From f41f499307ccc21d077cc3e8750e01e197688593 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 14:58:35 +0300 Subject: [PATCH 01/13] Bump python-ldap from 3.0.0 to 3.2.0 in /cvat/requirements (#1706) Bumps [python-ldap](https://github.com/python-ldap/python-ldap) from 3.0.0 to 3.2.0. - [Release notes](https://github.com/python-ldap/python-ldap/releases) - [Commits](https://github.com/python-ldap/python-ldap/compare/python-ldap-3.0.0...python-ldap-3.2.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index c8c69b708d69..5eec1fcc24ad 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -8,7 +8,7 @@ django-rq==2.0.0 EasyProcess==0.2.3 Pillow==7.1.2 numpy==1.16.2 -python-ldap==3.0.0 +python-ldap==3.2.0 pytz==2018.3 pyunpack==0.1.2 rcssmin==1.0.6 From 4f7a9aec0fc8372aaf5f78ef46d8156b64b01d45 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 14:59:08 +0300 Subject: [PATCH 02/13] Bump shapely from 1.6.4.post2 to 1.7.0 in /cvat/requirements (#1709) Bumps [shapely](https://github.com/Toblerity/Shapely) from 1.6.4.post2 to 1.7.0. - [Release notes](https://github.com/Toblerity/Shapely/releases) - [Changelog](https://github.com/Toblerity/Shapely/blob/master/CHANGES.txt) - [Commits](https://github.com/Toblerity/Shapely/compare/1.6.4.post2...1.7.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index 5eec1fcc24ad..5da2490c6033 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -31,7 +31,7 @@ Markdown==3.2.2 djangorestframework==3.9.3 Pygments==2.6.1 drf-yasg==1.17.0 -Shapely==1.6.4.post2 +Shapely==1.7.0 pdf2image==1.6.0 pascal_voc_writer==0.1.4 django-rest-auth[with_social]==0.9.5 From 61c4eb0cdde0740c870928c5192dd384d03b3aaa Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 14:59:36 +0300 Subject: [PATCH 03/13] Bump pylint-django from 0.9.4 to 2.0.15 in /cvat/requirements (#1711) Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 0.9.4 to 2.0.15. - [Release notes](https://github.com/PyCQA/pylint-django/releases) - [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst) - [Commits](https://github.com/PyCQA/pylint-django/compare/0.9.4...v2.0.15) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/development.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/development.txt b/cvat/requirements/development.txt index ec53eb584733..4d03bc92a4bb 100644 --- a/cvat/requirements/development.txt +++ b/cvat/requirements/development.txt @@ -4,7 +4,7 @@ isort==4.3.21 lazy-object-proxy==1.3.1 mccabe==0.6.1 pylint==2.3.1 -pylint-django==0.9.4 +pylint-django==2.0.15 pylint-plugin-utils==0.2.6 rope==0.11 wrapt==1.12.1 From 4ed9a3c01ecf20269b409b9f72d1435ec4ad9813 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:00:02 +0300 Subject: [PATCH 04/13] Bump django-cacheops from 4.0.6 to 5.0 in /cvat/requirements (#1710) Bumps [django-cacheops](https://github.com/Suor/django-cacheops) from 4.0.6 to 5.0. - [Release notes](https://github.com/Suor/django-cacheops/releases) - [Changelog](https://github.com/Suor/django-cacheops/blob/master/CHANGELOG) - [Commits](https://github.com/Suor/django-cacheops/compare/4.0.6...5.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index 5da2490c6033..1ceb96ce61ca 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -2,7 +2,7 @@ click==6.7 Django==2.2.13 django-appconf==1.0.2 django-auth-ldap==1.4.0 -django-cacheops==4.0.6 +django-cacheops==5.0 django-compressor==2.2 django-rq==2.0.0 EasyProcess==0.2.3 From e565d4adf5f5455826703cbabb5963fe9c8257d5 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:00:26 +0300 Subject: [PATCH 05/13] Bump django-cors-headers from 3.2.0 to 3.3.0 in /cvat/requirements (#1708) Bumps [django-cors-headers](https://github.com/adamchainz/django-cors-headers) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/adamchainz/django-cors-headers/releases) - [Changelog](https://github.com/adamchainz/django-cors-headers/blob/master/HISTORY.rst) - [Commits](https://github.com/adamchainz/django-cors-headers/compare/3.2.0...3.3.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index 1ceb96ce61ca..c02af3425f24 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -43,7 +43,7 @@ keras==2.3.1 opencv-python==4.1.0.25 h5py==2.9.0 imgaug==0.2.9 -django-cors-headers==3.2.0 +django-cors-headers==3.3.0 furl==2.0.0 av==6.2.0 # The package is used by pyunpack as a command line tool to support multiple From 4e8d9f1324f01630eb1bc93646b556135b1b028e Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:11:29 +0300 Subject: [PATCH 06/13] Bump rq-scheduler from 0.9.1 to 0.10.0 in /cvat/requirements (#1707) Bumps [rq-scheduler](https://github.com/rq/rq-scheduler) from 0.9.1 to 0.10.0. - [Release notes](https://github.com/rq/rq-scheduler/releases) - [Changelog](https://github.com/rq/rq-scheduler/blob/master/CHANGELOG.md) - [Commits](https://github.com/rq/rq-scheduler/compare/v0.9.1...v0.10.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index c02af3425f24..732e8f520f86 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -16,7 +16,7 @@ redis==3.2.0 requests==2.23.0 rjsmin==1.0.12 rq==1.0.0 -rq-scheduler==0.9.1 +rq-scheduler==0.10.0 scipy==1.4.1 sqlparse==0.2.4 django-sendfile==0.3.11 From c15c6396d4be38fbf4004ed4b2d39875335b3280 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:15:27 +0300 Subject: [PATCH 07/13] Bump astroid from 2.2.5 to 2.4.2 in /cvat/requirements (#1700) Bumps [astroid](https://github.com/PyCQA/astroid) from 2.2.5 to 2.4.2. - [Release notes](https://github.com/PyCQA/astroid/releases) - [Changelog](https://github.com/PyCQA/astroid/blob/master/ChangeLog) - [Commits](https://github.com/PyCQA/astroid/compare/astroid-2.2.5...astroid-2.4.2) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/development.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/development.txt b/cvat/requirements/development.txt index 4d03bc92a4bb..e15ae68a01bf 100644 --- a/cvat/requirements/development.txt +++ b/cvat/requirements/development.txt @@ -1,5 +1,5 @@ -r base.txt -astroid==2.2.5 +astroid==2.4.2 isort==4.3.21 lazy-object-proxy==1.3.1 mccabe==0.6.1 From a23cd46d24894290f52e9174690901c1f099512e Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:16:02 +0300 Subject: [PATCH 08/13] Bump snakeviz from 0.4.2 to 2.1.0 in /cvat/requirements (#1691) Bumps [snakeviz](https://github.com/jiffyclub/snakeviz) from 0.4.2 to 2.1.0. - [Release notes](https://github.com/jiffyclub/snakeviz/releases) - [Changelog](https://github.com/jiffyclub/snakeviz/blob/master/CHANGES.rst) - [Commits](https://github.com/jiffyclub/snakeviz/commits) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/development.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/development.txt b/cvat/requirements/development.txt index e15ae68a01bf..a83e15f3b39d 100644 --- a/cvat/requirements/development.txt +++ b/cvat/requirements/development.txt @@ -10,4 +10,4 @@ rope==0.11 wrapt==1.12.1 django-extensions==2.0.6 Werkzeug==0.15.3 -snakeviz==0.4.2 +snakeviz==2.1.0 From 2c70e8a401d70fbcd804866d66dff780c52ad891 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:16:41 +0300 Subject: [PATCH 09/13] Bump djangorestframework from 3.9.3 to 3.11.0 in /cvat/requirements (#1675) Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.9.3 to 3.11.0. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.9.3...3.11.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index 732e8f520f86..7c5be7d9d7f3 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -28,7 +28,7 @@ GitPython==3.1.3 coreapi==2.3.3 django-filter==2.0.0 Markdown==3.2.2 -djangorestframework==3.9.3 +djangorestframework==3.11.0 Pygments==2.6.1 drf-yasg==1.17.0 Shapely==1.7.0 From 1fb7e5bf6d2fd5ccb57cc7285c486d9f2c63cef8 Mon Sep 17 00:00:00 2001 From: zhiltsov-max Date: Mon, 15 Jun 2020 15:26:25 +0300 Subject: [PATCH 10/13] Fix frame step export for image tasks (#1615) * use absolute frame numbers in interface * update changelog Co-authored-by: Nikita Manovich <40690625+nmanovic@users.noreply.github.com> --- CHANGELOG.md | 3 ++ cvat/apps/dataset_manager/bindings.py | 37 ++++++++++++------------ cvat/apps/dataset_manager/formats/mot.py | 4 +-- 3 files changed, 23 insertions(+), 21 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b9ad750f4e05..deccc8e63a55 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -25,6 +25,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - ### Fixed +- Problem with exported frame stepped image task () - Fixed dataset filter item representation for imageless dataset items () - Fixed interpreter crash when trying to import `tensorflow` with no AVX instructions available () - Kibana wrong working time calculation with new annotation UI use () @@ -85,6 +86,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - A problem with mask to polygons conversion when polygons are too small () - Unable to upload video with uneven size () - Fixed an issue with `z_order` having no effect on segmentations () + +### Security - Permission group whitelist check for analytics view () ## [1.0.0-beta.2] - 2020-04-30 diff --git a/cvat/apps/dataset_manager/bindings.py b/cvat/apps/dataset_manager/bindings.py index de1e91f57cbc..7c8de445e458 100644 --- a/cvat/apps/dataset_manager/bindings.py +++ b/cvat/apps/dataset_manager/bindings.py @@ -97,16 +97,21 @@ def _get_mutable_attribute_id(self, label_id, attribute_name): def _get_immutable_attribute_id(self, label_id, attribute_name): return self._get_attribute_id(label_id, attribute_name, 'immutable') + def abs_frame_id(self, relative_id): + return relative_id * self._frame_step + self._db_task.data.start_frame + + def rel_frame_id(self, absolute_id): + return (absolute_id - self._db_task.data.start_frame) // self._frame_step + def _init_frame_info(self): if hasattr(self._db_task.data, 'video'): self._frame_info = {frame: { - "path": "frame_{:06d}".format( - self._db_task.data.start_frame + frame * self._frame_step), + "path": "frame_{:06d}".format(self.abs_frame_id(frame)), "width": self._db_task.data.video.width, "height": self._db_task.data.video.height, } for frame in range(self._db_task.data.size)} else: - self._frame_info = {db_image.frame: { + self._frame_info = {self.rel_frame_id(db_image.frame): { "path": db_image.path, "width": db_image.width, "height": db_image.height, @@ -193,8 +198,7 @@ def _export_attributes(self, attributes): def _export_tracked_shape(self, shape): return TaskData.TrackedShape( type=shape["type"], - frame=self._db_task.data.start_frame + - shape["frame"] * self._frame_step, + frame=self.abs_frame_id(shape["frame"]), label=self._get_label_name(shape["label_id"]), points=shape["points"], occluded=shape["occluded"], @@ -210,8 +214,7 @@ def _export_labeled_shape(self, shape): return TaskData.LabeledShape( type=shape["type"], label=self._get_label_name(shape["label_id"]), - frame=self._db_task.data.start_frame + - shape["frame"] * self._frame_step, + frame=self.abs_frame_id(shape["frame"]), points=shape["points"], occluded=shape["occluded"], z_order=shape.get("z_order", 0), @@ -221,8 +224,7 @@ def _export_labeled_shape(self, shape): def _export_tag(self, tag): return TaskData.Tag( - frame=self._db_task.data.start_frame + - tag["frame"] * self._frame_step, + frame=self.abs_frame_id(tag["frame"]), label=self._get_label_name(tag["label_id"]), group=tag.get("group", 0), attributes=self._export_attributes(tag["attributes"]), @@ -232,7 +234,7 @@ def group_by_frame(self, include_empty=False): frames = {} def get_frame(idx): frame_info = self._frame_info[idx] - frame = self._db_task.data.start_frame + idx * self._frame_step + frame = self.abs_frame_id(idx) if frame not in frames: frames[frame] = TaskData.Frame( idx=idx, @@ -299,8 +301,7 @@ def meta(self): def _import_tag(self, tag): _tag = tag._asdict() label_id = self._get_label_id(_tag.pop('label')) - _tag['frame'] = (int(_tag['frame']) - - self._db_task.data.start_frame) // self._frame_step + _tag['frame'] = self.rel_frame_id(int(_tag['frame'])) _tag['label_id'] = label_id _tag['attributes'] = [self._import_attribute(label_id, attrib) for attrib in _tag['attributes'] @@ -316,8 +317,7 @@ def _import_attribute(self, label_id, attribute): def _import_shape(self, shape): _shape = shape._asdict() label_id = self._get_label_id(_shape.pop('label')) - _shape['frame'] = (int(_shape['frame']) - - self._db_task.data.start_frame) // self._frame_step + _shape['frame'] = self.rel_frame_id(int(_shape['frame'])) _shape['label_id'] = label_id _shape['attributes'] = [self._import_attribute(label_id, attrib) for attrib in _shape['attributes'] @@ -327,14 +327,13 @@ def _import_shape(self, shape): def _import_track(self, track): _track = track._asdict() label_id = self._get_label_id(_track.pop('label')) - _track['frame'] = (min(int(shape.frame) for shape in _track['shapes']) - - self._db_task.data.start_frame) // self._frame_step + _track['frame'] = self.rel_frame_id( + min(int(shape.frame) for shape in _track['shapes'])) _track['label_id'] = label_id _track['attributes'] = [] _track['shapes'] = [shape._asdict() for shape in _track['shapes']] for shape in _track['shapes']: - shape['frame'] = (int(shape['frame']) - \ - self._db_task.data.start_frame) // self._frame_step + shape['frame'] = self.rel_frame_id(int(shape['frame'])) _track['attributes'] = [self._import_attribute(label_id, attrib) for attrib in shape['attributes'] if self._get_immutable_attribute_id(label_id, attrib.name)] @@ -567,7 +566,7 @@ def import_dm_annotations(dm_dataset, task_data): label_cat = dm_dataset.categories()[datumaro.AnnotationType.label] for item in dm_dataset: - frame_number = match_frame(item, task_data) + frame_number = task_data.abs_frame_id(match_frame(item, task_data)) # do not store one-item groups group_map = {0: 0} diff --git a/cvat/apps/dataset_manager/formats/mot.py b/cvat/apps/dataset_manager/formats/mot.py index 4731284a75c4..7cc7c0ae43ee 100644 --- a/cvat/apps/dataset_manager/formats/mot.py +++ b/cvat/apps/dataset_manager/formats/mot.py @@ -40,7 +40,7 @@ def _import(src_file, task_data): for item in dataset: item = item.wrap(id=int(item.id) - 1) # NOTE: MOT frames start from 1 - frame_id = match_frame(item, task_data) + frame_number = task_data.abs_frame_id(match_frame(item, task_data)) for ann in item.annotations: if ann.type != datumaro.AnnotationType.bbox: @@ -57,7 +57,7 @@ def _import(src_file, task_data): outside=False, keyframe=False, z_order=ann.z_order, - frame=frame_id, + frame=frame_number, attributes=[], ) From b4600be3f74985d466e15dbdd3406776f5ffaa8d Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Tue, 16 Jun 2020 14:30:26 +0300 Subject: [PATCH 11/13] Bump django-appconf from 1.0.2 to 1.0.4 in /cvat/requirements (#1718) Bumps [django-appconf](https://github.com/django-compressor/django-appconf) from 1.0.2 to 1.0.4. - [Release notes](https://github.com/django-compressor/django-appconf/releases) - [Changelog](https://github.com/django-compressor/django-appconf/blob/develop/docs/changelog.rst) - [Commits](https://github.com/django-compressor/django-appconf/compare/v1.0.2...v1.0.4) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index 7c5be7d9d7f3..32d1d54804e1 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -1,6 +1,6 @@ click==6.7 Django==2.2.13 -django-appconf==1.0.2 +django-appconf==1.0.4 django-auth-ldap==1.4.0 django-cacheops==5.0 django-compressor==2.2 From 3adaf7eaeccc3e42f71b282bce4e42a5abbd2289 Mon Sep 17 00:00:00 2001 From: Boris Sekachev <40690378+bsekachev@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:19:03 +0300 Subject: [PATCH 12/13] [CVAT-UI] Better labels validation and fixed React warning (#1727) * Better validation * Temporary ID generation for created labels and attributes (fixes React warning) * Updated version and changelog * Fixed bug with existing labels --- CHANGELOG.md | 3 ++ cvat-ui/package-lock.json | 2 +- cvat-ui/package.json | 2 +- .../src/components/labels-editor/common.ts | 53 +++++++++++++++++++ .../components/labels-editor/raw-viewer.tsx | 24 ++++++++- 5 files changed, 80 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index deccc8e63a55..b82b13894e97 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Shortcut to change color of an activated shape in new UI (Enter) () - Shortcut to switch split mode () - Built-in search for labels when create an object or change a label () +- Better validation of labels and attributes in raw viewer () ### Changed - Removed information about e-mail from the basic user information () @@ -32,6 +33,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Wrong rexex for account name validation () - Wrong description on register view for the username field () - Wrong resolution for resizing a shape () +- React warning because of not unique keys in labels viewer () + ### Security - SQL injection in Django `CVE-2020-9402` () diff --git a/cvat-ui/package-lock.json b/cvat-ui/package-lock.json index d429a17f89d9..d7d6dc4ddb92 100644 --- a/cvat-ui/package-lock.json +++ b/cvat-ui/package-lock.json @@ -1,6 +1,6 @@ { "name": "cvat-ui", - "version": "1.3.0", + "version": "1.3.1", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/cvat-ui/package.json b/cvat-ui/package.json index 2a9f9705c084..e15f89230fee 100644 --- a/cvat-ui/package.json +++ b/cvat-ui/package.json @@ -1,6 +1,6 @@ { "name": "cvat-ui", - "version": "1.3.0", + "version": "1.3.1", "description": "CVAT single-page application", "main": "src/index.tsx", "scripts": { diff --git a/cvat-ui/src/components/labels-editor/common.ts b/cvat-ui/src/components/labels-editor/common.ts index 5ea21f53c5e1..9627be41e3cb 100644 --- a/cvat-ui/src/components/labels-editor/common.ts +++ b/cvat-ui/src/components/labels-editor/common.ts @@ -18,6 +18,59 @@ export interface Label { let id = 0; +function validateParsedAttribute(attr: Attribute): void { + if (typeof (attr.name) !== 'string') { + throw new Error(`Type of attribute name must be a string. Got value ${attr.name}`); + } + + if (!['number', 'undefined'].includes(typeof (attr.id))) { + throw new Error(`Attribute: "${attr.name}". ` + + `Type of attribute id must be a number or undefined. Got value ${attr.id}`); + } + + if (!['checkbox', 'number', 'text', 'radio', 'select'].includes((attr.input_type || '').toLowerCase())) { + throw new Error(`Attribute: "${attr.name}". ` + + `Unknown input type: ${attr.input_type}`); + } + + if (typeof (attr.mutable) !== 'boolean') { + throw new Error(`Attribute: "${attr.name}". ` + + `Mutable flag must be a boolean value. Got value ${attr.mutable}`); + } + + if (!Array.isArray(attr.values)) { + throw new Error(`Attribute: "${attr.name}". ` + + `Attribute values must be an array. Got type ${typeof (attr.values)}`); + } + + for (const value of attr.values) { + if (typeof (value) !== 'string') { + throw new Error(`Attribute: "${attr.name}". ` + + `Each value must be a string. Got value ${value}`); + } + } +} + +export function validateParsedLabel(label: Label): void { + if (typeof (label.name) !== 'string') { + throw new Error(`Type of label name must be a string. Got value ${label.name}`); + } + + if (!['number', 'undefined'].includes(typeof (label.id))) { + throw new Error(`Label "${label.name}". ` + + `Type of label id must be only a number or undefined. Got value ${label.id}`); + } + + if (!Array.isArray(label.attributes)) { + throw new Error(`Label "${label.name}". ` + + `attributes must be an array. Got type ${typeof (label.attributes)}`); + } + + for (const attr of label.attributes) { + validateParsedAttribute(attr); + } +} + export function idGenerator(): number { return --id; } diff --git a/cvat-ui/src/components/labels-editor/raw-viewer.tsx b/cvat-ui/src/components/labels-editor/raw-viewer.tsx index a19fef874796..532046f42bbf 100644 --- a/cvat-ui/src/components/labels-editor/raw-viewer.tsx +++ b/cvat-ui/src/components/labels-editor/raw-viewer.tsx @@ -12,6 +12,8 @@ import Form, { FormComponentProps } from 'antd/lib/form/Form'; import { Label, Attribute, + validateParsedLabel, + idGenerator, } from './common'; type Props = FormComponentProps & { @@ -22,7 +24,18 @@ type Props = FormComponentProps & { class RawViewer extends React.PureComponent { private validateLabels = (_: any, value: string, callback: any): void => { try { - JSON.parse(value); + const parsed = JSON.parse(value); + if (!Array.isArray(parsed)) { + callback('Field is expected to be a JSON array'); + } + + for (const label of parsed) { + try { + validateParsedLabel(label); + } catch (error) { + callback(error.toString()); + } + } } catch (error) { callback(error.toString()); } @@ -39,7 +52,14 @@ class RawViewer extends React.PureComponent { e.preventDefault(); form.validateFields((error, values): void => { if (!error) { - onSubmit(JSON.parse(values.labels)); + const parsed = JSON.parse(values.labels); + for (const label of parsed) { + label.id = label.id || idGenerator(); + for (const attr of label.attributes) { + attr.id = attr.id || idGenerator(); + } + } + onSubmit(parsed); } }); }; From 587ca4dbfd0741fa62037432fe2387bf1095b2cd Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Tue, 16 Jun 2020 15:31:04 +0300 Subject: [PATCH 13/13] Bump django-compressor from 2.2 to 2.4 in /cvat/requirements (#1720) Bumps [django-compressor](https://github.com/django-compressor/django-compressor) from 2.2 to 2.4. - [Release notes](https://github.com/django-compressor/django-compressor/releases) - [Changelog](https://github.com/django-compressor/django-compressor/blob/develop/docs/changelog.txt) - [Commits](https://github.com/django-compressor/django-compressor/compare/2.2...2.4) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- cvat/requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt index 32d1d54804e1..7b177d37ecd3 100644 --- a/cvat/requirements/base.txt +++ b/cvat/requirements/base.txt @@ -3,7 +3,7 @@ Django==2.2.13 django-appconf==1.0.4 django-auth-ldap==1.4.0 django-cacheops==5.0 -django-compressor==2.2 +django-compressor==2.4 django-rq==2.0.0 EasyProcess==0.2.3 Pillow==7.1.2