Merge branch '3.6.x' into security/remove_snyk_ci_scans

.dockerignore

@@ -8,3 +8,4 @@ rasa/tests
 rasa/scripts
 data/
 examples/
+docker-data/*

.github/workflows/automatic-release-to-main-merger.yml

@@ -26,7 +26,9 @@ jobs:
     runs-on: ubuntu-22.04
 
     # only run this workflow if a pull request has been merged
-    if: github.event.pull_request.merged == true
+    # don't run this workflow on pull request from forks, permissions will be missing anyway
+    # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflows-in-forked-repositories
+    if: github.event.pull_request.merged == true && github.event.pull_request.head.repo.full_name == 'RasaHQ/rasa'
 
     steps:
       - name: Checkout git repository 🕝
@@ -68,14 +70,6 @@ jobs:
         with:
           branch: ${{ steps.get-branch-name.outputs.new_branch }}
 
-      - name: Notify Slack if creating a new branch failed 💬
-        if: ${{ failure() && steps.create-new-branch.conclusion == 'failure' }}
-        env:
-          SLACK_WEBHOOK: ${{ secrets.SLACK_INFRASTRUCTURE_SQUAD_MONITORS_WEBHOOK_URL }}
-        uses: Ilshidur/action-slack@689ad44a9c9092315abd286d0e3a9a74d31ab78a
-        with:
-          args: "🚨 There was a problem with creating a new branch containing commits from the ${{ env.RELEASE_BRANCH }} release branch. Check out the Github action: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
-
       - name: Open pull request ☄️
         if: ${{ steps.create-new-branch.conclusion == 'success' }}
         uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5
@@ -109,11 +103,11 @@ jobs:
         env:
           GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
 
-      - name: Notify Slack when closing of outdated merge-PRs failed 💬
-        if: ${{ failure() && steps.close-outdated-release-merge-prs.conclusion == 'failure'}}
+      - name: Notify Slack on failure 💬
+        if: failure()
         env:
           SLACK_WEBHOOK: ${{ secrets.SLACK_INFRASTRUCTURE_SQUAD_MONITORS_WEBHOOK_URL }}
         uses: Ilshidur/action-slack@689ad44a9c9092315abd286d0e3a9a74d31ab78a
         with:
-          args: "🚨 There was a problem with closing outdated release-merge-PRs of the ${{ env.RELEASE_BRANCH }} release branch. Check out the Github action: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} \
-                These release-merge-PRs are currently open: https://github.com/${{ github.repository }}/pulls?q=is%3Aopen+label%3A${{ env.LABEL_TYPE }}+head%3Amerge-${{ steps.get-branch-name.outputs.release_branch }}-main"
+          args: "🚨 There was a problem with porting changes from ${{ env.RELEASE_BRANCH }} to the `main` branch. \
+                 Check out the Github action: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"

.github/workflows/continous-integration.yml

@@ -136,6 +136,11 @@ jobs:
         with:
           poetry-version: ${{ env.POETRY_VERSION }}
 
+      - name: Inject setuptools into poetry's runtime environment
+        if: needs.changes.outputs.backend == 'true'
+        run: |
+          poetry self add setuptools
+
       - name: Load Poetry Cached Libraries ⬇
         id: cache-poetry
         if: needs.changes.outputs.backend == 'true'
@@ -163,7 +168,7 @@ jobs:
         # This is a workaround for that issue
         run: |
           sudo apt-get -y install libpq-dev
-          make install-full || make install-full || make install-full
+          make install-full
 
       - name: Checkout target branch to be able to diff
         if: needs.changes.outputs.backend == 'true' && github.event_name == 'pull_request'
@@ -277,6 +282,11 @@ jobs:
         with:
           poetry-version: ${{ env.POETRY_VERSION }}
 
+      - name: Inject setuptools into poetry's runtime environment
+        if: needs.changes.outputs.backend == 'true'
+        run: |
+          poetry self add setuptools
+
       - name: Load Poetry Cached Libraries ⬇
         id: cache-poetry
         if: needs.changes.outputs.backend == 'true'
@@ -311,7 +321,7 @@ jobs:
         # This is a workaround for that issue
         run: |
           sudo apt-get -y install libpq-dev
-          make install-full | tee .output  || make install-full | tee .output || make install-full | tee .output
+          make install-full | tee .output
           if grep 'The lock file is not up to date' .output; then exit 1; fi
           make prepare-tests-ubuntu
 
@@ -330,7 +340,7 @@ jobs:
             Remove-Item -Force -Recurse $spacy_data_dir
             New-Item -Path $spacy_data_dir -Type Directory
           }
-          make install-full  || make install-full || make install-full
+          make install-full
           make prepare-tests-windows-gha
 
       - name: Add github workflow problem matchers
@@ -352,9 +362,15 @@ jobs:
           (Get-ItemProperty "HKLM:System\CurrentControlSet\Control\FileSystem").LongPathsEnabled
           Set-ItemProperty 'HKLM:\System\CurrentControlSet\Control\FileSystem' -Name 'LongPathsEnabled' -value 0
 
-      - name: Install ddtrace
-        if: needs.changes.outputs.backend == 'true'
-        run: poetry run pip install -U ddtrace
+      - name: Install ddtrace on Linux
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        run: poetry run pip install -U 'ddtrace<2.0.0'
+
+      - name: Install ddtrace on Windows
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'windows-2019'
+        run: |
+          .\.venv\Scripts\activate
+          py -m pip install -U 'ddtrace<2.0.0'
 
       - name: Test Code 🔍 (multi-process)
         if: needs.changes.outputs.backend == 'true'
@@ -421,6 +437,11 @@ jobs:
         with:
           poetry-version: ${{ env.POETRY_VERSION }}
 
+      - name: Inject setuptools into poetry's runtime environment
+        if: needs.changes.outputs.backend == 'true'
+        run: |
+          poetry self add setuptools
+
       - name: Load Poetry Cached Libraries ⬇
         id: cache-poetry
         if: needs.changes.outputs.backend == 'true'
@@ -492,9 +513,15 @@ jobs:
           (Get-ItemProperty "HKLM:System\CurrentControlSet\Control\FileSystem").LongPathsEnabled
           Set-ItemProperty 'HKLM:\System\CurrentControlSet\Control\FileSystem' -Name 'LongPathsEnabled' -value 0
 
-      - name: Install ddtrace
-        if: needs.changes.outputs.backend == 'true'
-        run: poetry run pip install -U ddtrace
+      - name: Install ddtrace on Linux
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'ubuntu-22.04'
+        run: poetry run pip install -U 'ddtrace<2.0.0'
+
+      - name: Install ddtrace on Windows
+        if: needs.changes.outputs.backend == 'true' && matrix.os == 'windows-2019'
+        run: |
+          .\.venv\Scripts\activate
+          py -m pip install -U 'ddtrace<2.0.0'
 
       - name: Test Code 🔍 (multi-process)
         if: needs.changes.outputs.backend == 'true'
@@ -1036,8 +1063,11 @@ jobs:
         run: |
           sudo swapoff -a
           sudo rm -f /swapfile
+          sudo rm -rf "$AGENT_TOOLSDIRECTORY"
           sudo apt clean
-          docker image prune -a
+          docker image prune -a -f
+          docker volume prune -f
+          docker container prune -f
           df -h
 
       - name: Read Poetry Version 🔢
@@ -1065,6 +1095,9 @@ jobs:
         run: |
           docker buildx bake --set *.platform=linux/amd64,linux/arm64 -f docker/docker-bake.hcl ${{ matrix.image }}
 
+      - name: Check how much space is left after Docker build
+        run: df -h
+
       - name: Push image with main tag 📦
         if: needs.changes.outputs.docker == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'RasaHQ/rasa'
         run: |

CHANGELOG.mdx

@@ -16,6 +16,133 @@ https://github.com/RasaHQ/rasa/tree/main/changelog/ . -->
 
 <!-- TOWNCRIER -->
 
+## [3.6.15] - 2023-11-30
+
+Rasa 3.6.15 (2023-11-30)                          
+### Bugfixes
+- [#12965](https://github.com/rasahq/rasa/issues/12965): Fixed connection timeout to action server by setting KEEP_ALIVE_TIMEOUT to 120, and reverting changes introduced in #12886.
+
+
+## [3.6.14] - 2023-11-17
+
+Rasa 3.6.14 (2023-11-17)                         
+### Bugfixes
+- [#12948](https://github.com/rasahq/rasa/issues/12948): Fixed UnexpecTEDIntentlessPolicy training errors that resulted from a change to batching behavior. Changed the batching behavior back to the original for all components. Made the changed batching behavior accessible in DietClassifier using `drop_small_last_batch: True`.
+
+
+## [3.6.13] - 2023-10-23
+
+Rasa 3.6.13 (2023-10-23)                         
+### Bugfixes
+- [#12927](https://github.com/rasahq/rasa/issues/12927): Fix wrong conflicts that occur when rasa validate stories is run with slots that have active_loop set to null in mapping conditions.
+
+
+## [3.6.12] - 2023-10-10
+
+Rasa 3.6.12 (2023-10-10)                         
+### Bugfixes
+- [#12904](https://github.com/rasahq/rasa/issues/12904): Refresh headers used in requests (e.g. action server requests) made by `EndpointConfig` using its `headers` attribute.
+- [#12906](https://github.com/rasahq/rasa/issues/12906): Upgrade `pillow` to `10.0.1` to address security vulnerability CVE-2023-4863 found in `10.0.0` version.
+
+
+## [3.6.11] - 2023-10-05
+
+Rasa 3.6.11 (2023-10-05)                         
+### Bugfixes
+- [#12722](https://github.com/rasahq/rasa/issues/12722): Intent names will not be falsely abbreviated in interactive training (fixes OSS-413).
+
+  This will also fix a bug where forced user utterances (using the regex matcher) will
+  be reverted even though they are present in the domain.
+- [#12886](https://github.com/rasahq/rasa/issues/12886): Cache `EndpointConfig` session object using `cached_property` decorator instead of recreating this object on every request.
+  Initialize these connection pools for action server and model server endpoints as part of the Sanic `after_server_start` listener.
+  Also close connection pools during Sanic `after_server_stop` listener.
+
+
+## [3.6.10] - 2023-09-26
+
+Rasa 3.6.10 (2023-09-26)                         
+### Improvements
+- [#12827](https://github.com/rasahq/rasa/issues/12827): Improved handling of last batch during DIET and TED training. The last batch is discarded if it contains less than half a batch size of data.
+- [#12852](https://github.com/rasahq/rasa/issues/12852): Added `username` to the connection parameters for `RedisLockStore` and `RedisTrackerStore`
+- [#1493](https://github.com/rasahq/rasa/issues/1493): Telemetry data is only send for licensed users.
+
+### Improved Documentation
+- [#12868](https://github.com/rasahq/rasa/issues/12868): Remove the Playground from docs.
+
+
+## [3.6.9] - 2023-09-15
+
+Rasa 3.6.9 (2023-09-15)                        
+### Improvements
+- [#12778](https://github.com/rasahq/rasa/issues/12778): Added additional method `fingerprint_addon` to the `GraphComponent` interface to allow inclusion of external data into the fingerprint calculation of a component
+
+### Bugfixes
+- [#12790](https://github.com/rasahq/rasa/issues/12790): Fixed `KeyError` which resulted when `domain_responses` doesn't exist as a keyword argument while using a custom action dispatcher with nlg server.
+
+
+## [3.6.8] - 2023-08-30
+
+Rasa 3.6.8 (2023-08-30)                         
+
+No significant changes.
+
+
+## [3.6.7] - 2023-08-29
+
+Rasa 3.6.7 (2023-08-29)                        
+### Bugfixes
+- [#12768](https://github.com/rasahq/rasa/issues/12768): Updated certifi, cryptography, and scipy packages to address security vulnerabilities.
+
+
+## [3.6.6] - 2023-08-23
+
+Rasa 3.6.6 (2023-08-23)                        
+### Bugfixes
+- [#12755](https://github.com/rasahq/rasa/issues/12755): Updated setuptools and wheel to address security vulnerabilities.
+
+
+## [3.6.5] - 2023-08-17
+
+Rasa 3.6.5 (2023-08-17)                        
+### Improvements
+- [#12696](https://github.com/rasahq/rasa/issues/12696): Use the same session across requests in `RasaNLUHttpInterpreter`
+
+### Bugfixes
+- [#12737](https://github.com/rasahq/rasa/issues/12737): Resolve dependency incompatibility: Pin  version of `dnspython` to ==2.3.0.
+
+### Improved Documentation
+- [#12712](https://github.com/rasahq/rasa/issues/12712): Updated PII docs with new section on how to use Rasa X/Enterprise with PII management solution, and a new note on debug
+  logs being displayed after the bot message with `rasa shell`.
+
+
+## [3.6.4] - 2023-07-21
+
+Rasa 3.6.4 (2023-07-21)                        
+### Bugfixes
+- [#12575](https://github.com/rasahq/rasa/issues/12575): Extract conditional response variation and channel variation filtering logic into a separate component.
+  Enable usage of this component in the NaturalLanguageGenerator subclasses (e.g. CallbackNaturalLanguageGenerator, TemplatedNaturalLanguageGenerator).
+  Amend nlg_request_format to include a single response ID string field, instead of a list of IDs.
+
+### Improved Documentation
+- [#12663](https://github.com/rasahq/rasa/issues/12663): Updated commands with square brackets e.g (`pip install rasa[spacy]`) to use quotes (`pip install 'rasa[spacy]'`) for compatibility with zsh in docs.
+
+
+## [3.6.3] - 2023-07-20
+
+Rasa 3.6.3 (2023-07-20)                        
+### Improvements
+- [#12637](https://github.com/rasahq/rasa/issues/12637): Added a human readable component to structlog using the `event_info` key and made it the default rendered key if present.
+
+### Bugfixes
+- [#12638](https://github.com/rasahq/rasa/issues/12638): Fix the issue with the most recent model not being selected if the owner or permissions where modified on the model file.
+- [#12661](https://github.com/rasahq/rasa/issues/12661): Fixed `BlockingIOError` which occured as a result of too large data passed to strulogs.
+
+### Improved Documentation
+- [#12659](https://github.com/rasahq/rasa/issues/12659): Update action server documentation with new capability to extend Sanic features by using plugins.
+  Update rasa-sdk dependency to version 3.6.1.
+- [#12663](https://github.com/rasahq/rasa/issues/12663): Updated commands with square brackets e.g (`pip install rasa[spacy]`) to use quotes (`pip install 'rasa[spacy]'`) for compatibility with zsh in docs.
+
+
 ## [3.6.2] - 2023-07-06
 
 Rasa 3.6.2 (2023-07-06)                        

Makefile

@@ -136,7 +136,7 @@ prepare-tests-windows:
 # It will retry the installation 5 times if it fails
 # See: https://github.com/actions/virtual-environments/blob/main/images/win/scripts/ImageHelpers/ChocoHelpers.ps1
 prepare-tests-windows-gha:
-	powershell -command "Choco-Install wget graphviz"
+	powershell -command "Install-ChocoPackage wget graphviz"
 
 test: clean
 	# OMP_NUM_THREADS can improve overall performance using one thread by process (on tensorflow), avoiding overload

data/test/test_integration/data/nlu.yml

@@ -89,3 +89,10 @@ nlu:
       - are you a human?
       - am I talking to a bot?
       - am I talking to a human?
+
+  - intent: block
+    examples: |
+      - block my [checking](account_type) account
+      - i want to block my [savings](account_type) account
+      - i need to block an account
+      - i need to block my [credit](account_type) card

data/test/test_integration/data/stories.yml

@@ -28,3 +28,29 @@ stories:
       - action: utter_did_that_help
       - intent: deny
       - action: utter_goodbye
+
+  - story: block savings
+    steps:
+    - intent: block
+      entities:
+      - account_type: savings
+    - action: utter_block_account
+
+  - story: block checking
+    steps:
+    - intent: block
+      entities:
+      - account_type: checking
+    - action: utter_checking
+
+  - story: block credit
+    steps:
+    - intent: block
+      entities:
+      - account_type: credit
+    - action: utter_credit
+
+  - story: block no entities
+    steps:
+    - intent: block 
+    - action: utter_nothing