chore(deps-dev): bump apache-airflow from 2.4.3 to 2.10.3 in /airflow

[dependabot]

Bumps apache-airflow from 2.4.3 to 2.10.3.

Release notes

Sourced from apache-airflow's releases.

Apache Airflow 2.10.3

Significant Changes

No significant changes.

Bug Fixes

• Improves the handling of value masking when setting Airflow variables for enhanced security. (#43123) (#43278)
• Adds support for task_instance_mutation_hook to handle mapped operators with index 0. (#42661) (#43089)
• Fixes executor cleanup to properly handle zombie tasks when task instances are terminated. (#43065)
• Adds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (#42994) (#43044)
• Restores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (#42928) (#43012)
• Fixes PythonOperator error by replacing hyphens with underscores in DAG names. (#42993)
• Improving validation of task retries to handle None values (#42532) (#42915)
• Fixes error handling in dataset managers when resolving dataset aliases into new datasets (#42733)
• Enables clicking on task names in the DAG Graph View to correctly select the corresponding task. (#38782) (#42697)
• Prevent redirect loop on /home with tags/last run filters (#42607) (#42609) (#42628)
• Support of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (#42428) (#42604)
• Reduce eyestrain in dark mode with reduced contrast and saturation (#42567) (#42583)
• Handle ENTER key correctly in trigger form and allow manual JSON (#42525) (#42535)
• Ensure DAG trigger form submits with updated parameters upon keyboard submit (#42487) (#42499)
• Do not attempt to provide not stringified objects to UI via xcom if pickling is active (#42388) (#42486)
• Fix the span link of task instance to point to the correct span in the scheduler_job_loop (#42430) (#42480)
• Bugfix task execution from runner in Windows (#42426) (#42478)
• Allows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (#42242) (#42441)
• Improves trigger performance by using selectinload instead of joinedload (#40487) (#42351)
• Suppress warnings when masking sensitive configs (#43335) (#43337)
• Masking configuration values irrelevant to DAG author (#43040) (#43336)
• Execute templated bash script as file in BashOperator (#43191)
• Fixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (#42582) (#43299)
• Add retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (#41429) (#42651)
• Mark all tasks as skipped when failing a dag_run manually (#43572)
• Fix TrySelector for Mapped Tasks in Logs and Details Grid Panel (#43566)
• Conditionally add OTEL events when processing executor events (#43558) (#43567)
• Fix broken stat scheduler_loop_duration (#42886) (#43544)
• Ensure total_entries in /api/v1/dags (#43377) (#43429)
• Include limit and offset in request body schema for List task instances (batch) endpoint (#43479)
• Don't raise a warning in ExecutorSafeguard when execute is called from an extended operator (#42849) (#43577)

Miscellaneous

• Deprecate session auth backend (#42911)
• Removed unicodecsv dependency for providers with Airflow version 2.8.0 and above (#42765) (#42970)
• Remove the referrer from Webserver to Scarf (#42901) (#42942)
• Bump dompurify from 2.2.9 to 2.5.6 in /airflow/www (#42263) (#42270)
• Correct docstring format in _get_template_context (#42244) (#42272)
• Backport: Bump Flask-AppBuilder to 4.5.2 (#43309) (#43318)
• Check python version that was used to install pre-commit venvs (#43282) (#43310)
• Resolve warning in Dataset Alias migration (#43425)

... (truncated)

Changelog

Sourced from apache-airflow's changelog.

Airflow 2.10.3 (2024-11-05)

Significant Changes ^^^^^^^^^^^^^^^^^^^

No significant changes.

Bug Fixes """""""""

• Improves the handling of value masking when setting Airflow variables for enhanced security. (#43123) (#43278)
• Adds support for task_instance_mutation_hook to handle mapped operators with index 0. (#42661) (#43089)
• Fixes executor cleanup to properly handle zombie tasks when task instances are terminated. (#43065)
• Adds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (#42994) (#43044)
• Restores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (#42928) (#43012)
• Fixes PythonOperator error by replacing hyphens with underscores in DAG names. (#42993)
• Improving validation of task retries to handle None values (#42532) (#42915)
• Fixes error handling in dataset managers when resolving dataset aliases into new datasets (#42733)
• Enables clicking on task names in the DAG Graph View to correctly select the corresponding task. (#38782) (#42697)
• Prevent redirect loop on /home with tags/last run filters (#42607) (#42609) (#42628)
• Support of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (#42428) (#42604)
• Reduce eyestrain in dark mode with reduced contrast and saturation (#42567) (#42583)
• Handle ENTER key correctly in trigger form and allow manual JSON (#42525) (#42535)
• Ensure DAG trigger form submits with updated parameters upon keyboard submit (#42487) (#42499)
• Do not attempt to provide not stringified objects to UI via xcom if pickling is active (#42388) (#42486)
• Fix the span link of task instance to point to the correct span in the scheduler_job_loop (#42430) (#42480)
• Bugfix task execution from runner in Windows (#42426) (#42478)
• Allows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (#42242) (#42441)
• Improves trigger performance by using selectinload instead of joinedload (#40487) (#42351)
• Suppress warnings when masking sensitive configs (#43335) (#43337)
• Masking configuration values irrelevant to DAG author (#43040) (#43336)
• Execute templated bash script as file in BashOperator (#43191)
• Fixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (#42582) (#43299)
• Add retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (#41429) (#42651)
• Mark all tasks as skipped when failing a dag_run manually (#43572)
• Fix TrySelector for Mapped Tasks in Logs and Details Grid Panel (#43566)
• Conditionally add OTEL events when processing executor events (#43558) (#43567)
• Fix broken stat scheduler_loop_duration (#42886) (#43544)
• Ensure total_entries in /api/v1/dags (#43377) (#43429)
• Include limit and offset in request body schema for List task instances (batch) endpoint (#43479)
• Don't raise a warning in ExecutorSafeguard when execute is called from an extended operator (#42849) (#43577)

Miscellaneous """""""""""""

• Deprecate session auth backend (#42911)
• Removed unicodecsv dependency for providers with Airflow version 2.8.0 and above (#42765) (#42970)
• Remove the referrer from Webserver to Scarf (#42901) (#42942)
• Bump dompurify from 2.2.9 to 2.5.6 in /airflow/www (#42263) (#42270)
• Correct docstring format in _get_template_context (#42244) (#42272)
• Backport: Bump Flask-AppBuilder to 4.5.2 (#43309) (#43318)

... (truncated)

Commits

• c99887e Update RELEASE_NOTES.rst
• 1c7fba7 mark test_task_workflow_trigger_success as flaky (#42972) (#43580)
• 08bbf89 FIX: Don't raise a warning in ExecutorSafeguard when execute is called from a...
• 7e86bf8 Mark all tasks as skipped when failing a dag_run manually including t… (#43572)
• 8e79c7a Fix TrySelector for Mapped Tasks in Logs and Details Grid Panel (#43566)
• c12e628 Conditionally add OTEL events when processing executor events (#43558) (#43567)
• 898f332 Fix broken stat scheduler_loop_duration (#42886) (#43544)
• 7aea4b5 Ensure total_entries in /api/v1/dags (#43377) (#43429)
• 9c044ea include limit and offset in request body schema for List task instances (batc...
• dd296c5 This PR resolves an SQLAlchemy warning in the migration by correctly setting ...
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[ohrite]

@dependabot recreate

[github-actions]

Terraform plan in iac/cal-itp-data-infra-staging/airflow/us

Plan: 1 to add, 2 to change, 1 to destroy.

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+   create
!~  update in-place
-   destroy

Terraform will perform the following actions:

  # google_storage_bucket_object.calitp-staging-composer["dags/download_gtfs_schedule_v2/_email_download_failures.py"] will be created
+   resource "google_storage_bucket_object" "calitp-staging-composer" {
+       bucket         = "calitp-staging-composer"
+       content        = (sensitive value)
+       content_type   = (known after apply)
+       crc32c         = (known after apply)
+       detect_md5hash = "different hash"
+       generation     = (known after apply)
+       id             = (known after apply)
+       kms_key_name   = (known after apply)
+       md5hash        = (known after apply)
+       md5hexhash     = (known after apply)
+       media_link     = (known after apply)
+       name           = "dags/download_gtfs_schedule_v2/_email_download_failures.py"
+       output_name    = (known after apply)
+       self_link      = (known after apply)
+       source         = "../../../../airflow/dags/download_gtfs_schedule_v2/_email_download_failures.py"
+       storage_class  = (known after apply)
    }

  # google_storage_bucket_object.calitp-staging-composer["dags/download_gtfs_schedule_v2/email_download_failures.py"] will be destroyed
  # (because key ["dags/download_gtfs_schedule_v2/email_download_failures.py"] is not in for_each map)
-   resource "google_storage_bucket_object" "calitp-staging-composer" {
-       bucket              = "calitp-staging-composer" -> null
-       content_type        = "text/plain; charset=utf-8" -> null
-       crc32c              = "9gRHKg==" -> null
-       detect_md5hash      = "YVtAxOxt5+Mf4vxMPzeRmg==" -> null
-       event_based_hold    = false -> null
-       generation          = 1759970561325830 -> null
-       id                  = "calitp-staging-composer-dags/download_gtfs_schedule_v2/email_download_failures.py" -> null
-       md5hash             = "YVtAxOxt5+Mf4vxMPzeRmg==" -> null
-       md5hexhash          = "615b40c4ec6de7e31fe2fc4c3f37919a" -> null
-       media_link          = "https://storage.googleapis.com/download/storage/v1/b/calitp-staging-composer/o/dags%2Fdownload_gtfs_schedule_v2%2Femail_download_failures.py?generation=1759970561325830&alt=media" -> null
-       metadata            = {} -> null
-       name                = "dags/download_gtfs_schedule_v2/email_download_failures.py" -> null
-       output_name         = "dags/download_gtfs_schedule_v2/email_download_failures.py" -> null
-       self_link           = "https://www.googleapis.com/storage/v1/b/calitp-staging-composer/o/dags%2Fdownload_gtfs_schedule_v2%2Femail_download_failures.py" -> null
-       source              = "../../../../airflow/dags/download_gtfs_schedule_v2/email_download_failures.py" -> null
-       storage_class       = "STANDARD" -> null
-       temporary_hold      = false -> null
#        (6 unchanged attributes hidden)
    }

  # google_storage_bucket_object.calitp-staging-composer-catalog will be updated in-place
!~  resource "google_storage_bucket_object" "calitp-staging-composer-catalog" {
!~      content             = (sensitive value)
!~      crc32c              = "oMDUHg==" -> (known after apply)
!~      detect_md5hash      = "u0KiC7OBxKvce0jyvisvVA==" -> "different hash"
!~      generation          = 1759970559452147 -> (known after apply)
        id                  = "calitp-staging-composer-data/warehouse/target/catalog.json"
!~      md5hash             = "u0KiC7OBxKvce0jyvisvVA==" -> (known after apply)
        name                = "data/warehouse/target/catalog.json"
#        (16 unchanged attributes hidden)
    }

  # google_storage_bucket_object.calitp-staging-composer-manifest will be updated in-place
!~  resource "google_storage_bucket_object" "calitp-staging-composer-manifest" {
!~      content             = (sensitive value)
!~      crc32c              = "QJFdKA==" -> (known after apply)
!~      detect_md5hash      = "SNoGJH2zXlun9CvrO0jW2Q==" -> "different hash"
!~      generation          = 1759970560663489 -> (known after apply)
        id                  = "calitp-staging-composer-data/warehouse/target/manifest.json"
!~      md5hash             = "SNoGJH2zXlun9CvrO0jW2Q==" -> (known after apply)
        name                = "data/warehouse/target/manifest.json"
#        (16 unchanged attributes hidden)
    }

Plan: 1 to add, 2 to change, 1 to destroy.

📝 Plan generated in Plan Terraform for Warehouse and DAG changes #789

[github-actions]

Terraform plan in iac/cal-itp-data-infra/airflow/us

No changes. Your infrastructure matches the configuration.

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

📝 Plan generated in Plan Terraform for Warehouse and DAG changes #789