2.20.0: CVE you later

Continuing the 2.0 lineage, Prefect's 2.20 release includes a major compatibility upgrade with anyio: previous versions of anyio were subject to a critical race condition that many CVE scanners are flagging as a high severity vulnerability. Because of the changes necessary in this upgrade, please be aware that new versions of many Prefect integration packages such as prefect-dask and prefect-ray will require 2.20.0 to function properly.

(For those who have already upgraded to 3.0, don't worry - Prefect 3.0 release candidates are already anyio>=4.4.0 compatible).

Bug Fixes 🐞

• refactors how cluster_config is implemented by @jeanluciano in #14801
• Add support for custom flow decorators to prefect deploy by @desertaxle in #14782

Integrations & Dependencies 🤝

• Bump anyio on Prefect 2.x by @abrookins in #14599
• Fix setting of service account on Vertex AI jobs by @desertaxle in #14816
• Backport teams notif update for 2.x by @zzstoatzz in #14774
• fix teams webhook block syntax for 3.8 by @zzstoatzz in #14790

Development & Tidiness 🧹

• Remove unnecessary config for releases by @cicdw in #14763

Full Changelog: 2.19.9...2.20