Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[21pt] Python package updates #1227

Closed
RobHanna-NOAA opened this issue Jul 19, 2024 · 2 comments · Fixed by #1253
Closed

[21pt] Python package updates #1227

RobHanna-NOAA opened this issue Jul 19, 2024 · 2 comments · Fixed by #1253
Assignees
@mluck
Labels
dependencies Pull requests that update a dependency file FIM4 Med Priority

Comments

@RobHanna-NOAA
Copy link
Contributor

RobHanna-NOAA commented Jul 19, 2024
edited
Loading

We are close to merging PR 1217, which updates OpenJDK, adds some new packages and updates others.

Some of the notable upgrades in 1217, is numba, numpy and xarray. For 1217, those packages have been tested heaviliy and are just fine.

However, a run of pipenv check which reveals vulnerabilities found:
aiobotocore
fiona
jinja2
pyogrio
pyproj
rasterio

It would also be wise to look into other major packages in our use such as pandas, geopandas, pyarrow, and shapely

Please wait until PR 1217 is merged before addressing these. I don't believe they are urgent but keep on the radar.

Update: Aug 9, 2024
Please update boto3 as well. :) Updating boto3 will likely fix aiobotocore above, but not sure.
@RobHanna-NOAA RobHanna-NOAA added Med Priority dependencies Pull requests that update a dependency file FIM4 labels Jul 19, 2024
@RobHanna-NOAA RobHanna-NOAA changed the title [13pt] Python package updates [21pt] Python package updates Jul 23, 2024
@RobHanna-NOAA RobHanna-NOAA mentioned this issue Jul 23, 2024
Merged
22 tasks
@mluck mluck self-assigned this Aug 8, 2024
@mluck
Copy link
Contributor

mluck commented Aug 9, 2024

Upgrading geopandas from v0.14.3 to v1.0.1 introduced the following (in v1.0.0), requiring some fixes in our repo:

Backwards incompatible API changes:
The sjoin method will now preserve the name of the index of the right
GeoDataFrame, if it has one, instead of always using "index_right" as the
name for the resulting column in the return value.

@mluck mluck mentioned this issue Aug 12, 2024
Closed
@mluck
Copy link
Contributor

mluck commented Aug 12, 2024

This will address #1249 (see #1249 (comment)).

@mluck mluck mentioned this issue Aug 19, 2024
Merged
20 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mluck mluck

Labels
dependencies Pull requests that update a dependency file FIM4 Med Priority
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[1pt] PR: Upgrade Python packages NOAA-OWP/inundation-mapping
2 participants
@mluck @RobHanna-NOAA