Bump sqlalchemy from 1.4.40 to 1.4.41 #10005

dependabot · 2022-09-12T00:01:47Z

Bumps sqlalchemy from 1.4.40 to 1.4.41.

Release notes

1.4.41

Released: September 6, 2022

orm

[orm] [bug] [events] Fixed event listening issue where event listeners added to a superclass would be lost if a subclass were created which then had its own listeners associated. The practical example is that of the sessionmaker class created after events have been associated with the _orm.Session class.

References: #8467

[orm] [bug] Hardened the cache key strategy for the _orm.aliased() and _orm.with_polymorphic() constructs. While no issue involving actual statements being cached can easily be demonstrated (if at all), these two constructs were not including enough of what makes them unique in their cache keys for caching on the aliased construct alone to be accurate.

References: #8401

[orm] [bug] [regression] Fixed regression appearing in the 1.4 series where a joined-inheritance query placed as a subquery within an enclosing query for that same entity would fail to render the JOIN correctly for the inner query. The issue manifested in two different ways prior and subsequent to version 1.4.18 (related issue #6595), in one case rendering JOIN twice, in the other losing the JOIN entirely. To resolve, the conditions under which "polymorphic loading" are applied have been scaled back to not be invoked for simple joined inheritance queries.

References: #8456

[orm] [bug] Fixed issue in sqlalchemy.ext.mutable extension where collection links to the parent object would be lost if the object were merged with Session.merge() while also passing Session.merge.load as False.

References: #8446

[orm] [bug] Fixed issue involving _orm.with_loader_criteria() where a closure variable used as bound parameter value within the lambda would not carry forward correctly into additional relationship loaders such as _orm.selectinload() and _orm.lazyload() after the statement were cached, using the stale originally-cached value instead.

References: #8399

sql

... (truncated)

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

codecov · 2022-09-12T00:40:24Z

Codecov Report

Merging #10005 (20076c3) into master (2e93b63) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master   #10005   +/-   ##
=======================================
  Coverage   61.46%   61.46%           
=======================================
  Files         823      823           
  Lines       50492    50492           
  Branches     7765     7765           
=======================================
  Hits        31037    31037           
  Misses      17775    17775           
  Partials     1680     1680

Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.40 to 1.4.41. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.40 to 1.4.41. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.40 to 1.4.41. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump oauthlib from 3.2.0 to 3.2.1 (#9998) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.0 to 3.2.1. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/master/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.0...v3.2.1) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.15.0 to 4.16.0 (#9999) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.15.0 to 4.16.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.15.0...v4.16.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-splinter from 3.3.1 to 3.3.2 (#10000) Bumps [pytest-splinter](https://github.com/pytest-dev/pytest-splinter) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/pytest-dev/pytest-splinter/releases) - [Changelog](https://github.com/pytest-dev/pytest-splinter/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-splinter/compare/3.3.1...3.3.2) --- updated-dependencies: - dependency-name: pytest-splinter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.33.0 to 11.34.0 (#10001) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.33.0 to 11.34.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.33.0...v11.34.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.0 to 7.10.1 (#10006) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.0 to 7.10.1. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.0...7.10.1) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update pyproj requirement from <3.3.0 to <3.5.0 (#10002) Updates the requirements on [pyproj](https://github.com/pyproj4/pyproj) to permit the latest version. - [Release notes](https://github.com/pyproj4/pyproj/releases) - [Changelog](https://github.com/pyproj4/pyproj/blob/main/docs/history.rst) - [Commits](https://github.com/pyproj4/pyproj/compare/v1.9.4rel...3.4.0) --- updated-dependencies: - dependency-name: pyproj dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.40 to 1.4.41 (#10005) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.40 to 1.4.41. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.4.0 to 22.8.0 (#10007) Bumps [twisted](https://github.com/twisted/twisted) from 22.4.0 to 22.8.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.4.0...twisted-22.8.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.4.0 to 8.5.0 (#10004) Bumps [ipython](https://github.com/ipython/ipython) from 8.4.0 to 8.5.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.4.0...8.5.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.66 to 1.24.70 (#10003) Bumps [boto3](https://github.com/boto/boto3) from 1.24.66 to 1.24.70. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.66...1.24.70) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg to requirements.txt (#10019) * Bump to version 4.0.1 (cherry picked from commit 43cb8049b488b23bbc4886ca9e28d95f8329cf65) * Bump to version 4.0.2 dev 0 (cherry picked from commit c4bd604e1aa453cd9c6b718792e156e8bdf86e3b) # Conflicts: # requirements.txt # setup.cfg * Bump boto3 from 1.24.70 to 1.24.75 (#10031) Bumps [boto3](https://github.com/boto/boto3) from 1.24.70 to 1.24.75. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.70...1.24.75) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump smart-open from 6.1.0 to 6.2.0 (#10030) Bumps [smart-open](https://github.com/piskvorky/smart_open) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/piskvorky/smart_open/releases) - [Changelog](https://github.com/RaRe-Technologies/smart_open/blob/develop/CHANGELOG.md) - [Commits](https://github.com/piskvorky/smart_open/compare/v6.1.0...v6.2.0) --- updated-dependencies: - dependency-name: smart-open dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump drf-spectacular from 0.23.1 to 0.24.0 (#10029) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.23.1 to 0.24.0. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.23.1...0.24.0) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update idna requirement from <2.11,>=2.5 to >=2.5,<3.5 (#10028) Updates the requirements on [idna](https://github.com/kjd/idna) to permit the latest version. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v2.5...v3.4) --- updated-dependencies: - dependency-name: idna dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.4.0 to 2.5.0 (#10027) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10024] Wrong default style when creating layer (#10035) (cherry picked from commit 40fae5b3240ddf5b033688ce1891d7e7f1cfc304) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * add installation type to issue template (#10042) * [Dependencies] Align setup.cfg with requirements.txt (#10038) * [Fixes #10040] Remove auto-generated thumbnail for documents (#10045) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - add migration to clean available thumbs * - fix migration * - modify functionality * Bump drf-spectacular from 0.24.0 to 0.24.1 (#10051) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.0 to 0.24.1. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.0...0.24.1) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Update setuptools requirement from <65.4.0,>=59.1.1 to >=59.1.1,<65.5.0 (#10047) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.4.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.75 to 1.24.80 (#10050) Bumps [boto3](https://github.com/boto/boto3) from 1.24.75 to 1.24.80. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.75...1.24.80) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyopenssl from 22.0.0 to 22.1.0 (#10049) Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 22.0.0 to 22.1.0. - [Release notes](https://github.com/pyca/pyopenssl/releases) - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/pyopenssl/compare/22.0.0...22.1.0) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump djangorestframework from 3.12.0 to 3.14.0 (#10048) Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.0 to 3.14.0. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.12.0...3.14.0) --- updated-dependencies: - dependency-name: djangorestframework dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Bump djangorestframework from 3.12.0 to 3.14.0 (#10048)" (#10062) This reverts commit 75566560538b38c59873ed9fb7951acc3ba0edfa. * [Dependencies] Align setup.cfg with requirements.txt (#10061) * [Dependencies] Align setup.cfg with requirements.txt * Revert "Bump djangorestframework from 3.12.0 to 3.14.0" * [CLA] Add "edsonflavio" to .clabot * Complete Translate pt_BR (#10056) Tradução completa da localização para Português Brasileiro. Complete translate for pt_BR localization. Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10041] Review the thumbnail scaling process (#10046) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests * [Fixes #10066][Depencendies] Security audit and checks (#10067) * [Fixes #10066][Depencendies] Security audit and checks * -SNYK security fix * [Fixes #10055] Modify Metadata form with permissions check (#10057) * -[Fixes #10055] Modify Metadata form with permissions check * - check user in form * - update tests * - add tests Co-authored-by: Giovanni Allegri <giohappy@gmail.com> * Bump django-mptt from 0.13.4 to 0.14.0 (#10081) Bumps [django-mptt](https://github.com/django-mptt/django-mptt) from 0.13.4 to 0.14.0. - [Release notes](https://github.com/django-mptt/django-mptt/releases) - [Changelog](https://github.com/django-mptt/django-mptt/blob/main/CHANGELOG.rst) - [Commits](https://github.com/django-mptt/django-mptt/compare/0.13.4...0.14) --- updated-dependencies: - dependency-name: django-mptt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10070] Let the resource manager handle also raw sld (#10071) * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * Update django-invitations requirement from <1.9.4 to <2.0.1 (#10084) * Update django-invitations requirement from <1.9.4 to <2.0.1 Updates the requirements on [django-invitations](https://github.com/jazzband/django-invitations) to permit the latest version. - [Release notes](https://github.com/jazzband/django-invitations/releases) - [Changelog](https://github.com/jazzband/django-invitations/blob/master/CHANGELOG.md) - [Commits](https://github.com/jazzband/django-invitations/compare/0.1...2.0.0) --- updated-dependencies: - dependency-name: django-invitations dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * - fix the adapter Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: afabiani <alessio.fabiani@geosolutionsgroup.com> * fix: requirements.txt to reduce vulnerabilities (#10099) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3039675 * Bump drf-spectacular from 0.24.1 to 0.24.2 (#10088) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.1 to 0.24.2. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.1...0.24.2) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump invoke from 1.7.1 to 1.7.3 (#10086) Bumps [invoke](https://github.com/pyinvoke/invoke) from 1.7.1 to 1.7.3. - [Release notes](https://github.com/pyinvoke/invoke/releases) - [Commits](https://github.com/pyinvoke/invoke/compare/1.7.1...1.7.3) --- updated-dependencies: - dependency-name: invoke dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump protobuf from 4.21.6 to 4.21.7 (#10085) Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 4.21.6 to 4.21.7. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.2.1 to 2022.4 (#10083) Bumps [pytz](https://github.com/stub42/pytz) from 2022.2.1 to 2022.4. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/commits) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10073] Unable to view Maps tab in Recent activities (#10074) Co-authored-by: Giovanni Allegri <giohappy@gmail.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump mistune from 2.0.3 to 2.0.4 (#10082) Bumps [mistune](https://github.com/lepture/mistune) from 2.0.3 to 2.0.4. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/v2.0.4/docs/changes.rst) - [Commits](https://github.com/lepture/mistune/compare/v2.0.3...v2.0.4) --- updated-dependencies: - dependency-name: mistune dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10091] improve thumbnails quality (#10092) * improve thumbnails quality * force convertion to jpeg * - update tests * - fix tests Co-authored-by: marthamareal <marthamareal@gmail.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10075] Improvements to the upload time step UI (#10094) * -[Fixes #10075] Improvements to the upload time step UI * clarify why user is inside this step Co-authored-by: Giovanni Allegri <giohappy@gmail.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump coverage from 6.4.4 to 6.5.0 (#10079) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.4 to 6.5.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.4.4...6.5.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10113] Data retriver keep kmz files even if is unzipped (#10114) * [Fixes #10113] Data retriever keeps kmz files even if are unzipped * Bump sherlock from 0.3.2 to 0.4.0 (#10116) Bumps [sherlock](https://github.com/py-sherlock/sherlock) from 0.3.2 to 0.4.0. - [Release notes](https://github.com/py-sherlock/sherlock/releases) - [Changelog](https://github.com/py-sherlock/sherlock/blob/master/CHANGELOG.rst) - [Commits](https://github.com/py-sherlock/sherlock/commits/v0.4.0) --- updated-dependencies: - dependency-name: sherlock dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10104] Sort resource APIs with created date (#10105) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump requests-toolbelt from 0.9.1 to 0.10.0 (#10118) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.9.1 to 0.10.0. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.9.1...0.10.0) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump psycopg2 from 2.9.3 to 2.9.4 (#10117) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.3 to 2.9.4. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.80 to 1.24.87 (#10107) Bumps [boto3](https://github.com/boto/boto3) from 1.24.80 to 1.24.87. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.80...1.24.87) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Dependencies] Align setup.cfg to requirements.txt (#10124) * [Fixes #10120] Celery autoscale values are too low and wrongly positioned (#10121) * [Fixes #7852] Update catalog and background layers url configuration in settings.py and related files (#9950) * -[Fixes #7852] Update catalog and background layers url configuration in settings.py and related files * - update geoid url * [Fixes #10130] Data retriever dont assign the folder/file permissions correcly (#10131) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10134] New simple renderer to generate thumbnails for PDFs (#10135) * PDF thumbnail renderer * - add unit tests * command to generate thumbnails for docs * flake fix * renamed management command * add requirement to setup.cfg * make command similar to other sync commands * removed unused import * fix flake8 Co-authored-by: marthamareal <marthamareal@gmail.com> * [Fixes #10138] Render pdf thumbnails from top margin (#10139) * render pdf thumbnails from top margin * fix flake * [Fixes #10142] storage_manager copy dont assign the folder/file permi… (#10143) * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * Bump wandb from 0.12.17 to 0.13.4 (#10152) Bumps [wandb](https://github.com/wandb/wandb) from 0.12.17 to 0.13.4. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.12.17...v0.13.4) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Update setuptools requirement from <65.5.0,>=59.1.1 to >=59.1.1,<65.6.0 (#10150) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.5.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pip from 22.2.2 to 22.3 (#10149) Bumps [pip](https://github.com/pypa/pip) from 22.2.2 to 22.3. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.2.2...22.3) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump shapely from 1.8.4 to 1.8.5.post1 (#10147) Bumps [shapely](https://github.com/shapely/shapely) from 1.8.4 to 1.8.5.post1. - [Release notes](https://github.com/shapely/shapely/releases) - [Changelog](https://github.com/shapely/shapely/blob/1.8.5.post1/CHANGES.txt) - [Commits](https://github.com/shapely/shapely/compare/1.8.4...1.8.5.post1) --- updated-dependencies: - dependency-name: shapely dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.41 to 1.4.42 (#10145) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.41 to 1.4.42. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.34.0 to 11.35.0 (#10146) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.34.0 to 11.35.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.34.0...v11.35.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.87 to 1.24.91 (#10151) Bumps [boto3](https://github.com/boto/boto3) from 1.24.87 to 1.24.91. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.87...1.24.91) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Align requirements.txt comments with 4.x (#10162) * [Fixes #10168] Add 'executions' field to concrete instance endpoints (#10169) * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10171] Dynamic rendering of document_detail view template (#10172) * add preview mode to document metadata page * Remove Return to button inside metadata detail page * [Hardening] Avoid "backup.py" failing while trying to set "w" perms on the GeoServer catalog file * Fix migrations 4x (#10176) * - Fixing migrations upg 33x -> 4x * fix migration * missing files * - Fixing migrations upg 33x -> 4x * - Fixing migrations upg 33x -> 4x Co-authored-by: mattiagiupponi <mattia.giupponi@gmail.com> * [Hardening] Make the migration '0074_drop_curated_thumbs' more robust * [Fixes #10198] uwsgi library update (#10199) * [Fixes #10195] Backup and restore procedure is not successful (#10196) * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] test fix build * [Fixes #10204] restore mapstore catalog settings (#10205) * [Fixes #10192] Include source into the ExecutionRequest model (#10193) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump oauthlib from 3.2.1 to 3.2.2 (#10189) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * fix ip whitelisting (#10218) * Update httplib2 requirement from <0.20.5 to <0.21.1 (#10227) Updates the requirements on [httplib2](https://github.com/httplib2/httplib2) to permit the latest version. - [Release notes](https://github.com/httplib2/httplib2/releases) - [Changelog](https://github.com/httplib2/httplib2/blob/master/CHANGELOG) - [Commits](https://github.com/httplib2/httplib2/compare/0.9...v0.21.0) --- updated-dependencies: - dependency-name: httplib2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump pillow from 9.1.1 to 9.3.0 (#10229) Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.1.1 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/9.1.1...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.8.0 to 22.10.0 (#10233) Bumps [twisted](https://github.com/twisted/twisted) from 22.8.0 to 22.10.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.8.0...twisted-22.10.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.91 to 1.26.0 (#10235) Bumps [boto3](https://github.com/boto/boto3) from 1.24.91 to 1.26.0. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.91...1.26.0) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.4 to 2022.6 (#10234) Bumps [pytz](https://github.com/stub42/pytz) from 2022.4 to 2022.6. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/compare/release_2022.4...release_2022.6) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.5.0 to 8.6.0 (#10228) Bumps [ipython](https://github.com/ipython/ipython) from 8.5.0 to 8.6.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.5.0...8.6.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump requests-toolbelt from 0.10.0 to 0.10.1 (#10225) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.10.0...0.10.1) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 7.1.3 to 7.2.0 (#10224) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.3 to 7.2.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.1.3...7.2.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.1 to 7.11.0 (#10223) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.1 to 7.11.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.1...7.11.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psycopg2 from 2.9.4 to 2.9.5 (#10222) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.4 to 2.9.5. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.5.0 to 2.6.0 (#10186) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/commits) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.2 to 5.9.3 (#10185) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.2 to 5.9.3. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.2...release-5.9.3) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.3 to 3.8.4 (#10184) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.3 to 3.8.4. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.3...v3.8.4) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: scripts/docker/nginx/Dockerfile to reduce vulnerabilities (#10180) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE316-CURL-3011748 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3040799 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050523 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050527 - https://snyk.io/vuln/SNYK-ALPINE316-ZLIB-2976176 Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Dependencies] Align "setup.cfg" to "requirements.txt" (#10242) * [Fixes #10251] Review geonode management command set_layers_permissions (#10252) * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Hardening] Prevent migration 0034_maplayer_extra_params_and_current_style to fail abruptly in the case the maplayer has no styles associated with it * [Fixes #10263] non admin user in fresh instance cannot create resources_ (#10264) * [Fixes #10208] Add a custom hook at the end of the permissions assign (#10213) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Fix broken test (#10266) * Fix broken test build * Fix broken test build * Bump GeoServer to version 2.20.6 (#10164) * [Fixes #10214] metadata_only filter not working properly (#10215) * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump jsonschema from 4.16.0 to 4.17.0 (#10262) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.16.0 to 4.17.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.16.0...v4.17.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump pip from 22.3 to 22.3.1 (#10261) Bumps [pip](https://github.com/pypa/pip) from 22.3 to 22.3.1. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.3...22.3.1) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-bdd from 6.0.1 to 6.1.0 (#10260) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.0.1 to 6.1.0. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.0.1...6.1.0) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.11.0 to 8.0.0 (#10259) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.11.0 to 8.0.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.11.0...8.0.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.42 to 1.4.43 (#10258) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.42 to 1.4.43. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump docker from 6.0.0 to 6.0.1 (#10256) Bumps [docker](https://github.com/docker/docker-py) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/docker/docker-py/releases) - [Commits](https://github.com/docker/docker-py/compare/6.0.0...6.0.1) --- updated-dependencies: - dependency-name: docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump wandb from 0.13.4 to 0.13.5 (#10255) Bumps [wandb](https://github.com/wandb/wandb) from 0.13.4 to 0.13.5. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.13.4...v0.13.5) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10251] improve feedback to the user and UI experience of batch permisisons assignment (#10281) * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * Bump boto3 from 1.26.0 to 1.26.4 (#10273) Bumps [boto3](https://github.com/boto/boto3) from 1.26.0 to 1.26.4. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.0...1.26.4) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Dependencies] Align setup.cfg to requirements.txt (#10284) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" (#10288) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" * [Fixes #10270] Document creation via API v2 (#10271) * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * fix: requirements_tests.txt to reduce vulnerabilities (#10299) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 * Bump pytest-bdd from 6.1.0 to 6.1.1 (#10297) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.1.0...6.1.1) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump pymupdf from 1.20.2 to 1.21.0 (#10296) Bumps [pymupdf](https://github.com/pymupdf/pymupdf) from 1.20.2 to 1.21.0. - [Release notes](https://github.com/pymupdf/pymupdf/releases) - [Changelog](https://github.com/pymupdf/PyMuPDF/blob/master/changes.txt) - [Commits](https://github.com/pymupdf/pymupdf/compare/1.20.2...1.21.0) --- updated-dependencies: - dependency-name: pymupdf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.43 to 1.4.44 (#10294) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.43 to 1.4.44. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.3 to 5.9.4 (#10293) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.3 to 5.9.4. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.3...release-5.9.4) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.35.0 to 11.36.0 (#10292) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.35.0 to 11.36.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.35.0...v11.36.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump google-cloud-storage from 2.5.0 to 2.6.0 (#10291) Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/python-storage/compare/v2.5.0...v2.6.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.4 to 1.26.11 (#10312) Bumps [boto3](https://github.com/boto/boto3) from 1.26.4 to 1.26.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.4...1.26.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg with requirements.txt (#10315) * [Fixes #10303] automatic periodic TaskResult removal (#10306) * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] fix flake8 formatting Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10302] Incorrect permissions assigned on cloning a resource (#10309) * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 formatting * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 * - Fix test case * [Fixes #10302] fix flake8 Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Create SECURITY.md (#10285) * Create SECURITY.md * Update SECURITY.md fix minor typo Co-authored-by: Florian Hoedt <gannebamm@gmail.com> * Update setuptools requirement from <65.6.0,>=59.1.1 to >=59.1.1,<65.7.0 (#10327) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v65.5.1...v65.6.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump python-slugify from 6.1.2 to 7.0.0 (#10322) Bumps [python-slugify](https://github.com/un33k/python-slugify) from 6.1.2 to 7.0.0. - [Release notes](https://github.com/un33k/python-slugify/releases) - [Changelog](https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md) - [Commits](https://github.com/un33k/python-slugify/compare/v6.1.2...v7.0.0) --- updated-dependencies: - dependency-name: python-slugify dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.11 to 1.26.14 (#10330) Bumps [boto3](https://github.com/boto/boto3) from 1.26.11 to 1.26.14. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.11...1.26.14) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump mako from 1.2.3 to 1.2.4 (#10325) Bumps [mako](https://github.com/sqlalchemy/mako) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/sqlalchemy/mako/releases) - [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/mako/commits) --- updated-dependencies: - dependency-name: mako dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump selenium-requests from 2.0.0 to 2.0.1 (#10324) Bumps [selenium-requests]() from 2.0.0 to 2.0.1. --- updated-dependencies: - dependency-name: selenium-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.4 to 3.8.5 (#10323) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.4 to 3.8.5. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.4...v3.8.5) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #9041] Docker NGINX listen on ports 80/443 (#10338) * [Dependencies] Align setup.cfg with requirements.txt (#10339) * Bump django-grappelli from 3.0.3 to 3.0.4 (#10351) Bumps [django-grappelli](https://github.com/sehmaschine/django-grappelli) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/sehmaschine/django-grappelli/releases) - [Changelog](https://github.com/sehmaschine/django-grappelli/blob/master/docs/changelog.rst) - [Commits](https://github.com/sehmaschine/django-grappelli/compare/3.0.3...3.0.4) --- updated-dependencies: - dependency-name: django-grappelli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: requirements_dev.txt to reduce vulnerabilities (#10300) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * changed bbox_polygon and llbox_polygone to read only in serializer for #10316 (#10317) Co-authored-by: mattiagiupponi <51856725+mattiagiupponi@users.noreply.github.com> Co-authored-by: Giovanni Allegri <giohappy@gmail.com> * Bump urllib3 from 1.26.12 to 1.26.13 (#10350) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.12 to 1.26.13. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/1.26.13/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.12...1.26.13) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.17.0 to 4.17.1 (#10349) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.17.0 to 4.17.1. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.17.0...v4.17.1) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.14 to 1.26.17 (#103…

* Bump oauthlib from 3.2.0 to 3.2.1 (#9998) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.0 to 3.2.1. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/master/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.0...v3.2.1) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.15.0 to 4.16.0 (#9999) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.15.0 to 4.16.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.15.0...v4.16.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-splinter from 3.3.1 to 3.3.2 (#10000) Bumps [pytest-splinter](https://github.com/pytest-dev/pytest-splinter) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/pytest-dev/pytest-splinter/releases) - [Changelog](https://github.com/pytest-dev/pytest-splinter/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-splinter/compare/3.3.1...3.3.2) --- updated-dependencies: - dependency-name: pytest-splinter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.33.0 to 11.34.0 (#10001) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.33.0 to 11.34.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.33.0...v11.34.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.0 to 7.10.1 (#10006) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.0 to 7.10.1. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.0...7.10.1) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update pyproj requirement from <3.3.0 to <3.5.0 (#10002) Updates the requirements on [pyproj](https://github.com/pyproj4/pyproj) to permit the latest version. - [Release notes](https://github.com/pyproj4/pyproj/releases) - [Changelog](https://github.com/pyproj4/pyproj/blob/main/docs/history.rst) - [Commits](https://github.com/pyproj4/pyproj/compare/v1.9.4rel...3.4.0) --- updated-dependencies: - dependency-name: pyproj dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.40 to 1.4.41 (#10005) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.40 to 1.4.41. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.4.0 to 22.8.0 (#10007) Bumps [twisted](https://github.com/twisted/twisted) from 22.4.0 to 22.8.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.4.0...twisted-22.8.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.4.0 to 8.5.0 (#10004) Bumps [ipython](https://github.com/ipython/ipython) from 8.4.0 to 8.5.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.4.0...8.5.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.66 to 1.24.70 (#10003) Bumps [boto3](https://github.com/boto/boto3) from 1.24.66 to 1.24.70. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.66...1.24.70) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg to requirements.txt (#10019) * Bump to version 4.0.1 (cherry picked from commit 43cb8049b488b23bbc4886ca9e28d95f8329cf65) * Bump to version 4.0.2 dev 0 (cherry picked from commit c4bd604e1aa453cd9c6b718792e156e8bdf86e3b) * Bump boto3 from 1.24.70 to 1.24.75 (#10031) Bumps [boto3](https://github.com/boto/boto3) from 1.24.70 to 1.24.75. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.70...1.24.75) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump smart-open from 6.1.0 to 6.2.0 (#10030) Bumps [smart-open](https://github.com/piskvorky/smart_open) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/piskvorky/smart_open/releases) - [Changelog](https://github.com/RaRe-Technologies/smart_open/blob/develop/CHANGELOG.md) - [Commits](https://github.com/piskvorky/smart_open/compare/v6.1.0...v6.2.0) --- updated-dependencies: - dependency-name: smart-open dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump drf-spectacular from 0.23.1 to 0.24.0 (#10029) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.23.1 to 0.24.0. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.23.1...0.24.0) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update idna requirement from <2.11,>=2.5 to >=2.5,<3.5 (#10028) Updates the requirements on [idna](https://github.com/kjd/idna) to permit the latest version. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v2.5...v3.4) --- updated-dependencies: - dependency-name: idna dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.4.0 to 2.5.0 (#10027) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10024] Wrong default style when creating layer (#10035) (cherry picked from commit 40fae5b3240ddf5b033688ce1891d7e7f1cfc304) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * add installation type to issue template (#10042) * [Dependencies] Align setup.cfg with requirements.txt (#10038) * [Fixes #10040] Remove auto-generated thumbnail for documents (#10045) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - add migration to clean available thumbs * - fix migration * - modify functionality * Bump drf-spectacular from 0.24.0 to 0.24.1 (#10051) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.0 to 0.24.1. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.0...0.24.1) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Update setuptools requirement from <65.4.0,>=59.1.1 to >=59.1.1,<65.5.0 (#10047) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.4.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.75 to 1.24.80 (#10050) Bumps [boto3](https://github.com/boto/boto3) from 1.24.75 to 1.24.80. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.75...1.24.80) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyopenssl from 22.0.0 to 22.1.0 (#10049) Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 22.0.0 to 22.1.0. - [Release notes](https://github.com/pyca/pyopenssl/releases) - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/pyopenssl/compare/22.0.0...22.1.0) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump djangorestframework from 3.12.0 to 3.14.0 (#10048) Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.0 to 3.14.0. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.12.0...3.14.0) --- updated-dependencies: - dependency-name: djangorestframework dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Bump djangorestframework from 3.12.0 to 3.14.0 (#10048)" (#10062) This reverts commit 75566560538b38c59873ed9fb7951acc3ba0edfa. * [Dependencies] Align setup.cfg with requirements.txt (#10061) * [Dependencies] Align setup.cfg with requirements.txt * Revert "Bump djangorestframework from 3.12.0 to 3.14.0" * [CLA] Add "edsonflavio" to .clabot * Complete Translate pt_BR (#10056) Tradução completa da localização para Português Brasileiro. Complete translate for pt_BR localization. Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10041] Review the thumbnail scaling process (#10046) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests * [Fixes #10066][Depencendies] Security audit and checks (#10067) * [Fixes #10066][Depencendies] Security audit and checks * -SNYK security fix * [Fixes #10055] Modify Metadata form with permissions check (#10057) * -[Fixes #10055] Modify Metadata form with permissions check * - check user in form * - update tests * - add tests Co-authored-by: Giovanni Allegri <giohappy@gmail.com> * Bump django-mptt from 0.13.4 to 0.14.0 (#10081) Bumps [django-mptt](https://github.com/django-mptt/django-mptt) from 0.13.4 to 0.14.0. - [Release notes](https://github.com/django-mptt/django-mptt/releases) - [Changelog](https://github.com/django-mptt/django-mptt/blob/main/CHANGELOG.rst) - [Commits](https://github.com/django-mptt/django-mptt/compare/0.13.4...0.14) --- updated-dependencies: - dependency-name: django-mptt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10070] Let the resource manager handle also raw sld (#10071) * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * Update django-invitations requirement from <1.9.4 to <2.0.1 (#10084) * Update django-invitations requirement from <1.9.4 to <2.0.1 Updates the requirements on [django-invitations](https://github.com/jazzband/django-invitations) to permit the latest version. - [Release notes](https://github.com/jazzband/django-invitations/releases) - [Changelog](https://github.com/jazzband/django-invitations/blob/master/CHANGELOG.md) - [Commits](https://github.com/jazzband/django-invitations/compare/0.1...2.0.0) --- updated-dependencies: - dependency-name: django-invitations dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * - fix the adapter Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: afabiani <alessio.fabiani@geosolutionsgroup.com> * fix: requirements.txt to reduce vulnerabilities (#10099) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3039675 * Bump drf-spectacular from 0.24.1 to 0.24.2 (#10088) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.1 to 0.24.2. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.1...0.24.2) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump invoke from 1.7.1 to 1.7.3 (#10086) Bumps [invoke](https://github.com/pyinvoke/invoke) from 1.7.1 to 1.7.3. - [Release notes](https://github.com/pyinvoke/invoke/releases) - [Commits](https://github.com/pyinvoke/invoke/compare/1.7.1...1.7.3) --- updated-dependencies: - dependency-name: invoke dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump protobuf from 4.21.6 to 4.21.7 (#10085) Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 4.21.6 to 4.21.7. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.2.1 to 2022.4 (#10083) Bumps [pytz](https://github.com/stub42/pytz) from 2022.2.1 to 2022.4. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/commits) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10073] Unable to view Maps tab in Recent activities (#10074) Co-authored-by: Giovanni Allegri <giohappy@gmail.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump mistune from 2.0.3 to 2.0.4 (#10082) Bumps [mistune](https://github.com/lepture/mistune) from 2.0.3 to 2.0.4. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/v2.0.4/docs/changes.rst) - [Commits](https://github.com/lepture/mistune/compare/v2.0.3...v2.0.4) --- updated-dependencies: - dependency-name: mistune dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10091] improve thumbnails quality (#10092) * improve thumbnails quality * force convertion to jpeg * - update tests * - fix tests Co-authored-by: marthamareal <marthamareal@gmail.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10075] Improvements to the upload time step UI (#10094) * -[Fixes #10075] Improvements to the upload time step UI * clarify why user is inside this step Co-authored-by: Giovanni Allegri <giohappy@gmail.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump coverage from 6.4.4 to 6.5.0 (#10079) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.4 to 6.5.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.4.4...6.5.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10113] Data retriver keep kmz files even if is unzipped (#10114) * [Fixes #10113] Data retriever keeps kmz files even if are unzipped * Bump sherlock from 0.3.2 to 0.4.0 (#10116) Bumps [sherlock](https://github.com/py-sherlock/sherlock) from 0.3.2 to 0.4.0. - [Release notes](https://github.com/py-sherlock/sherlock/releases) - [Changelog](https://github.com/py-sherlock/sherlock/blob/master/CHANGELOG.rst) - [Commits](https://github.com/py-sherlock/sherlock/commits/v0.4.0) --- updated-dependencies: - dependency-name: sherlock dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10104] Sort resource APIs with created date (#10105) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump requests-toolbelt from 0.9.1 to 0.10.0 (#10118) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.9.1 to 0.10.0. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.9.1...0.10.0) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump psycopg2 from 2.9.3 to 2.9.4 (#10117) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.3 to 2.9.4. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.80 to 1.24.87 (#10107) Bumps [boto3](https://github.com/boto/boto3) from 1.24.80 to 1.24.87. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.80...1.24.87) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Dependencies] Align setup.cfg to requirements.txt (#10124) * [Fixes #10120] Celery autoscale values are too low and wrongly positioned (#10121) * [Fixes #7852] Update catalog and background layers url configuration in settings.py and related files (#9950) * -[Fixes #7852] Update catalog and background layers url configuration in settings.py and related files * - update geoid url * [Fixes #10130] Data retriever dont assign the folder/file permissions correcly (#10131) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10134] New simple renderer to generate thumbnails for PDFs (#10135) * PDF thumbnail renderer * - add unit tests * command to generate thumbnails for docs * flake fix * renamed management command * add requirement to setup.cfg * make command similar to other sync commands * removed unused import * fix flake8 Co-authored-by: marthamareal <marthamareal@gmail.com> * [Fixes #10138] Render pdf thumbnails from top margin (#10139) * render pdf thumbnails from top margin * fix flake * [Fixes #10142] storage_manager copy dont assign the folder/file permi… (#10143) * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * Bump wandb from 0.12.17 to 0.13.4 (#10152) Bumps [wandb](https://github.com/wandb/wandb) from 0.12.17 to 0.13.4. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.12.17...v0.13.4) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Update setuptools requirement from <65.5.0,>=59.1.1 to >=59.1.1,<65.6.0 (#10150) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.5.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pip from 22.2.2 to 22.3 (#10149) Bumps [pip](https://github.com/pypa/pip) from 22.2.2 to 22.3. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.2.2...22.3) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump shapely from 1.8.4 to 1.8.5.post1 (#10147) Bumps [shapely](https://github.com/shapely/shapely) from 1.8.4 to 1.8.5.post1. - [Release notes](https://github.com/shapely/shapely/releases) - [Changelog](https://github.com/shapely/shapely/blob/1.8.5.post1/CHANGES.txt) - [Commits](https://github.com/shapely/shapely/compare/1.8.4...1.8.5.post1) --- updated-dependencies: - dependency-name: shapely dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.41 to 1.4.42 (#10145) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.41 to 1.4.42. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.34.0 to 11.35.0 (#10146) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.34.0 to 11.35.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.34.0...v11.35.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.87 to 1.24.91 (#10151) Bumps [boto3](https://github.com/boto/boto3) from 1.24.87 to 1.24.91. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.87...1.24.91) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Align requirements.txt comments with 4.x (#10162) * [Fixes #10168] Add 'executions' field to concrete instance endpoints (#10169) * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10171] Dynamic rendering of document_detail view template (#10172) * add preview mode to document metadata page * Remove Return to button inside metadata detail page * [Hardening] Avoid "backup.py" failing while trying to set "w" perms on the GeoServer catalog file * Fix migrations 4x (#10176) * - Fixing migrations upg 33x -> 4x * fix migration * missing files * - Fixing migrations upg 33x -> 4x * - Fixing migrations upg 33x -> 4x Co-authored-by: mattiagiupponi <mattia.giupponi@gmail.com> * [Hardening] Make the migration '0074_drop_curated_thumbs' more robust * [Fixes #10198] uwsgi library update (#10199) * [Fixes #10195] Backup and restore procedure is not successful (#10196) * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] test fix build * [Fixes #10204] restore mapstore catalog settings (#10205) * [Fixes #10192] Include source into the ExecutionRequest model (#10193) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump oauthlib from 3.2.1 to 3.2.2 (#10189) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * fix ip whitelisting (#10218) * Update httplib2 requirement from <0.20.5 to <0.21.1 (#10227) Updates the requirements on [httplib2](https://github.com/httplib2/httplib2) to permit the latest version. - [Release notes](https://github.com/httplib2/httplib2/releases) - [Changelog](https://github.com/httplib2/httplib2/blob/master/CHANGELOG) - [Commits](https://github.com/httplib2/httplib2/compare/0.9...v0.21.0) --- updated-dependencies: - dependency-name: httplib2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump pillow from 9.1.1 to 9.3.0 (#10229) Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.1.1 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/9.1.1...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.8.0 to 22.10.0 (#10233) Bumps [twisted](https://github.com/twisted/twisted) from 22.8.0 to 22.10.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.8.0...twisted-22.10.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.91 to 1.26.0 (#10235) Bumps [boto3](https://github.com/boto/boto3) from 1.24.91 to 1.26.0. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.91...1.26.0) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.4 to 2022.6 (#10234) Bumps [pytz](https://github.com/stub42/pytz) from 2022.4 to 2022.6. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/compare/release_2022.4...release_2022.6) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.5.0 to 8.6.0 (#10228) Bumps [ipython](https://github.com/ipython/ipython) from 8.5.0 to 8.6.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.5.0...8.6.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump requests-toolbelt from 0.10.0 to 0.10.1 (#10225) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.10.0...0.10.1) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 7.1.3 to 7.2.0 (#10224) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.3 to 7.2.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.1.3...7.2.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.1 to 7.11.0 (#10223) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.1 to 7.11.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.1...7.11.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psycopg2 from 2.9.4 to 2.9.5 (#10222) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.4 to 2.9.5. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.5.0 to 2.6.0 (#10186) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/commits) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.2 to 5.9.3 (#10185) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.2 to 5.9.3. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.2...release-5.9.3) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.3 to 3.8.4 (#10184) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.3 to 3.8.4. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.3...v3.8.4) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: scripts/docker/nginx/Dockerfile to reduce vulnerabilities (#10180) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE316-CURL-3011748 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3040799 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050523 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050527 - https://snyk.io/vuln/SNYK-ALPINE316-ZLIB-2976176 Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Dependencies] Align "setup.cfg" to "requirements.txt" (#10242) * [Fixes #10251] Review geonode management command set_layers_permissions (#10252) * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Hardening] Prevent migration 0034_maplayer_extra_params_and_current_style to fail abruptly in the case the maplayer has no styles associated with it * [Fixes #10263] non admin user in fresh instance cannot create resources_ (#10264) * [Fixes #10208] Add a custom hook at the end of the permissions assign (#10213) Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Fix broken test (#10266) * Fix broken test build * Fix broken test build * Bump GeoServer to version 2.20.6 (#10164) * [Fixes #10214] metadata_only filter not working properly (#10215) * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump jsonschema from 4.16.0 to 4.17.0 (#10262) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.16.0 to 4.17.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.16.0...v4.17.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump pip from 22.3 to 22.3.1 (#10261) Bumps [pip](https://github.com/pypa/pip) from 22.3 to 22.3.1. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.3...22.3.1) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-bdd from 6.0.1 to 6.1.0 (#10260) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.0.1 to 6.1.0. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.0.1...6.1.0) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.11.0 to 8.0.0 (#10259) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.11.0 to 8.0.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.11.0...8.0.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.42 to 1.4.43 (#10258) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.42 to 1.4.43. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump docker from 6.0.0 to 6.0.1 (#10256) Bumps [docker](https://github.com/docker/docker-py) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/docker/docker-py/releases) - [Commits](https://github.com/docker/docker-py/compare/6.0.0...6.0.1) --- updated-dependencies: - dependency-name: docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump wandb from 0.13.4 to 0.13.5 (#10255) Bumps [wandb](https://github.com/wandb/wandb) from 0.13.4 to 0.13.5. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.13.4...v0.13.5) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10251] improve feedback to the user and UI experience of batch permisisons assignment (#10281) * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * Bump boto3 from 1.26.0 to 1.26.4 (#10273) Bumps [boto3](https://github.com/boto/boto3) from 1.26.0 to 1.26.4. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.0...1.26.4) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Dependencies] Align setup.cfg to requirements.txt (#10284) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" (#10288) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" * [Fixes #10270] Document creation via API v2 (#10271) * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * fix: requirements_tests.txt to reduce vulnerabilities (#10299) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 * Bump pytest-bdd from 6.1.0 to 6.1.1 (#10297) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.1.0...6.1.1) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Bump pymupdf from 1.20.2 to 1.21.0 (#10296) Bumps [pymupdf](https://github.com/pymupdf/pymupdf) from 1.20.2 to 1.21.0. - [Release notes](https://github.com/pymupdf/pymupdf/releases) - [Changelog](https://github.com/pymupdf/PyMuPDF/blob/master/changes.txt) - [Commits](https://github.com/pymupdf/pymupdf/compare/1.20.2...1.21.0) --- updated-dependencies: - dependency-name: pymupdf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.43 to 1.4.44 (#10294) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.43 to 1.4.44. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.3 to 5.9.4 (#10293) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.3 to 5.9.4. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.3...release-5.9.4) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.35.0 to 11.36.0 (#10292) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.35.0 to 11.36.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.35.0...v11.36.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump google-cloud-storage from 2.5.0 to 2.6.0 (#10291) Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/python-storage/compare/v2.5.0...v2.6.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.4 to 1.26.11 (#10312) Bumps [boto3](https://github.com/boto/boto3) from 1.26.4 to 1.26.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.4...1.26.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg with requirements.txt (#10315) * [Fixes #10303] automatic periodic TaskResult removal (#10306) * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] fix flake8 formatting Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * [Fixes #10302] Incorrect permissions assigned on cloning a resource (#10309) * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 formatting * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 * - Fix test case * [Fixes #10302] fix flake8 Co-authored-by: Alessio Fabiani <alessio.fabiani@geosolutionsgroup.com> * Create SECURITY.md (#10285) * Create SECURITY.md * Update SECURITY.md fix minor typo Co-authored-by: Florian Hoedt <gannebamm@gmail.com> * Update setuptools requirement from <65.6.0,>=59.1.1 to >=59.1.1,<65.7.0 (#10327) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v65.5.1...v65.6.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump python-slugify from 6.1.2 to 7.0.0 (#10322) Bumps [python-slugify](https://github.com/un33k/python-slugify) from 6.1.2 to 7.0.0. - [Release notes](https://github.com/un33k/python-slugify/releases) - [Changelog](https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md) - [Commits](https://github.com/un33k/python-slugify/compare/v6.1.2...v7.0.0) --- updated-dependencies: - dependency-name: python-slugify dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.11 to 1.26.14 (#10330) Bumps [boto3](https://github.com/boto/boto3) from 1.26.11 to 1.26.14. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.11...1.26.14) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump mako from 1.2.3 to 1.2.4 (#10325) Bumps [mako](https://github.com/sqlalchemy/mako) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/sqlalchemy/mako/releases) - [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/mako/commits) --- updated-dependencies: - dependency-name: mako dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump selenium-requests from 2.0.0 to 2.0.1 (#10324) Bumps [selenium-requests]() from 2.0.0 to 2.0.1. --- updated-dependencies: - dependency-name: selenium-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.4 to 3.8.5 (#10323) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.4 to 3.8.5. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.4...v3.8.5) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #9041] Docker NGINX listen on ports 80/443 (#10338) * [Dependencies] Align setup.cfg with requirements.txt (#10339) * Bump django-grappelli from 3.0.3 to 3.0.4 (#10351) Bumps [django-grappelli](https://github.com/sehmaschine/django-grappelli) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/sehmaschine/django-grappelli/releases) - [Changelog](https://github.com/sehmaschine/django-grappelli/blob/master/docs/changelog.rst) - [Commits](https://github.com/sehmaschine/django-grappelli/compare/3.0.3...3.0.4) --- updated-dependencies: - dependency-name: django-grappelli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: requirements_dev.txt to reduce vulnerabilities (#10300) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * changed bbox_polygon and llbox_polygone to read only in serializer for #10316 (#10317) Co-authored-by: mattiagiupponi <51856725+mattiagiupponi@users.noreply.github.com> Co-authored-by: Giovanni Allegri <giohappy@gmail.com> * Bump urllib3 from 1.26.12 to 1.26.13 (#10350) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.12 to 1.26.13. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/1.26.13/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.12...1.26.13) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.17.0 to 4.17.1 (#10349) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.17.0 to 4.17.1. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.17.0...v4.17.1) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.14 to 1.26.17 (#10354) Bumps [boto3](https://github.com/boto/boto3) from 1.26.14 to 1.26.17. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.14...1.26.17) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flake8 from 5.0.4 to 6.0.0 (#10348) Bumps [flake8](https://github.com/pycqa/flake8) from 5.0.4 to 6.0.0. - [Release notes](https://github.com/pycqa/flake8/releases) - [Commits](https://github.com/pycqa/flake8/compare/5.0.4...6.0.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align "setup.cfg" to "requirements.txt" (#10363) * [CLA] Add MalteIwanicki to clabot (#10381) * Bump jsonschema from 4.17.1 to 4.17.3 (#10372) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.17.1 to 4.17.3. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.17.1...v4.17.3) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot]…

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 12, 2022

cla-bot bot added the cla-signed CLA Bot: community license agreement signed label Sep 12, 2022

afabiani added the backport 4.0.x label Sep 12, 2022

afabiani added this to the 4.0.1 milestone Sep 12, 2022

dependabot bot force-pushed the dependabot/pip/sqlalchemy-1.4.41 branch 5 times, most recently from 1e04c02 to 0ee78fd Compare September 12, 2022 09:32

dependabot bot force-pushed the dependabot/pip/sqlalchemy-1.4.41 branch from 0ee78fd to 20076c3 Compare September 12, 2022 10:31

afabiani approved these changes Sep 12, 2022

View reviewed changes

afabiani merged commit 418d38d into master Sep 12, 2022

afabiani deleted the dependabot/pip/sqlalchemy-1.4.41 branch September 12, 2022 12:47

github-actions bot mentioned this pull request Sep 12, 2022

[Backport 4.0.x] Bump sqlalchemy from 1.4.40 to 1.4.41 #10015

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump sqlalchemy from 1.4.40 to 1.4.41 #10005

Bump sqlalchemy from 1.4.40 to 1.4.41 #10005

dependabot bot commented on behalf of github Sep 12, 2022 •

edited

Loading

codecov bot commented Sep 12, 2022 •

edited

Loading

Bump sqlalchemy from 1.4.40 to 1.4.41 #10005

Bump sqlalchemy from 1.4.40 to 1.4.41 #10005

Conversation

dependabot bot commented on behalf of github Sep 12, 2022 • edited Loading

1.4.41

orm

sql

codecov bot commented Sep 12, 2022 • edited Loading

Codecov Report

dependabot bot commented on behalf of github Sep 12, 2022 •

edited

Loading

codecov bot commented Sep 12, 2022 •

edited

Loading