mirrors/bookwyrm
1
0
Fork 1
mirror of https://github.com/bookwyrm-social/bookwyrm.git synced 2024-05-14 06:22:58 +00:00
Code Issues Projects Releases Wiki Activity
9125 commits 13 branches 35 tags 115 MiB
Commit graph

124 commits

Author SHA1 Message Date
Bart Schuurmans 4ca52c0b38
Merge branch 'main' into trigger_migrations 2024-03-20 11:47:54 +01:00
Mouse Reeve d08147c6d9
Merge pull request #3244 from bookwyrm-social/dependabot/pip/pillow-10.2.0 
Bump pillow from 10.0.1 to 10.2.0
 2024-03-19 15:10:30 -07:00
dependabot[bot] 47afe34d97
Bump django from 3.2.24 to 3.2.25 
Bumps [django](https://github.com/django/django) from 3.2.24 to 3.2.25.
- [Commits](https://github.com/django/django/compare/3.2.24...3.2.25)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-18 21:48:21 +00:00
Bart Schuurmans ccf2b16d73 requirements.txt: make typing-Pillow match Pillow 2024-03-18 19:52:40 +01:00
dependabot[bot] 3be227fc86 Bump pillow from 10.0.1 to 10.2.0 
Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.0.1 to 10.2.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/10.0.1...10.2.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-18 19:51:24 +01:00
Adeodato Simó cceccd1ecf
Merge from main into 'trigger_migrations' 
Conflicts:
	requirements.txt
 2024-03-17 21:54:15 -03:00
Adeodato Simó beb49af514
Upgade django-pgtrigger to 4.11 2024-03-17 21:46:34 -03:00
Margaret Fero eadb0e640f Fix typo in operator 2024-03-02 17:29:42 -08:00
Margaret Fero be140d5e5a Pin setuptools at 65.5.1 2024-03-02 17:20:48 -08:00
Margaret Fero 22c4155c7c Upgrade pytest to 6.2.5 2024-03-02 16:09:34 -08:00
Margaret Fero 498dc35d99 Upgrade Pylint to 2.15.0 2024-03-02 16:09:06 -08:00
Margaret Fero 0f5a3e9163 Pin Tornado at 6.3.3 2024-03-02 16:08:41 -08:00
Margaret Fero da2636fa29 Add grpcio pin @ 1.57.0 2024-03-02 16:07:50 -08:00
Margaret Fero c1520da56d Upgrade flower to 2.0.0 2024-03-02 16:05:11 -08:00
Margaret Fero fee3fdd5a8 Upgrade django-compressor to 4.4 2024-03-02 16:04:37 -08:00
Margaret Fero c944824ac7 Upgrade django-celery-beat to 2.5.0 2024-03-02 16:04:06 -08:00
Margaret Fero 4312e9bba0 Upgrade Celery to 5.3.1 2024-03-02 16:03:19 -08:00
Margaret Fero 3652ac8100
Alphabetize requirements.txt 
Alphabetize requirements.txt for developer convenience; this helps to find duplicates and unnecessarily-pinned subdependencies, as well as making the file easier to read and use.
 2024-03-02 15:41:06 -08:00
Margaret Fero f8fd76cff0
Remove duplicate types-requests==2.31.0.2 
The types-requests==2.31.0.2 dependency was double-listed right next to each other; this commit removes one.
 2024-03-02 13:57:09 -08:00
dependabot[bot] 363cb79951
Bump django from 3.2.23 to 3.2.24 
Bumps [django](https://github.com/django/django) from 3.2.23 to 3.2.24.
- [Commits](https://github.com/django/django/compare/3.2.23...3.2.24)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-07 22:50:00 +00:00
dependabot[bot] b05621005e
Bump aiohttp from 3.9.0 to 3.9.2 
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.0 to 3.9.2.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.9.0...v3.9.2)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-30 00:10:13 +00:00
dependabot[bot] f267fc3235
Bump pycryptodome from 3.16.0 to 3.19.1 
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.16.0 to 3.19.1.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.16.0...v3.19.1)

---
updated-dependencies:
- dependency-name: pycryptodome
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-05 17:42:04 +00:00
Mouse Reeve 193a36390b
Merge pull request #3083 from hughrun/file-resubmit 
use bw-file-resubmit to retain images during validation checks
 2023-11-29 15:36:33 -08:00
dependabot[bot] 58f149d889
Bump aiohttp from 3.8.6 to 3.9.0 
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.6 to 3.9.0.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.6...v3.9.0)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-28 01:02:35 +00:00
Adeodato Simó 416a6caf2d
Define author_search_vector_trigger via Author.Meta.triggers 
Previously, triggers lived only in a particular migration file. With
this change, code for the triggers resides in the model, and their
lifecycle is managed through normal Django migrations.
 2023-11-25 16:17:51 -03:00
dependabot[bot] 63530294d4
Bump aiohttp from 3.8.5 to 3.8.6 
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.8.6.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.8.6)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-14 23:35:55 +00:00
Hugh Rundle 1bedcdaebd
Merge branch 'main' into file-resubmit 2023-11-11 13:14:52 +11:00
Hugh Rundle d682e55812
swap out django-file-resubmit 
- we decided to fork it, so this now uses the inaugural RC release of bw-file-resubmit (will need to be adjusted once we're confident it's ok to push a full release)
- I was accidentally using the wrong widget lol
 2023-11-05 16:34:24 +11:00
dependabot[bot] 68f1a69b6a
Bump django from 3.2.20 to 3.2.23 
Bumps [django](https://github.com/django/django) from 3.2.20 to 3.2.23.
- [Commits](https://github.com/django/django/compare/3.2.20...3.2.23)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-02 22:13:52 +00:00
Hugh Rundle df43a8e2c5
Use django-file-resubmit plugin 
- save cover images to cache when checking author and work for existing records
- fixes #2760
 2023-10-30 19:43:39 +11:00
dependabot[bot] 7cae5879c8
Bump pillow from 9.4.0 to 10.0.1 
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.4.0 to 10.0.1.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.4.0...10.0.1)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 01:09:41 +00:00
Joeri de Ruiter a5ede835b2 Dump dependencies related to typing 2023-09-13 09:09:43 +02:00
Joeri de Ruiter 75f37d7361 Added mypy to scripts and workflow, and some first annotations for celerywyrm 2023-07-22 13:27:43 +02:00
dependabot[bot] 7d1f3deaca
build(deps): bump aiohttp from 3.8.3 to 3.8.5 
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.3 to 3.8.5.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.3...v3.8.5)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-20 15:55:55 +00:00
dependabot[bot] 7f3a8f27ab
build(deps): bump django from 3.2.19 to 3.2.20 
Bumps [django](https://github.com/django/django) from 3.2.19 to 3.2.20.
- [Commits](https://github.com/django/django/compare/3.2.19...3.2.20)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-05 23:27:36 +00:00
dependabot[bot] 76fc0dfcc4
build(deps): bump requests from 2.28.2 to 2.31.0 
Bumps [requests](https://github.com/psf/requests) from 2.28.2 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.28.2...v2.31.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-23 05:59:52 +00:00
dependabot[bot] 1139d214a0
build(deps): bump django from 3.2.18 to 3.2.19 
Bumps [django](https://github.com/django/django) from 3.2.18 to 3.2.19.
- [Commits](https://github.com/django/django/compare/3.2.18...3.2.19)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-09 22:15:37 +00:00
Wesley Aptekar-Cassels 61453d48e6 Add automatic instrumentation to Postgres queries 
This enables automatic instrumentation of Postgres queries when
OpenTelemetry instrumentation is enabled, which will help with debugging
performance problems.
 2023-04-07 01:58:49 -04:00
dependabot[bot] 282f41bdb8
Bump redis from 4.5.3 to 4.5.4 
Bumps [redis](https://github.com/redis/redis-py) from 4.5.3 to 4.5.4.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v4.5.3...v4.5.4)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-31 14:28:59 +00:00
dependabot[bot] e9526ecaea
Bump redis from 3.4.1 to 4.5.3 
Bumps [redis](https://github.com/redis/redis-py) from 3.4.1 to 4.5.3.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/3.4.1...v4.5.3)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-27 21:57:11 +00:00
Mouse Reeve e9d08e7424
Merge pull request #2744 from WesleyAC/opentelemetry-console-exporter 
Add OpenTelemetry console exporter option
 2023-03-20 14:26:24 -07:00
Wesley Aptekar-Cassels 7bb4e21a36 Bump opentelemetry versions 
This isn't actually required for anything, just good practice to keep
things up to date.
 2023-03-16 13:57:19 -04:00
Chris Moultrie f8e60f4a89
Enable Azure BlobStorage as an alternative to AWS S3 
This adds a new storage backend for Azure BlobStorage, I'm running this patch in Azure Kubernetes
hosting all my assets in Azure BlobStorage and it's been stable enough I thought I should commit
this back upstream.
 2023-03-05 12:08:16 -05:00
dependabot[bot] 173d7ba9bf
chore(deps): bump django from 3.2.17 to 3.2.18 
Bumps [django](https://github.com/django/django) from 3.2.17 to 3.2.18.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.17...3.2.18)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-15 19:45:09 +00:00
Mouse Reeve 2c2daf5fdf
Merge pull request #2644 from rrgeorge/rrgeorge/csp 
Add Content-Security-Policy headers and secure cookies
 2023-02-10 16:37:39 -08:00
dependabot[bot] b43f1eab38
Bump django from 3.2.16 to 3.2.17 
Bumps [django](https://github.com/django/django) from 3.2.16 to 3.2.17.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.16...3.2.17)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-03 22:18:41 +00:00
Robert George 36605efd20 Added support for secure cookies and django-csp 2023-02-01 12:59:10 -08:00
Jascha Urbach 7c75c246d2
Update requirements.txt 
Important bugfixes and performance updates.

did not touch opentelemetry or the dev  dependencies.

No breaking changes.
 2023-01-26 16:51:32 +01:00
Jascha Urbach befcf4f3e9
bump some versions in requirements 
Why update:

iohttp: supports now more of http standard.
celery: supports redis > = 4.0.2 (the docker image uses redis 7.0.6
django-celery-beat: better Django 3.2 support, bump celery to 5.2, downgrade of dependencies for better celery support
django-compressor: official Django 3.2 support, updates requirements
django-model-utils: official django 3.2 support.
django-sass-processor: remove deprecated default_app_config, support of ManifestStaticFilesStorage (which might be needed in the future)
environs: bugfixes
libsass: removes deprecated cli
Pillow: bug fixing
psycopg2: Bugfixing
pycryptodome: bugfixes
python-dateutil: updated tzdata
requests: better json Handling, bugfixing
responses: bugfixes and more
pytz: python3 code generation, All the corect timezone behaviour!
boto3: Updsate all the S3 Handling

signtures.py update because of breaking change in pycryptodome

migration because uf updated timezones

With updated celery I have less 501 errors on my instance. updated psycopg2 has better performance.

I have NOT chekced opentelemetry packages.

Upgrading redis package wold need a deeper inspection of the code as some functions are dropped in newer versions.
 2022-12-19 16:37:41 +01:00
dependabot[bot] 09446def54
Bump django from 3.2.15 to 3.2.16 
Bumps [django](https://github.com/django/django) from 3.2.15 to 3.2.16.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.15...3.2.16)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-21 03:40:27 +00:00