Commit graph

102 commits

Author SHA1 Message Date
dependabot[bot]
f267fc3235
Bump pycryptodome from 3.16.0 to 3.19.1
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.16.0 to 3.19.1.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.16.0...v3.19.1)

---
updated-dependencies:
- dependency-name: pycryptodome
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-05 17:42:04 +00:00
Mouse Reeve
193a36390b
Merge pull request #3083 from hughrun/file-resubmit
use bw-file-resubmit to retain images during validation checks
2023-11-29 15:36:33 -08:00
dependabot[bot]
58f149d889
Bump aiohttp from 3.8.6 to 3.9.0
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.6 to 3.9.0.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.6...v3.9.0)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-28 01:02:35 +00:00
dependabot[bot]
63530294d4
Bump aiohttp from 3.8.5 to 3.8.6
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.8.6.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-14 23:35:55 +00:00
Hugh Rundle
1bedcdaebd
Merge branch 'main' into file-resubmit 2023-11-11 13:14:52 +11:00
Hugh Rundle
d682e55812
swap out django-file-resubmit
- we decided to fork it, so this now uses the inaugural RC release of bw-file-resubmit (will need to be adjusted once we're confident it's ok to push a full release)
- I was accidentally using the wrong widget lol
2023-11-05 16:34:24 +11:00
dependabot[bot]
68f1a69b6a
Bump django from 3.2.20 to 3.2.23
Bumps [django](https://github.com/django/django) from 3.2.20 to 3.2.23.
- [Commits](https://github.com/django/django/compare/3.2.20...3.2.23)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-02 22:13:52 +00:00
Hugh Rundle
df43a8e2c5
Use django-file-resubmit plugin
- save cover images to cache when checking author and work for existing records
- fixes #2760
2023-10-30 19:43:39 +11:00
dependabot[bot]
7cae5879c8
Bump pillow from 9.4.0 to 10.0.1
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.4.0 to 10.0.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.4.0...10.0.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-04 01:09:41 +00:00
Joeri de Ruiter
a5ede835b2 Dump dependencies related to typing 2023-09-13 09:09:43 +02:00
Joeri de Ruiter
75f37d7361 Added mypy to scripts and workflow, and some first annotations for celerywyrm 2023-07-22 13:27:43 +02:00
dependabot[bot]
7d1f3deaca
build(deps): bump aiohttp from 3.8.3 to 3.8.5
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.3 to 3.8.5.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.3...v3.8.5)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-20 15:55:55 +00:00
dependabot[bot]
7f3a8f27ab
build(deps): bump django from 3.2.19 to 3.2.20
Bumps [django](https://github.com/django/django) from 3.2.19 to 3.2.20.
- [Commits](https://github.com/django/django/compare/3.2.19...3.2.20)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-05 23:27:36 +00:00
dependabot[bot]
76fc0dfcc4
build(deps): bump requests from 2.28.2 to 2.31.0
Bumps [requests](https://github.com/psf/requests) from 2.28.2 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.28.2...v2.31.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-23 05:59:52 +00:00
dependabot[bot]
1139d214a0
build(deps): bump django from 3.2.18 to 3.2.19
Bumps [django](https://github.com/django/django) from 3.2.18 to 3.2.19.
- [Commits](https://github.com/django/django/compare/3.2.18...3.2.19)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-09 22:15:37 +00:00
Wesley Aptekar-Cassels
61453d48e6 Add automatic instrumentation to Postgres queries
This enables automatic instrumentation of Postgres queries when
OpenTelemetry instrumentation is enabled, which will help with debugging
performance problems.
2023-04-07 01:58:49 -04:00
dependabot[bot]
282f41bdb8
Bump redis from 4.5.3 to 4.5.4
Bumps [redis](https://github.com/redis/redis-py) from 4.5.3 to 4.5.4.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v4.5.3...v4.5.4)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-31 14:28:59 +00:00
dependabot[bot]
e9526ecaea
Bump redis from 3.4.1 to 4.5.3
Bumps [redis](https://github.com/redis/redis-py) from 3.4.1 to 4.5.3.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/3.4.1...v4.5.3)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-27 21:57:11 +00:00
Mouse Reeve
e9d08e7424
Merge pull request #2744 from WesleyAC/opentelemetry-console-exporter
Add OpenTelemetry console exporter option
2023-03-20 14:26:24 -07:00
Wesley Aptekar-Cassels
7bb4e21a36 Bump opentelemetry versions
This isn't actually required for anything, just good practice to keep
things up to date.
2023-03-16 13:57:19 -04:00
Chris Moultrie
f8e60f4a89
Enable Azure BlobStorage as an alternative to AWS S3
This adds a new storage backend for Azure BlobStorage, I'm running this patch in Azure Kubernetes
hosting all my assets in Azure BlobStorage and it's been stable enough I thought I should commit
this back upstream.
2023-03-05 12:08:16 -05:00
dependabot[bot]
173d7ba9bf
chore(deps): bump django from 3.2.17 to 3.2.18
Bumps [django](https://github.com/django/django) from 3.2.17 to 3.2.18.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.17...3.2.18)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 19:45:09 +00:00
Mouse Reeve
2c2daf5fdf
Merge pull request #2644 from rrgeorge/rrgeorge/csp
Add Content-Security-Policy headers and secure cookies
2023-02-10 16:37:39 -08:00
dependabot[bot]
b43f1eab38
Bump django from 3.2.16 to 3.2.17
Bumps [django](https://github.com/django/django) from 3.2.16 to 3.2.17.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.16...3.2.17)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-03 22:18:41 +00:00
Robert George
36605efd20 Added support for secure cookies and django-csp 2023-02-01 12:59:10 -08:00
Jascha Urbach
7c75c246d2
Update requirements.txt
Important bugfixes and performance updates.

did not touch opentelemetry or the dev  dependencies.

No breaking changes.
2023-01-26 16:51:32 +01:00
Jascha Urbach
befcf4f3e9
bump some versions in requirements
Why update:

iohttp: supports now more of http standard.
celery: supports redis > = 4.0.2 (the docker image uses redis 7.0.6
django-celery-beat: better Django 3.2 support, bump celery to 5.2, downgrade of dependencies for better celery support
django-compressor: official Django 3.2 support, updates requirements
django-model-utils: official django 3.2 support.
django-sass-processor: remove deprecated default_app_config, support of ManifestStaticFilesStorage (which might be needed in the future)
environs: bugfixes
libsass: removes deprecated cli
Pillow: bug fixing
psycopg2: Bugfixing
pycryptodome: bugfixes
python-dateutil: updated tzdata
requests: better json Handling, bugfixing
responses: bugfixes and more
pytz: python3 code generation, All the corect timezone behaviour!
boto3: Updsate all the S3 Handling

signtures.py update because of breaking change in pycryptodome

migration because uf updated timezones

With updated celery I have less 501 errors on my instance. updated psycopg2 has better performance.

I have NOT chekced opentelemetry packages.

Upgrading redis package wold need a deeper inspection of the code as some functions are dropped in newer versions.
2022-12-19 16:37:41 +01:00
dependabot[bot]
09446def54
Bump django from 3.2.15 to 3.2.16
Bumps [django](https://github.com/django/django) from 3.2.15 to 3.2.16.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.15...3.2.16)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-21 03:40:27 +00:00
Hugh Rundle
54daade9f9 prepare for 2FA
- add and migrate User fields for 2FA
- add views for 2FA
- add new forms for 2FA
- update package list in requirements.txt
- add URLs for 2FA views
2022-10-15 07:47:20 +11:00
dependabot[bot]
f9c608e728
Bump flower from 1.0.0 to 1.2.0
Bumps [flower](https://github.com/mher/flower) from 1.0.0 to 1.2.0.
- [Release notes](https://github.com/mher/flower/releases)
- [Commits](https://github.com/mher/flower/compare/v1.0.0...v1.2.0)

---
updated-dependencies:
- dependency-name: flower
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-13 23:03:54 +00:00
dependabot[bot]
c591371b4e
Bump django from 3.2.14 to 3.2.15
Bumps [django](https://github.com/django/django) from 3.2.14 to 3.2.15.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.14...3.2.15)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-11 16:08:55 +00:00
Mouse Reeve
073d8b1d67 Updates and fixes opentelemetry install 2022-08-04 11:05:18 -07:00
dependabot[bot]
1e0055663b
Bump django from 3.2.13 to 3.2.14
Bumps [django](https://github.com/django/django) from 3.2.13 to 3.2.14.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.13...3.2.14)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-05 22:45:57 +00:00
Mouse Reeve
7f78140015 Uses library for html cleanup 2022-07-04 13:21:13 -07:00
Mouse Reeve
08231f52ff
Merge pull request #2150 from cincodenada/fix-pylint
Fix pylint config for pylint 2.14.0
2022-06-05 15:41:32 -07:00
Joel Bradshaw
6584cb6404 Go back to one requirements.txt, simplify workflow
The workflow can now use .pylintrc and the pylint req in
requirements.txt rather than having the options inline and installing it
separately
2022-06-05 14:57:42 -07:00
Joel Bradshaw
b3603c04c5 Add pylint to bw-dev
Because pylint requires the app to be fully parseable with all its
dependencies, we run it in the web container, and add pylint as a dev
dependency.
2022-06-05 14:49:21 -07:00
Mouse Reeve
9c03bf782e Make an async request to all search connectors
This is the untest first pass at re-arranging remote search to work in
parallel rather than sequence. It moves a couple functions around
(raise_not_valid_url, for example, needs to be in connector_manager.py
now to avoid circular imports). It adds a function to Connector objects
that generates a search result (either to the isbn endpoint or the free
text endpoint) based on the query, which was previously done as part of
the search.

I also lowered the timeout to 8 seconds by default.
2022-05-30 10:15:22 -07:00
dependabot[bot]
3559bb5630
Bump django from 3.2.12 to 3.2.13
Bumps [django](https://github.com/django/django) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-22 22:47:05 +00:00
Mouse Reeve
95e9119817 Adds django celery beat 2022-02-26 08:44:19 -08:00
Mouse Reeve
70601612f8
Removes unused dependency (#1965) 2022-02-20 18:42:14 -08:00
Mouse Reeve
6daaffeaa7
Compiles css framework from sass (#1956)
* Compiles css framework from sass

* Adds watch commands

* Copies existing css to sass file

* Moves sass out of static path

* Removes global linter

I wasn't sure how to customize this, and it's not providing a lot of
additional value on top of the domain-specific linters

* Reverts invalid change to dockerfile

* Changes stylelint path

* Remove unused bulma files

* Properly minifies generated css

* Fixes regression in thread display

* rgba function only works with percents for whatever reason

* Hush stylelint

* Removes trailing zeros

* Compile sass in Django

Co-authored-by: Joachim <joachim.robert@protonmail.com>

* Python formatting

* Updates linter

* Updates commands

* Adds css-config file

Co-authored-by: Joachim <joachim.robert@protonmail.com>

* Stylelint fix

* Removes unused compiled bulma files

Co-authored-by: Joachim <joachim.robert@protonmail.com>
2022-02-19 15:29:47 -08:00
Mouse Reeve
b601ac6f91 Adds dev tools docker image 2022-02-12 14:06:18 -08:00
Mouse Reeve
1761db5444
Merge pull request #1920 from bookwyrm-social/branch-convergence
Moves towards single branch setup
2022-02-12 10:31:55 -08:00
dependabot[bot]
046f516091
Bump django from 3.2.11 to 3.2.12
Bumps [django](https://github.com/django/django) from 3.2.11 to 3.2.12.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.11...3.2.12)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-10 13:02:16 +00:00
Mouse Reeve
7811a9920e Copy config from prod branch to main 2022-02-04 18:36:12 -08:00
Mouse Reeve
a370602903
Merge pull request #1860 from cincodenada/image-generation-add-cjk
Use Source Han Sans for preview images generation (bis)
2022-02-03 11:11:38 -08:00
dependabot[bot]
36d2a7cc1d
Bump django from 3.2.10 to 3.2.11
Bumps [django](https://github.com/django/django) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-30 15:09:29 +00:00
Mouse Reeve
f86016ba33 Python formatting for black update 2022-01-30 07:01:38 -08:00
Joachim
6f5115c716 Use Source Han Sans for preview images generation 2022-01-24 23:16:15 -08:00