Update databrickslabs/sandbox requirement to acceptance/v0.1.4#8
Closed
dependabot[bot] wants to merge 2 commits into
Closed
Update databrickslabs/sandbox requirement to acceptance/v0.1.4#8dependabot[bot] wants to merge 2 commits into
dependabot[bot] wants to merge 2 commits into
Conversation
Updates the requirements on [databrickslabs/sandbox](https://github.com/databrickslabs/sandbox) to permit the latest version. - [Release notes](https://github.com/databrickslabs/sandbox/releases) - [Changelog](https://github.com/databrickslabs/sandbox/blob/main/CHANGELOG.md) - [Commits](https://github.com/databrickslabs/sandbox/commits/acceptance/v0.1.4) --- updated-dependencies: - dependency-name: databrickslabs/sandbox dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
mwojtyczka
approved these changes
Apr 24, 2024
…dbox-acceptance/v0.1.4
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
nfx
deleted the
dependabot/github_actions/databrickslabs/sandbox-acceptance/v0.1.4
branch
April 24, 2024 20:15
vb-dbrks
added a commit
that referenced
this pull request
Jul 3, 2026
…ecret Addresses Marcin's review comments on the MCP server plus a round of Genie feedback from driving the tools end to end. Write governance (#1-#3): the persisting tools no longer take a caller-supplied destination. save_checks / apply_checks_and_save_to_table now take a bare output name and the runner writes it into the caller's own SP-owned per-user schema (dqx_mcp_<user>), granting only that caller access. This lets me delete the OBO write pre-check entirely - it checked the caller's perms while the SP did the write (false assurance), rejected MODIFY-granted non-owners, and classified UC errors by string-matching. The SP now only ever writes where it owns. Runner robustness (#5, #6): save_checks applies write mode via config.replace() instead of attribute assignment (which silently no-op'd on file backends), with an up-front append/overwrite whitelist; generate_rules validates each profile and raises a clear InvalidParameterError on a missing name/column instead of a KeyError deep in the runner. Correctness & CI (#4, #7, #8): execute_sql follows next_chunk_index so wide schemas and the temp-view sweep aren't silently truncated to the first chunk; added basedpyright (make mcp-check, wired into push.yml) and fixed the type errors it surfaced; pointed the integration-coverage source at the MCP packages rather than the DQX library. Docs (#9): moved deploy/prerequisites into the installation page and linked back. Genie feedback (MCP-side wrappers): generate_rules_from_contract now accepts inline contract_content (or a file), reads it as the caller and stages a copy to a runner-readable volume - so a Workspace-file contract works even though the runner SP has no access to it; list_available_checks takes a filter substring so agents can search instead of scanning every entry; generate_rules flags that its bounds are data-derived and should be reviewed. Dropped the catalog secret: a UC catalog name isn't sensitive (access is governed by UC grants, not by hiding the name), so the app reads DQX_CATALOG as a plain config value set from the catalog_name deploy var (inline app config, no app.yaml) - nothing to create or manage out of band. Also fixed make mcp-integration for local runs (absolute UV_BUILD_CONSTRAINT, mirroring mcp-deploy) and updated the integration test + fixture for the new tool shapes. Extracted the runner's pure naming/validation helpers into naming.py so they're unit-tested without Spark.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updates the requirements on databrickslabs/sandbox to permit the latest version.
Changelog
Sourced from databrickslabs/sandbox's changelog.
Commits
Most Recent Ignore Conditions Applied to This Pull Request
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)