Closed jbrown-xentity closed 1 year ago
Please note I already saw https://github.com/keitaroinc/ckanext-saml2auth/pull/74, which is a proposed change to work with 2.9.6. So it's already known (since release less than 48 hours ago) that there are breaking changes. It's ok to give this a week or 2, to make sure there aren't any other breaking changes.
After reviewing the changelog, I think there aren't any super important fixes that apply to us. We don't have to make this a high priority.
2.9.7 was released today, due to an account vulnerability. We have already triaged this vulnerability and it doesn't affect us, so this doesn't change the priority. See https://github.com/ckan/ckan/blob/ckan-2.9.7/CHANGELOG.rst
Bringing in to at least investigate the impact
This has been completed. The only anomaly in this work was a ckanext-geodatagov
test which has been documented in this ADR.
User Story
In order to keep catalog and inventory on latest versions of software, data.gov admins want CKAN upgraded in catalog and inventory to 2.9.7.
Acceptance Criteria
[ACs should be clearly demoable/verifiable whenever possible. Try specifying them using BDD.]
"ckan_version": "2.9.7"
"ckan_version": "2.9.7"
Background
Security Considerations (required)
None
Sketch
Should do the following for both applications:
git push origin feature-branch:develop
), validate key use cases (login, etc)