-15-2025...4-24-2025
Contributors
terrazoon, dependabot, and heyitsmebev
Assets 2
04-15-2025 Production Deploy
What's Changed
- Bump flake8 from 7.1.1 to 7.2.0 by @dependabot in #1642
- Bump flake8-bugbear from 24.8.19 to 24.12.12 by @dependabot in #1640
- Bump charset-normalizer from 3.4.0 to 3.4.1 by @dependabot in #1641
- restore international numbers by @terrazoon in #1629
- Bump regex from 2024.9.11 to 2024.11.6 by @dependabot in #1645
- Bump numpy from 2.2.3 to 2.2.4 by @dependabot in #1644
- Update Makefile to handle pre-existing git hooks by @ccostino in #1648
Full Changelog: 04-09-2025...04-15-2025
Contributors
ccostino, terrazoon, and dependabot
Assets 2
04-09-2025 Production Deploy
What's Changed
- Bump click-datetime from 0.2 to 0.4.0 by @dependabot in #1631
- Bump async-timeout from 4.0.3 to 5.0.1 by @dependabot in #1597
- Bump pytest-cov from 5.0.0 to 6.1.0 by @dependabot in #1628
- fix invites by @terrazoon in #1635
- fix invites again by @terrazoon in #1636
- Bump black from 24.10.0 to 25.1.0 by @dependabot in #1632
- Bump newrelic from 10.7.0 to 10.8.1 by @dependabot in #1639
- Bump pre-commit from 3.8.0 to 4.2.0 by @dependabot in #1637
- Bump packaging from 24.1 to 24.2 by @dependabot in #1638
Full Changelog: 04-03-2025...04-09-2025
Contributors
terrazoon and dependabot