Skip to content

Relax cloudpickle constraint#59

Merged
AsherWright merged 2 commits into
square:mainfrom
nkpart:npartridge.fab-2603-cloudpickle
May 8, 2026
Merged

Relax cloudpickle constraint#59
AsherWright merged 2 commits into
square:mainfrom
nkpart:npartridge.fab-2603-cloudpickle

Conversation

@nkpart
Copy link
Copy Markdown
Contributor

@nkpart nkpart commented May 7, 2026
edited
Loading

Why

Prefect 3.6.28+ requires cloudpickle>=3.1.1, but block-cascade's existing ^2.0 constraint prevents downstream projects from upgrading Prefect for SCC remediation.

What

  • Relax block-cascade's cloudpickle constraint to >=2.0,<4.0
  • Bump block-cascade to 3.2.1 for a publishable patch release

Risk Assessment

Low — this is a dependency metadata change only, and focused executor tests pass with the resolved dependency set.

References

  • FAB-2603
  • Tested: poetry check
  • Tested: poetry run pytest tests/test_local_executor.py tests/test_vertex_executor.py -q

Update May 8, 09:20: Locked and tested cloudpickle 3.1.2.

  • Updated poetry.lock to resolve cloudpickle==3.1.2
  • Tested: poetry run pytest tests/test_local_executor.py tests/test_vertex_executor.py tests/test_databricks_executor.py tests/executors/databricks/resource/test_python_library.py -q
  • Tested after poetry sync --without torch: poetry run pytest -q (46 passed, 1 skipped)

@nkpart nkpart marked this pull request as ready for review May 7, 2026 04:45
AsherWright
AsherWright approved these changes May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@AsherWright AsherWright left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be worth testing this to confirm cloudpickle3 works fine

@github-advanced-security
Copy link
Copy Markdown

github-advanced-security AI commented May 7, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@nkpart
Copy link
Copy Markdown
Contributor Author

nkpart commented May 7, 2026

Might be worth testing this to confirm cloudpickle3 works fine

@AsherWright yeah good call. I've validated locally that the entire API surface we're using with cloudpickle works in both 2 and 3. I've now updated the lockfile here so it's using 3 in the test suite (which covers some but all uses, covering all would require too many mocks, I dont think we should).

@AsherWright AsherWright merged commit 8a776ca into square:main May 8, 2026
7 checks passed
@nkpart nkpart deleted the npartridge.fab-2603-cloudpickle branch May 8, 2026 00:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jhamet93 jhamet93 jhamet93 approved these changes

@AsherWright AsherWright AsherWright approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@nkpart @github-advanced-security @jhamet93 @AsherWright