Bump snowflake-connector-python from 2.9.0 to 3.13.2 in /docker/snowflake

[dependabot]

Bumps snowflake-connector-python from 2.9.0 to 3.13.2.

Release notes

Sourced from snowflake-connector-python's releases.

3.13.2

• v3.13.2(January 29, 2025)
  • Changed not to use scoped temporary objects.

3.13.1

• v3.13.1(January 29, 2025)
  • Remedied SQL injection vulnerability in snowflake.connector.pandas_tools.write_pandas. See more GHSA-2vpq-fh52-j3wv
  • Remedied vulnerability in deserialization of the OCSP response cache. See more: GHSA-m4f6-vcj4-w5mx
  • Remedied vulnerability connected to cache files permissions. See more: GHSA-r2x6-cjg7-8r43

3.13.0

• v3.13.0(January 23,2025)
  • Added a feature to limit the sizes of IO-bound ThreadPoolExecutors during PUT and GET commands.
  • Updated README.md to include instructions on how to verify package signatures using cosign.
  • Updated the log level for cursor's chunk rowcount from INFO to DEBUG.
  • Added a feature to verify if the connection is still good enough to send queries over.
  • Added support for base64-encoded DER private key strings in the private_key authentication type.

3.12.4

• v3.12.4(December 3,2024)
  • Fixed a bug where multipart uploads to Azure would be missing their MD5 hashes.
  • Fixed a bug where OpenTelemetry header injection would sometimes cause Exceptions to be thrown.
  • Fixed a bug where OCSP checks would throw TypeError and make mainly GCP blob storage unreachable.
  • Bumped pyOpenSSL dependency from >=16.2.0,=22.0.0,<25.0.0.

3.12.3

• v3.12.3(October 25,2024)
  • Improved the error message for SSL-related issues to provide clearer guidance when an SSL error occurs.
  • Improved error message for SQL execution cancellations caused by timeout.

3.12.2

• v3.12.2(September 11,2024)
  • Improved error handling for asynchronous queries, providing more detailed and informative error messages when an async query fails.
  • Improved inference of top-level domains for accounts specifying a region in China, now defaulting to snowflakecomputing.cn.
  • Improved implementation of the snowflake.connector.util_text.random_string to reduce the likelihood of collisions.
  • Updated the log level for OCSP fail-open warning messages from ERROR to WARNING.

3.12.1

• v3.12.1(August 20,2024)
  • Fixed a bug that logged the session token when renewing a session.
  • Fixed a bug where disabling client telemetry did not work.
  • Fixed a bug where passing login_timeout as a string raised a TypeError during the login retry step.
  • Use pathlib instead of os for default config file location resolution.
  • Removed upper cryptogaphy version pin.
  • Removed reference to script snowflake-export-certs (its backing module was already removed long ago)
  • Enhanced retry mechanism for handling transient network failures during query result polling when no server response is received.

3.12.0

• v3.12.0(July 24,2024)
  • Set default connection timeout of 10 seconds and socket read timeout of 10 minutes for HTTP calls in file transfer.

... (truncated)

Commits

• 5575562 Changed not to use scoped temp stage (#2158)
• 51bd484 Release version 3.13.1 (#2152)
• f3f9b66 SNOW-1902019: Python CVEs january batch 2 (#2155)
• 3769b43 SNOW-1902019: Python CVEs january batch (#2154)
• ec3002d Update CODEOWNERS (#2149)
• 07990e0 pin qemu used for arm64 linux wheels (#2151)
• 94e9943 remove 38 reqs file (#2146)
• 9701b3e bump gh action (#2144)
• 2331d23 release 3.13.0 (#2141)
• 598ab4c Update CODEOWNERS (#2139)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)