Skip to content

Update databrickslabs/sandbox requirement to acceptance/v0.1.4#8

Closed
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/github_actions/databrickslabs/sandbox-acceptance/v0.1.4
Closed

Update databrickslabs/sandbox requirement to acceptance/v0.1.4#8
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/github_actions/databrickslabs/sandbox-acceptance/v0.1.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 24, 2024

Copy link
Copy Markdown

Updates the requirements on databrickslabs/sandbox to permit the latest version.

Changelog

Sourced from databrickslabs/sandbox's changelog.

Version changelog

0.1.0

  • Added install instructions (#23).
  • Added more go-git libs (#26).
  • Fixed unsupported protocol scheme error (#27).
  • Modified README to say how to use it with databricks labs sandbox command (#25).
  • More git-related libraries (#30).

Dependency updates:

  • Bump golang.org/x/crypto from 0.16.0 to 0.17.0 in /go-libs (#28).
  • Bump golang.org/x/crypto from 0.16.0 to 0.17.0 in /runtime-packages (#29).

0.0.1

Initial version with some tooling.

Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
databrickslabs/sandbox [>= 0.2.a, < 0.3]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [databrickslabs/sandbox](https://github.com/databrickslabs/sandbox) to permit the latest version.
- [Release notes](https://github.com/databrickslabs/sandbox/releases)
- [Changelog](https://github.com/databrickslabs/sandbox/blob/main/CHANGELOG.md)
- [Commits](https://github.com/databrickslabs/sandbox/commits/acceptance/v0.1.4)

---
updated-dependencies:
- dependency-name: databrickslabs/sandbox
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot requested a review from nfx as a code owner April 24, 2024 03:31
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 24, 2024
@dependabot @github

dependabot Bot commented on behalf of github Apr 24, 2024

Copy link
Copy Markdown
Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@nfx
nfx deleted the dependabot/github_actions/databrickslabs/sandbox-acceptance/v0.1.4 branch April 24, 2024 20:15
vb-dbrks added a commit that referenced this pull request Jul 3, 2026
…ecret

Addresses Marcin's review comments on the MCP server plus a round of Genie
feedback from driving the tools end to end.

Write governance (#1-#3): the persisting tools no longer take a caller-supplied
destination. save_checks / apply_checks_and_save_to_table now take a bare output
name and the runner writes it into the caller's own SP-owned per-user schema
(dqx_mcp_<user>), granting only that caller access. This lets me delete the OBO
write pre-check entirely - it checked the caller's perms while the SP did the
write (false assurance), rejected MODIFY-granted non-owners, and classified UC
errors by string-matching. The SP now only ever writes where it owns.

Runner robustness (#5, #6): save_checks applies write mode via config.replace()
instead of attribute assignment (which silently no-op'd on file backends), with
an up-front append/overwrite whitelist; generate_rules validates each profile and
raises a clear InvalidParameterError on a missing name/column instead of a
KeyError deep in the runner.

Correctness & CI (#4, #7, #8): execute_sql follows next_chunk_index so wide
schemas and the temp-view sweep aren't silently truncated to the first chunk;
added basedpyright (make mcp-check, wired into push.yml) and fixed the type
errors it surfaced; pointed the integration-coverage source at the MCP packages
rather than the DQX library.

Docs (#9): moved deploy/prerequisites into the installation page and linked back.

Genie feedback (MCP-side wrappers): generate_rules_from_contract now accepts
inline contract_content (or a file), reads it as the caller and stages a copy to
a runner-readable volume - so a Workspace-file contract works even though the
runner SP has no access to it; list_available_checks takes a filter substring so
agents can search instead of scanning every entry; generate_rules flags that its
bounds are data-derived and should be reviewed.

Dropped the catalog secret: a UC catalog name isn't sensitive (access is governed
by UC grants, not by hiding the name), so the app reads DQX_CATALOG as a plain
config value set from the catalog_name deploy var (inline app config, no
app.yaml) - nothing to create or manage out of band.

Also fixed make mcp-integration for local runs (absolute UV_BUILD_CONSTRAINT,
mirroring mcp-deploy) and updated the integration test + fixture for the new tool
shapes. Extracted the runner's pure naming/validation helpers into naming.py so
they're unit-tested without Spark.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants