Commit graph

147 commits

Author SHA1 Message Date
Mouse Reeve
658140f18c Merge branch 'main' into production 2024-01-09 14:23:11 -08:00
dependabot[bot]
f267fc3235
Bump pycryptodome from 3.16.0 to 3.19.1
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.16.0 to 3.19.1.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.16.0...v3.19.1)

---
updated-dependencies:
- dependency-name: pycryptodome
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-05 17:42:04 +00:00
Mouse Reeve
439b0bcd27 Merge branch 'main' into production 2024-01-02 08:32:10 -08:00
Mouse Reeve
193a36390b
Merge pull request #3083 from hughrun/file-resubmit
use bw-file-resubmit to retain images during validation checks
2023-11-29 15:36:33 -08:00
dependabot[bot]
58f149d889
Bump aiohttp from 3.8.6 to 3.9.0
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.6 to 3.9.0.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.6...v3.9.0)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-28 01:02:35 +00:00
dependabot[bot]
63530294d4
Bump aiohttp from 3.8.5 to 3.8.6
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.8.6.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-14 23:35:55 +00:00
Hugh Rundle
1bedcdaebd
Merge branch 'main' into file-resubmit 2023-11-11 13:14:52 +11:00
Hugh Rundle
d682e55812
swap out django-file-resubmit
- we decided to fork it, so this now uses the inaugural RC release of bw-file-resubmit (will need to be adjusted once we're confident it's ok to push a full release)
- I was accidentally using the wrong widget lol
2023-11-05 16:34:24 +11:00
dependabot[bot]
68f1a69b6a
Bump django from 3.2.20 to 3.2.23
Bumps [django](https://github.com/django/django) from 3.2.20 to 3.2.23.
- [Commits](https://github.com/django/django/compare/3.2.20...3.2.23)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-02 22:13:52 +00:00
Hugh Rundle
df43a8e2c5
Use django-file-resubmit plugin
- save cover images to cache when checking author and work for existing records
- fixes #2760
2023-10-30 19:43:39 +11:00
dependabot[bot]
7cae5879c8
Bump pillow from 9.4.0 to 10.0.1
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.4.0 to 10.0.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.4.0...10.0.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-04 01:09:41 +00:00
Joeri de Ruiter
a5ede835b2 Dump dependencies related to typing 2023-09-13 09:09:43 +02:00
Joeri de Ruiter
75f37d7361 Added mypy to scripts and workflow, and some first annotations for celerywyrm 2023-07-22 13:27:43 +02:00
Mouse Reeve
21f65cac58 Merge branch 'main' into production 2023-07-20 19:09:38 -07:00
dependabot[bot]
7d1f3deaca
build(deps): bump aiohttp from 3.8.3 to 3.8.5
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.3 to 3.8.5.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.3...v3.8.5)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-20 15:55:55 +00:00
dependabot[bot]
7f3a8f27ab
build(deps): bump django from 3.2.19 to 3.2.20
Bumps [django](https://github.com/django/django) from 3.2.19 to 3.2.20.
- [Commits](https://github.com/django/django/compare/3.2.19...3.2.20)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-05 23:27:36 +00:00
Mouse Reeve
6400a8e234 Merge branch 'main' into production 2023-05-30 11:38:03 -07:00
dependabot[bot]
76fc0dfcc4
build(deps): bump requests from 2.28.2 to 2.31.0
Bumps [requests](https://github.com/psf/requests) from 2.28.2 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.28.2...v2.31.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-23 05:59:52 +00:00
dependabot[bot]
1139d214a0
build(deps): bump django from 3.2.18 to 3.2.19
Bumps [django](https://github.com/django/django) from 3.2.18 to 3.2.19.
- [Commits](https://github.com/django/django/compare/3.2.18...3.2.19)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-09 22:15:37 +00:00
Mouse Reeve
a65e6ce423 Merge branch 'main' into production 2023-04-25 17:43:00 -07:00
Wesley Aptekar-Cassels
61453d48e6 Add automatic instrumentation to Postgres queries
This enables automatic instrumentation of Postgres queries when
OpenTelemetry instrumentation is enabled, which will help with debugging
performance problems.
2023-04-07 01:58:49 -04:00
Mouse Reeve
ffb7f66375 Merge branch 'main' into production 2023-04-03 21:31:08 -07:00
dependabot[bot]
282f41bdb8
Bump redis from 4.5.3 to 4.5.4
Bumps [redis](https://github.com/redis/redis-py) from 4.5.3 to 4.5.4.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v4.5.3...v4.5.4)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-31 14:28:59 +00:00
dependabot[bot]
e9526ecaea
Bump redis from 3.4.1 to 4.5.3
Bumps [redis](https://github.com/redis/redis-py) from 3.4.1 to 4.5.3.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/3.4.1...v4.5.3)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-27 21:57:11 +00:00
Mouse Reeve
e9d08e7424
Merge pull request #2744 from WesleyAC/opentelemetry-console-exporter
Add OpenTelemetry console exporter option
2023-03-20 14:26:24 -07:00
Wesley Aptekar-Cassels
7bb4e21a36 Bump opentelemetry versions
This isn't actually required for anything, just good practice to keep
things up to date.
2023-03-16 13:57:19 -04:00
Chris Moultrie
f8e60f4a89
Enable Azure BlobStorage as an alternative to AWS S3
This adds a new storage backend for Azure BlobStorage, I'm running this patch in Azure Kubernetes
hosting all my assets in Azure BlobStorage and it's been stable enough I thought I should commit
this back upstream.
2023-03-05 12:08:16 -05:00
Mouse Reeve
006272306a Merge branch 'main' into production 2023-02-20 05:39:02 -08:00
dependabot[bot]
173d7ba9bf
chore(deps): bump django from 3.2.17 to 3.2.18
Bumps [django](https://github.com/django/django) from 3.2.17 to 3.2.18.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.17...3.2.18)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 19:45:09 +00:00
Mouse Reeve
2c2daf5fdf
Merge pull request #2644 from rrgeorge/rrgeorge/csp
Add Content-Security-Policy headers and secure cookies
2023-02-10 16:37:39 -08:00
dependabot[bot]
b43f1eab38
Bump django from 3.2.16 to 3.2.17
Bumps [django](https://github.com/django/django) from 3.2.16 to 3.2.17.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.16...3.2.17)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-03 22:18:41 +00:00
Robert George
36605efd20 Added support for secure cookies and django-csp 2023-02-01 12:59:10 -08:00
Jascha Urbach
7c75c246d2
Update requirements.txt
Important bugfixes and performance updates.

did not touch opentelemetry or the dev  dependencies.

No breaking changes.
2023-01-26 16:51:32 +01:00
Mouse Reeve
54db892b90 Merge branch 'main' into production 2022-12-19 14:40:25 -08:00
Jascha Urbach
befcf4f3e9
bump some versions in requirements
Why update:

iohttp: supports now more of http standard.
celery: supports redis > = 4.0.2 (the docker image uses redis 7.0.6
django-celery-beat: better Django 3.2 support, bump celery to 5.2, downgrade of dependencies for better celery support
django-compressor: official Django 3.2 support, updates requirements
django-model-utils: official django 3.2 support.
django-sass-processor: remove deprecated default_app_config, support of ManifestStaticFilesStorage (which might be needed in the future)
environs: bugfixes
libsass: removes deprecated cli
Pillow: bug fixing
psycopg2: Bugfixing
pycryptodome: bugfixes
python-dateutil: updated tzdata
requests: better json Handling, bugfixing
responses: bugfixes and more
pytz: python3 code generation, All the corect timezone behaviour!
boto3: Updsate all the S3 Handling

signtures.py update because of breaking change in pycryptodome

migration because uf updated timezones

With updated celery I have less 501 errors on my instance. updated psycopg2 has better performance.

I have NOT chekced opentelemetry packages.

Upgrading redis package wold need a deeper inspection of the code as some functions are dropped in newer versions.
2022-12-19 16:37:41 +01:00
Mouse Reeve
29314c6243 Merge branch 'main' into production 2022-11-03 10:32:13 -07:00
dependabot[bot]
09446def54
Bump django from 3.2.15 to 3.2.16
Bumps [django](https://github.com/django/django) from 3.2.15 to 3.2.16.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.15...3.2.16)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-21 03:40:27 +00:00
Hugh Rundle
54daade9f9 prepare for 2FA
- add and migrate User fields for 2FA
- add views for 2FA
- add new forms for 2FA
- update package list in requirements.txt
- add URLs for 2FA views
2022-10-15 07:47:20 +11:00
Mouse Reeve
3fd4ab6162 Merge branch 'main' into production 2022-09-15 11:21:51 -07:00
dependabot[bot]
f9c608e728
Bump flower from 1.0.0 to 1.2.0
Bumps [flower](https://github.com/mher/flower) from 1.0.0 to 1.2.0.
- [Release notes](https://github.com/mher/flower/releases)
- [Commits](https://github.com/mher/flower/compare/v1.0.0...v1.2.0)

---
updated-dependencies:
- dependency-name: flower
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-13 23:03:54 +00:00
Mouse Reeve
b34bbac228 Merge branch 'main' into production 2022-08-29 15:21:43 -07:00
dependabot[bot]
c591371b4e
Bump django from 3.2.14 to 3.2.15
Bumps [django](https://github.com/django/django) from 3.2.14 to 3.2.15.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.14...3.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-11 16:08:55 +00:00
Mouse Reeve
580745bee3 Merge branch 'main' into production 2022-08-05 16:57:53 -07:00
Mouse Reeve
073d8b1d67 Updates and fixes opentelemetry install 2022-08-04 11:05:18 -07:00
Mouse Reeve
4097a8989c Merge branch 'main' into production 2022-07-05 17:51:50 -07:00
dependabot[bot]
1e0055663b
Bump django from 3.2.13 to 3.2.14
Bumps [django](https://github.com/django/django) from 3.2.13 to 3.2.14.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.13...3.2.14)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-05 22:45:57 +00:00
Mouse Reeve
e452aa95b6 Merge branch 'main' into production 2022-07-04 14:08:24 -07:00
Mouse Reeve
7f78140015 Uses library for html cleanup 2022-07-04 13:21:13 -07:00
Mouse Reeve
08231f52ff
Merge pull request #2150 from cincodenada/fix-pylint
Fix pylint config for pylint 2.14.0
2022-06-05 15:41:32 -07:00
Joel Bradshaw
6584cb6404 Go back to one requirements.txt, simplify workflow
The workflow can now use .pylintrc and the pylint req in
requirements.txt rather than having the options inline and installing it
separately
2022-06-05 14:57:42 -07:00