[Fixes #10041] Review the thumbnail scaling process #10046

marthamareal · 2022-09-22T13:54:13Z

Checklist

Reviewing is a process done by project maintainers, mostly on a volunteer basis. We try to keep the overhead as small as possible and appreciate if you help us to do so by completing the following items. Feel free to ask in a comment if you have troubles with any of them.

For all pull requests:

Confirm you have read the contribution guidelines
You have sent a Contribution Licence Agreement (CLA) as necessary (not required for small changes, e.g., fixing typos in the documentation)
Make sure the first PR targets the master branch, eventual backports will be managed later. This can be ignored if the PR is fixing an issue that only happens in a specific branch, but not in newer ones.

The following are required only for core and extension modules (they are welcomed, but not required, for contrib modules):

There is a ticket in https://github.com/GeoNode/geonode/issues describing the issue/improvement/feature (a notable exemption is, changes not visible to end-users)
The issue connected to the PR must have Labels and Milestone assigned
PR for bug fixes and small new features are presented as a single commit
Commit message must be in the form "[Fixes #<issue_number>] Title of the Issue"
New unit tests have been added covering the changes, unless there is an explanation on why the tests are not necessary/implemented
This PR passes all existing unit tests (test results will be reported by travis-ci after opening this PR)
This PR passes the QA checks: flake8 geonode
Commits changing the settings, UI, existing user workflows, or adding new functionality, need to include documentation updates
Commits adding new texts do use gettext and have updated .po / .mo files (without location infos)

Submitting the PR does not require you to check all items, but by the time it gets merged, they should be either satisfied or inapplicable.

lgtm-com · 2022-09-26T08:57:32Z

This pull request introduces 6 alerts and fixes 2 when merging 7895c7b into 540024f - view on LGTM.com

new alerts:

6 for Unused import

fixed alerts:

2 for Unused local variable

lgtm-com · 2022-09-26T09:30:51Z

This pull request fixes 2 alerts when merging d52755c into 540024f - view on LGTM.com

fixed alerts:

2 for Unused local variable

lgtm-com · 2022-09-26T10:52:25Z

This pull request fixes 2 alerts when merging df7abe7 into 5d66cca - view on LGTM.com

fixed alerts:

2 for Unused local variable

codecov · 2022-09-26T11:19:09Z

Codecov Report

Merging #10046 (453eb1c) into master (a6a1901) will increase coverage by 0.03%.
The diff coverage is 100.00%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #10046      +/-   ##
==========================================
+ Coverage   61.45%   61.48%   +0.03%     
==========================================
  Files         824      823       -1     
  Lines       50510    50482      -28     
  Branches     7760     7755       -5     
==========================================
- Hits        31041    31040       -1     
+ Misses      17794    17768      -26     
+ Partials     1675     1674       -1

giohappy

@marthamareal is this code already covered with tests?

lgtm-com · 2022-09-28T08:29:03Z

This pull request fixes 2 alerts when merging 4faa1a3 into 2cca742 - view on LGTM.com

fixed alerts:

2 for Unused local variable

marthamareal · 2022-09-28T08:38:08Z

@marthamareal is this code already covered with tests?

The create_document_thumbnail is patched in some tests, however am going to add some tests for the size configured in settings and also thumbnail for non-image docs

mattiagiupponi

Hi @marthamareal, follows questions:

In the issue, only the downscale from the document parts is mentioned, but I guess that changing the settings will have an impact also on the other resources. Can you confirm this?
I guess that re-specify the default value in the models is redundant. The setting is static (which means that is always coded in the file) and already has defaulted, so in the future, if we need to change the default size, we can rely only on the settings without changing in other parts of the code
The LGTM bot is raising a couple of issues with the variable names
Can you please add a couple of tests to verify that is working as expected and that there aren't regressions for the other resources?

marthamareal · 2022-09-28T10:37:10Z

Hi @marthamareal, follows questions:

In the issue, only the downscale from the document parts is mentioned, but I guess that changing the settings will have an impact also on the other resources. Can you confirm this?

I guess that re-specify the default value in the models is redundant. The setting is static (which means that is always coded in the file) and already has defaulted, so in the future, if we need to change the default size, we can rely only on the settings without changing in other parts of the code

The LGTM bot is raising a couple of issues with the variable names

Can you please add a couple of tests to verify that is working as expected and that there aren't regressions for the other resources?

@mattiagiupponi I have updated the PR with tests and suggested changes. Changing the settings has no effect because the setting which was being used THUMBNAIL_GENERATOR_DEFAULT_SIZE does not exist so the code was always using the default given. The LGTM shows fixed issues no new issues. Other resources are not affected because they have tests regarding thumbs and are passing. (also tested manually).

lgtm-com · 2022-09-28T10:39:10Z

This pull request fixes 2 alerts when merging 4798ce5 into a6a1901 - view on LGTM.com

fixed alerts:

2 for Unused local variable

lgtm-com · 2022-09-28T11:45:28Z

This pull request fixes 2 alerts when merging d62477b into a6a1901 - view on LGTM.com

fixed alerts:

2 for Unused local variable

lgtm-com · 2022-09-28T13:29:27Z

This pull request fixes 2 alerts when merging 453eb1c into a6a1901 - view on LGTM.com

fixed alerts:

2 for Unused local variable

giohappy · 2022-09-29T09:11:25Z

Just a note for the future, we're dropping unoconv renderer since it's not maintained anymore, so it's unlikely that it will ever be installed.

Maybe we can consider the new alternative, unoserver, but not being installed by default we should in case consider to develop it as an external contrib moduke.

mattiagiupponi · 2022-09-29T09:34:11Z

note: LGTM raise an issue, but actually is fixed:

* -[Fixes #10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests

* -[Fixes #10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests Co-authored-by: NAGGINDA MARTHA <[email protected]>

…0046) (GeoNode#10069) * -[Fixes GeoNode#10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests Co-authored-by: NAGGINDA MARTHA <[email protected]>

…0046) * -[Fixes GeoNode#10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests

Bump pyopenssl from 22.0.0 to 22.1.0 (GeoNode#10049) Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 22.0.0 to 22.1.0. - [Release notes](https://github.com/pyca/pyopenssl/releases) - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](pyca/pyopenssl@22.0.0...22.1.0) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> Bump djangorestframework from 3.12.0 to 3.14.0 (GeoNode#10048) Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.0 to 3.14.0. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](encode/django-rest-framework@3.12.0...3.14.0) --- updated-dependencies: - dependency-name: djangorestframework dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Revert "Bump djangorestframework from 3.12.0 to 3.14.0 (GeoNode#10048)" (GeoNode#10062) This reverts commit 7556656. [Dependencies] Align setup.cfg with requirements.txt (GeoNode#10061) * [Dependencies] Align setup.cfg with requirements.txt * Revert "Bump djangorestframework from 3.12.0 to 3.14.0" [CLA] Add "edsonflavio" to .clabot Complete Translate pt_BR (GeoNode#10056) Tradução completa da localização para Português Brasileiro. Complete translate for pt_BR localization. Co-authored-by: Alessio Fabiani <[email protected]> [Fixes GeoNode#10041] Review the thumbnail scaling process (GeoNode#10046) * -[Fixes GeoNode#10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests [Fixes GeoNode#10066][Depencendies] Security audit and checks (GeoNode#10067) * [Fixes GeoNode#10066][Depencendies] Security audit and checks * -SNYK security fix [Fixes GeoNode#10055] Modify Metadata form with permissions check (GeoNode#10057) * -[Fixes GeoNode#10055] Modify Metadata form with permissions check * - check user in form * - update tests * - add tests Co-authored-by: Giovanni Allegri <[email protected]> Bump django-mptt from 0.13.4 to 0.14.0 (GeoNode#10081) Bumps [django-mptt](https://github.com/django-mptt/django-mptt) from 0.13.4 to 0.14.0. - [Release notes](https://github.com/django-mptt/django-mptt/releases) - [Changelog](https://github.com/django-mptt/django-mptt/blob/main/CHANGELOG.rst) - [Commits](django-mptt/django-mptt@0.13.4...0.14) --- updated-dependencies: - dependency-name: django-mptt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> [Fixes GeoNode#10070] Let the resource manager handle also raw sld (GeoNode#10071) * [Fixes GeoNode#10070] Let the resource manager handle also raw sld * [Fixes GeoNode#10070] Let the resource manager handle also raw sld * [Fixes GeoNode#10070] Let the resource manager handle also raw sld Update django-invitations requirement from <1.9.4 to <2.0.1 (GeoNode#10084) * Update django-invitations requirement from <1.9.4 to <2.0.1 Updates the requirements on [django-invitations](https://github.com/jazzband/django-invitations) to permit the latest version. - [Release notes](https://github.com/jazzband/django-invitations/releases) - [Changelog](https://github.com/jazzband/django-invitations/blob/master/CHANGELOG.md) - [Commits](jazzband/django-invitations@0.1...2.0.0) --- updated-dependencies: - dependency-name: django-invitations dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * - fix the adapter Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: afabiani <[email protected]> fix: requirements.txt to reduce vulnerabilities (GeoNode#10099) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3039675 Bump drf-spectacular from 0.24.1 to 0.24.2 (GeoNode#10088) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.1 to 0.24.2. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](tfranzel/drf-spectacular@0.24.1...0.24.2) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> Bump invoke from 1.7.1 to 1.7.3 (GeoNode#10086) Bumps [invoke](https://github.com/pyinvoke/invoke) from 1.7.1 to 1.7.3. - [Release notes](https://github.com/pyinvoke/invoke/releases) - [Commits](pyinvoke/invoke@1.7.1...1.7.3) --- updated-dependencies: - dependency-name: invoke dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Lokalno Lokalno 1 Bez .env

* Bump oauthlib from 3.2.0 to 3.2.1 (#9998) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.0 to 3.2.1. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/master/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.0...v3.2.1) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.15.0 to 4.16.0 (#9999) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.15.0 to 4.16.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.15.0...v4.16.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-splinter from 3.3.1 to 3.3.2 (#10000) Bumps [pytest-splinter](https://github.com/pytest-dev/pytest-splinter) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/pytest-dev/pytest-splinter/releases) - [Changelog](https://github.com/pytest-dev/pytest-splinter/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-splinter/compare/3.3.1...3.3.2) --- updated-dependencies: - dependency-name: pytest-splinter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.33.0 to 11.34.0 (#10001) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.33.0 to 11.34.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.33.0...v11.34.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.0 to 7.10.1 (#10006) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.0 to 7.10.1. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.0...7.10.1) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update pyproj requirement from <3.3.0 to <3.5.0 (#10002) Updates the requirements on [pyproj](https://github.com/pyproj4/pyproj) to permit the latest version. - [Release notes](https://github.com/pyproj4/pyproj/releases) - [Changelog](https://github.com/pyproj4/pyproj/blob/main/docs/history.rst) - [Commits](https://github.com/pyproj4/pyproj/compare/v1.9.4rel...3.4.0) --- updated-dependencies: - dependency-name: pyproj dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.40 to 1.4.41 (#10005) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.40 to 1.4.41. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.4.0 to 22.8.0 (#10007) Bumps [twisted](https://github.com/twisted/twisted) from 22.4.0 to 22.8.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.4.0...twisted-22.8.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.4.0 to 8.5.0 (#10004) Bumps [ipython](https://github.com/ipython/ipython) from 8.4.0 to 8.5.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.4.0...8.5.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.66 to 1.24.70 (#10003) Bumps [boto3](https://github.com/boto/boto3) from 1.24.66 to 1.24.70. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.66...1.24.70) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg to requirements.txt (#10019) * Bump to version 4.0.1 (cherry picked from commit 43cb8049b488b23bbc4886ca9e28d95f8329cf65) * Bump to version 4.0.2 dev 0 (cherry picked from commit c4bd604e1aa453cd9c6b718792e156e8bdf86e3b) # Conflicts: # requirements.txt # setup.cfg * Bump boto3 from 1.24.70 to 1.24.75 (#10031) Bumps [boto3](https://github.com/boto/boto3) from 1.24.70 to 1.24.75. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.70...1.24.75) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump smart-open from 6.1.0 to 6.2.0 (#10030) Bumps [smart-open](https://github.com/piskvorky/smart_open) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/piskvorky/smart_open/releases) - [Changelog](https://github.com/RaRe-Technologies/smart_open/blob/develop/CHANGELOG.md) - [Commits](https://github.com/piskvorky/smart_open/compare/v6.1.0...v6.2.0) --- updated-dependencies: - dependency-name: smart-open dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump drf-spectacular from 0.23.1 to 0.24.0 (#10029) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.23.1 to 0.24.0. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.23.1...0.24.0) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update idna requirement from <2.11,>=2.5 to >=2.5,<3.5 (#10028) Updates the requirements on [idna](https://github.com/kjd/idna) to permit the latest version. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v2.5...v3.4) --- updated-dependencies: - dependency-name: idna dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.4.0 to 2.5.0 (#10027) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10024] Wrong default style when creating layer (#10035) (cherry picked from commit 40fae5b3240ddf5b033688ce1891d7e7f1cfc304) Co-authored-by: Alessio Fabiani <[email protected]> * add installation type to issue template (#10042) * [Dependencies] Align setup.cfg with requirements.txt (#10038) * [Fixes #10040] Remove auto-generated thumbnail for documents (#10045) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - add migration to clean available thumbs * - fix migration * - modify functionality * Bump drf-spectacular from 0.24.0 to 0.24.1 (#10051) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.0 to 0.24.1. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.0...0.24.1) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Update setuptools requirement from <65.4.0,>=59.1.1 to >=59.1.1,<65.5.0 (#10047) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.4.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.75 to 1.24.80 (#10050) Bumps [boto3](https://github.com/boto/boto3) from 1.24.75 to 1.24.80. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.75...1.24.80) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyopenssl from 22.0.0 to 22.1.0 (#10049) Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 22.0.0 to 22.1.0. - [Release notes](https://github.com/pyca/pyopenssl/releases) - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/pyopenssl/compare/22.0.0...22.1.0) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump djangorestframework from 3.12.0 to 3.14.0 (#10048) Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.0 to 3.14.0. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.12.0...3.14.0) --- updated-dependencies: - dependency-name: djangorestframework dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Bump djangorestframework from 3.12.0 to 3.14.0 (#10048)" (#10062) This reverts commit 75566560538b38c59873ed9fb7951acc3ba0edfa. * [Dependencies] Align setup.cfg with requirements.txt (#10061) * [Dependencies] Align setup.cfg with requirements.txt * Revert "Bump djangorestframework from 3.12.0 to 3.14.0" * [CLA] Add "edsonflavio" to .clabot * Complete Translate pt_BR (#10056) Tradução completa da localização para Português Brasileiro. Complete translate for pt_BR localization. Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10041] Review the thumbnail scaling process (#10046) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests * [Fixes #10066][Depencendies] Security audit and checks (#10067) * [Fixes #10066][Depencendies] Security audit and checks * -SNYK security fix * [Fixes #10055] Modify Metadata form with permissions check (#10057) * -[Fixes #10055] Modify Metadata form with permissions check * - check user in form * - update tests * - add tests Co-authored-by: Giovanni Allegri <[email protected]> * Bump django-mptt from 0.13.4 to 0.14.0 (#10081) Bumps [django-mptt](https://github.com/django-mptt/django-mptt) from 0.13.4 to 0.14.0. - [Release notes](https://github.com/django-mptt/django-mptt/releases) - [Changelog](https://github.com/django-mptt/django-mptt/blob/main/CHANGELOG.rst) - [Commits](https://github.com/django-mptt/django-mptt/compare/0.13.4...0.14) --- updated-dependencies: - dependency-name: django-mptt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10070] Let the resource manager handle also raw sld (#10071) * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * Update django-invitations requirement from <1.9.4 to <2.0.1 (#10084) * Update django-invitations requirement from <1.9.4 to <2.0.1 Updates the requirements on [django-invitations](https://github.com/jazzband/django-invitations) to permit the latest version. - [Release notes](https://github.com/jazzband/django-invitations/releases) - [Changelog](https://github.com/jazzband/django-invitations/blob/master/CHANGELOG.md) - [Commits](https://github.com/jazzband/django-invitations/compare/0.1...2.0.0) --- updated-dependencies: - dependency-name: django-invitations dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * - fix the adapter Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: afabiani <[email protected]> * fix: requirements.txt to reduce vulnerabilities (#10099) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3039675 * Bump drf-spectacular from 0.24.1 to 0.24.2 (#10088) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.1 to 0.24.2. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.1...0.24.2) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump invoke from 1.7.1 to 1.7.3 (#10086) Bumps [invoke](https://github.com/pyinvoke/invoke) from 1.7.1 to 1.7.3. - [Release notes](https://github.com/pyinvoke/invoke/releases) - [Commits](https://github.com/pyinvoke/invoke/compare/1.7.1...1.7.3) --- updated-dependencies: - dependency-name: invoke dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump protobuf from 4.21.6 to 4.21.7 (#10085) Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 4.21.6 to 4.21.7. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.2.1 to 2022.4 (#10083) Bumps [pytz](https://github.com/stub42/pytz) from 2022.2.1 to 2022.4. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/commits) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10073] Unable to view Maps tab in Recent activities (#10074) Co-authored-by: Giovanni Allegri <[email protected]> Co-authored-by: Alessio Fabiani <[email protected]> * Bump mistune from 2.0.3 to 2.0.4 (#10082) Bumps [mistune](https://github.com/lepture/mistune) from 2.0.3 to 2.0.4. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/v2.0.4/docs/changes.rst) - [Commits](https://github.com/lepture/mistune/compare/v2.0.3...v2.0.4) --- updated-dependencies: - dependency-name: mistune dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10091] improve thumbnails quality (#10092) * improve thumbnails quality * force convertion to jpeg * - update tests * - fix tests Co-authored-by: marthamareal <[email protected]> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10075] Improvements to the upload time step UI (#10094) * -[Fixes #10075] Improvements to the upload time step UI * clarify why user is inside this step Co-authored-by: Giovanni Allegri <[email protected]> Co-authored-by: Alessio Fabiani <[email protected]> * Bump coverage from 6.4.4 to 6.5.0 (#10079) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.4 to 6.5.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.4.4...6.5.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10113] Data retriver keep kmz files even if is unzipped (#10114) * [Fixes #10113] Data retriever keeps kmz files even if are unzipped * Bump sherlock from 0.3.2 to 0.4.0 (#10116) Bumps [sherlock](https://github.com/py-sherlock/sherlock) from 0.3.2 to 0.4.0. - [Release notes](https://github.com/py-sherlock/sherlock/releases) - [Changelog](https://github.com/py-sherlock/sherlock/blob/master/CHANGELOG.rst) - [Commits](https://github.com/py-sherlock/sherlock/commits/v0.4.0) --- updated-dependencies: - dependency-name: sherlock dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10104] Sort resource APIs with created date (#10105) Co-authored-by: Alessio Fabiani <[email protected]> * Bump requests-toolbelt from 0.9.1 to 0.10.0 (#10118) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.9.1 to 0.10.0. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.9.1...0.10.0) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump psycopg2 from 2.9.3 to 2.9.4 (#10117) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.3 to 2.9.4. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.80 to 1.24.87 (#10107) Bumps [boto3](https://github.com/boto/boto3) from 1.24.80 to 1.24.87. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.80...1.24.87) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Dependencies] Align setup.cfg to requirements.txt (#10124) * [Fixes #10120] Celery autoscale values are too low and wrongly positioned (#10121) * [Fixes #7852] Update catalog and background layers url configuration in settings.py and related files (#9950) * -[Fixes #7852] Update catalog and background layers url configuration in settings.py and related files * - update geoid url * [Fixes #10130] Data retriever dont assign the folder/file permissions correcly (#10131) Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10134] New simple renderer to generate thumbnails for PDFs (#10135) * PDF thumbnail renderer * - add unit tests * command to generate thumbnails for docs * flake fix * renamed management command * add requirement to setup.cfg * make command similar to other sync commands * removed unused import * fix flake8 Co-authored-by: marthamareal <[email protected]> * [Fixes #10138] Render pdf thumbnails from top margin (#10139) * render pdf thumbnails from top margin * fix flake * [Fixes #10142] storage_manager copy dont assign the folder/file permi… (#10143) * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * Bump wandb from 0.12.17 to 0.13.4 (#10152) Bumps [wandb](https://github.com/wandb/wandb) from 0.12.17 to 0.13.4. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.12.17...v0.13.4) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Update setuptools requirement from <65.5.0,>=59.1.1 to >=59.1.1,<65.6.0 (#10150) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.5.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pip from 22.2.2 to 22.3 (#10149) Bumps [pip](https://github.com/pypa/pip) from 22.2.2 to 22.3. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.2.2...22.3) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump shapely from 1.8.4 to 1.8.5.post1 (#10147) Bumps [shapely](https://github.com/shapely/shapely) from 1.8.4 to 1.8.5.post1. - [Release notes](https://github.com/shapely/shapely/releases) - [Changelog](https://github.com/shapely/shapely/blob/1.8.5.post1/CHANGES.txt) - [Commits](https://github.com/shapely/shapely/compare/1.8.4...1.8.5.post1) --- updated-dependencies: - dependency-name: shapely dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.41 to 1.4.42 (#10145) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.41 to 1.4.42. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.34.0 to 11.35.0 (#10146) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.34.0 to 11.35.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.34.0...v11.35.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.87 to 1.24.91 (#10151) Bumps [boto3](https://github.com/boto/boto3) from 1.24.87 to 1.24.91. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.87...1.24.91) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Align requirements.txt comments with 4.x (#10162) * [Fixes #10168] Add 'executions' field to concrete instance endpoints (#10169) * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10171] Dynamic rendering of document_detail view template (#10172) * add preview mode to document metadata page * Remove Return to button inside metadata detail page * [Hardening] Avoid "backup.py" failing while trying to set "w" perms on the GeoServer catalog file * Fix migrations 4x (#10176) * - Fixing migrations upg 33x -> 4x * fix migration * missing files * - Fixing migrations upg 33x -> 4x * - Fixing migrations upg 33x -> 4x Co-authored-by: mattiagiupponi <[email protected]> * [Hardening] Make the migration '0074_drop_curated_thumbs' more robust * [Fixes #10198] uwsgi library update (#10199) * [Fixes #10195] Backup and restore procedure is not successful (#10196) * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] test fix build * [Fixes #10204] restore mapstore catalog settings (#10205) * [Fixes #10192] Include source into the ExecutionRequest model (#10193) Co-authored-by: Alessio Fabiani <[email protected]> * Bump oauthlib from 3.2.1 to 3.2.2 (#10189) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * fix ip whitelisting (#10218) * Update httplib2 requirement from <0.20.5 to <0.21.1 (#10227) Updates the requirements on [httplib2](https://github.com/httplib2/httplib2) to permit the latest version. - [Release notes](https://github.com/httplib2/httplib2/releases) - [Changelog](https://github.com/httplib2/httplib2/blob/master/CHANGELOG) - [Commits](https://github.com/httplib2/httplib2/compare/0.9...v0.21.0) --- updated-dependencies: - dependency-name: httplib2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump pillow from 9.1.1 to 9.3.0 (#10229) Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.1.1 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/9.1.1...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.8.0 to 22.10.0 (#10233) Bumps [twisted](https://github.com/twisted/twisted) from 22.8.0 to 22.10.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.8.0...twisted-22.10.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.91 to 1.26.0 (#10235) Bumps [boto3](https://github.com/boto/boto3) from 1.24.91 to 1.26.0. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.91...1.26.0) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.4 to 2022.6 (#10234) Bumps [pytz](https://github.com/stub42/pytz) from 2022.4 to 2022.6. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/compare/release_2022.4...release_2022.6) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.5.0 to 8.6.0 (#10228) Bumps [ipython](https://github.com/ipython/ipython) from 8.5.0 to 8.6.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.5.0...8.6.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump requests-toolbelt from 0.10.0 to 0.10.1 (#10225) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.10.0...0.10.1) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 7.1.3 to 7.2.0 (#10224) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.3 to 7.2.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.1.3...7.2.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.1 to 7.11.0 (#10223) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.1 to 7.11.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.1...7.11.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psycopg2 from 2.9.4 to 2.9.5 (#10222) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.4 to 2.9.5. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.5.0 to 2.6.0 (#10186) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/commits) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.2 to 5.9.3 (#10185) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.2 to 5.9.3. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.2...release-5.9.3) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.3 to 3.8.4 (#10184) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.3 to 3.8.4. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.3...v3.8.4) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: scripts/docker/nginx/Dockerfile to reduce vulnerabilities (#10180) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE316-CURL-3011748 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3040799 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050523 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050527 - https://snyk.io/vuln/SNYK-ALPINE316-ZLIB-2976176 Co-authored-by: Alessio Fabiani <[email protected]> * [Dependencies] Align "setup.cfg" to "requirements.txt" (#10242) * [Fixes #10251] Review geonode management command set_layers_permissions (#10252) * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Hardening] Prevent migration 0034_maplayer_extra_params_and_current_style to fail abruptly in the case the maplayer has no styles associated with it * [Fixes #10263] non admin user in fresh instance cannot create resources_ (#10264) * [Fixes #10208] Add a custom hook at the end of the permissions assign (#10213) Co-authored-by: Alessio Fabiani <[email protected]> * Fix broken test (#10266) * Fix broken test build * Fix broken test build * Bump GeoServer to version 2.20.6 (#10164) * [Fixes #10214] metadata_only filter not working properly (#10215) * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly Co-authored-by: Alessio Fabiani <[email protected]> * Bump jsonschema from 4.16.0 to 4.17.0 (#10262) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.16.0 to 4.17.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.16.0...v4.17.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump pip from 22.3 to 22.3.1 (#10261) Bumps [pip](https://github.com/pypa/pip) from 22.3 to 22.3.1. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.3...22.3.1) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-bdd from 6.0.1 to 6.1.0 (#10260) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.0.1 to 6.1.0. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.0.1...6.1.0) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.11.0 to 8.0.0 (#10259) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.11.0 to 8.0.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.11.0...8.0.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.42 to 1.4.43 (#10258) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.42 to 1.4.43. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump docker from 6.0.0 to 6.0.1 (#10256) Bumps [docker](https://github.com/docker/docker-py) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/docker/docker-py/releases) - [Commits](https://github.com/docker/docker-py/compare/6.0.0...6.0.1) --- updated-dependencies: - dependency-name: docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump wandb from 0.13.4 to 0.13.5 (#10255) Bumps [wandb](https://github.com/wandb/wandb) from 0.13.4 to 0.13.5. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.13.4...v0.13.5) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10251] improve feedback to the user and UI experience of batch permisisons assignment (#10281) * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * Bump boto3 from 1.26.0 to 1.26.4 (#10273) Bumps [boto3](https://github.com/boto/boto3) from 1.26.0 to 1.26.4. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.0...1.26.4) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Dependencies] Align setup.cfg to requirements.txt (#10284) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" (#10288) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" * [Fixes #10270] Document creation via API v2 (#10271) * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 Co-authored-by: Alessio Fabiani <[email protected]> * fix: requirements_tests.txt to reduce vulnerabilities (#10299) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 * Bump pytest-bdd from 6.1.0 to 6.1.1 (#10297) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.1.0...6.1.1) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump pymupdf from 1.20.2 to 1.21.0 (#10296) Bumps [pymupdf](https://github.com/pymupdf/pymupdf) from 1.20.2 to 1.21.0. - [Release notes](https://github.com/pymupdf/pymupdf/releases) - [Changelog](https://github.com/pymupdf/PyMuPDF/blob/master/changes.txt) - [Commits](https://github.com/pymupdf/pymupdf/compare/1.20.2...1.21.0) --- updated-dependencies: - dependency-name: pymupdf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.43 to 1.4.44 (#10294) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.43 to 1.4.44. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.3 to 5.9.4 (#10293) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.3 to 5.9.4. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.3...release-5.9.4) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.35.0 to 11.36.0 (#10292) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.35.0 to 11.36.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.35.0...v11.36.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump google-cloud-storage from 2.5.0 to 2.6.0 (#10291) Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/python-storage/compare/v2.5.0...v2.6.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.4 to 1.26.11 (#10312) Bumps [boto3](https://github.com/boto/boto3) from 1.26.4 to 1.26.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.4...1.26.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg with requirements.txt (#10315) * [Fixes #10303] automatic periodic TaskResult removal (#10306) * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] fix flake8 formatting Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10302] Incorrect permissions assigned on cloning a resource (#10309) * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 formatting * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 * - Fix test case * [Fixes #10302] fix flake8 Co-authored-by: Alessio Fabiani <[email protected]> * Create SECURITY.md (#10285) * Create SECURITY.md * Update SECURITY.md fix minor typo Co-authored-by: Florian Hoedt <[email protected]> * Update setuptools requirement from <65.6.0,>=59.1.1 to >=59.1.1,<65.7.0 (#10327) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v65.5.1...v65.6.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump python-slugify from 6.1.2 to 7.0.0 (#10322) Bumps [python-slugify](https://github.com/un33k/python-slugify) from 6.1.2 to 7.0.0. - [Release notes](https://github.com/un33k/python-slugify/releases) - [Changelog](https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md) - [Commits](https://github.com/un33k/python-slugify/compare/v6.1.2...v7.0.0) --- updated-dependencies: - dependency-name: python-slugify dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.11 to 1.26.14 (#10330) Bumps [boto3](https://github.com/boto/boto3) from 1.26.11 to 1.26.14. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.11...1.26.14) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump mako from 1.2.3 to 1.2.4 (#10325) Bumps [mako](https://github.com/sqlalchemy/mako) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/sqlalchemy/mako/releases) - [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/mako/commits) --- updated-dependencies: - dependency-name: mako dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump selenium-requests from 2.0.0 to 2.0.1 (#10324) Bumps [selenium-requests]() from 2.0.0 to 2.0.1. --- updated-dependencies: - dependency-name: selenium-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.4 to 3.8.5 (#10323) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.4 to 3.8.5. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.4...v3.8.5) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #9041] Docker NGINX listen on ports 80/443 (#10338) * [Dependencies] Align setup.cfg with requirements.txt (#10339) * Bump django-grappelli from 3.0.3 to 3.0.4 (#10351) Bumps [django-grappelli](https://github.com/sehmaschine/django-grappelli) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/sehmaschine/django-grappelli/releases) - [Changelog](https://github.com/sehmaschine/django-grappelli/blob/master/docs/changelog.rst) - [Commits](https://github.com/sehmaschine/django-grappelli/compare/3.0.3...3.0.4) --- updated-dependencies: - dependency-name: django-grappelli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: requirements_dev.txt to reduce vulnerabilities (#10300) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 Co-authored-by: snyk-bot <[email protected]> * changed bbox_polygon and llbox_polygone to read only in serializer for #10316 (#10317) Co-authored-by: mattiagiupponi <[email protected]> Co-authored-by: Giovanni Allegri <[email protected]> * Bump urllib3 from 1.26.12 to 1.26.13 (#10350) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.12 to 1.26.13. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/1.26.13/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.12...1.26.13) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.17.0 to 4.17.1 (#10349) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.17.0 to 4.17.1. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.17.0...v4.17.1) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.14 to 1.26.17 (#103…

* Bump oauthlib from 3.2.0 to 3.2.1 (#9998) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.0 to 3.2.1. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/master/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.0...v3.2.1) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.15.0 to 4.16.0 (#9999) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.15.0 to 4.16.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.15.0...v4.16.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-splinter from 3.3.1 to 3.3.2 (#10000) Bumps [pytest-splinter](https://github.com/pytest-dev/pytest-splinter) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/pytest-dev/pytest-splinter/releases) - [Changelog](https://github.com/pytest-dev/pytest-splinter/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-splinter/compare/3.3.1...3.3.2) --- updated-dependencies: - dependency-name: pytest-splinter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.33.0 to 11.34.0 (#10001) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.33.0 to 11.34.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.33.0...v11.34.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.0 to 7.10.1 (#10006) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.0 to 7.10.1. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.0...7.10.1) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update pyproj requirement from <3.3.0 to <3.5.0 (#10002) Updates the requirements on [pyproj](https://github.com/pyproj4/pyproj) to permit the latest version. - [Release notes](https://github.com/pyproj4/pyproj/releases) - [Changelog](https://github.com/pyproj4/pyproj/blob/main/docs/history.rst) - [Commits](https://github.com/pyproj4/pyproj/compare/v1.9.4rel...3.4.0) --- updated-dependencies: - dependency-name: pyproj dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.40 to 1.4.41 (#10005) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.40 to 1.4.41. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.4.0 to 22.8.0 (#10007) Bumps [twisted](https://github.com/twisted/twisted) from 22.4.0 to 22.8.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.4.0...twisted-22.8.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.4.0 to 8.5.0 (#10004) Bumps [ipython](https://github.com/ipython/ipython) from 8.4.0 to 8.5.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.4.0...8.5.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.66 to 1.24.70 (#10003) Bumps [boto3](https://github.com/boto/boto3) from 1.24.66 to 1.24.70. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.66...1.24.70) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg to requirements.txt (#10019) * Bump to version 4.0.1 (cherry picked from commit 43cb8049b488b23bbc4886ca9e28d95f8329cf65) * Bump to version 4.0.2 dev 0 (cherry picked from commit c4bd604e1aa453cd9c6b718792e156e8bdf86e3b) * Bump boto3 from 1.24.70 to 1.24.75 (#10031) Bumps [boto3](https://github.com/boto/boto3) from 1.24.70 to 1.24.75. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.70...1.24.75) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump smart-open from 6.1.0 to 6.2.0 (#10030) Bumps [smart-open](https://github.com/piskvorky/smart_open) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/piskvorky/smart_open/releases) - [Changelog](https://github.com/RaRe-Technologies/smart_open/blob/develop/CHANGELOG.md) - [Commits](https://github.com/piskvorky/smart_open/compare/v6.1.0...v6.2.0) --- updated-dependencies: - dependency-name: smart-open dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump drf-spectacular from 0.23.1 to 0.24.0 (#10029) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.23.1 to 0.24.0. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.23.1...0.24.0) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update idna requirement from <2.11,>=2.5 to >=2.5,<3.5 (#10028) Updates the requirements on [idna](https://github.com/kjd/idna) to permit the latest version. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v2.5...v3.4) --- updated-dependencies: - dependency-name: idna dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.4.0 to 2.5.0 (#10027) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10024] Wrong default style when creating layer (#10035) (cherry picked from commit 40fae5b3240ddf5b033688ce1891d7e7f1cfc304) Co-authored-by: Alessio Fabiani <[email protected]> * add installation type to issue template (#10042) * [Dependencies] Align setup.cfg with requirements.txt (#10038) * [Fixes #10040] Remove auto-generated thumbnail for documents (#10045) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - add migration to clean available thumbs * - fix migration * - modify functionality * Bump drf-spectacular from 0.24.0 to 0.24.1 (#10051) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.0 to 0.24.1. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.0...0.24.1) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Update setuptools requirement from <65.4.0,>=59.1.1 to >=59.1.1,<65.5.0 (#10047) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.4.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.75 to 1.24.80 (#10050) Bumps [boto3](https://github.com/boto/boto3) from 1.24.75 to 1.24.80. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.75...1.24.80) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyopenssl from 22.0.0 to 22.1.0 (#10049) Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 22.0.0 to 22.1.0. - [Release notes](https://github.com/pyca/pyopenssl/releases) - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/pyopenssl/compare/22.0.0...22.1.0) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump djangorestframework from 3.12.0 to 3.14.0 (#10048) Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.0 to 3.14.0. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.12.0...3.14.0) --- updated-dependencies: - dependency-name: djangorestframework dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Revert "Bump djangorestframework from 3.12.0 to 3.14.0 (#10048)" (#10062) This reverts commit 75566560538b38c59873ed9fb7951acc3ba0edfa. * [Dependencies] Align setup.cfg with requirements.txt (#10061) * [Dependencies] Align setup.cfg with requirements.txt * Revert "Bump djangorestframework from 3.12.0 to 3.14.0" * [CLA] Add "edsonflavio" to .clabot * Complete Translate pt_BR (#10056) Tradução completa da localização para Português Brasileiro. Complete translate for pt_BR localization. Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10041] Review the thumbnail scaling process (#10046) * -[Fixes #10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests * [Fixes #10066][Depencendies] Security audit and checks (#10067) * [Fixes #10066][Depencendies] Security audit and checks * -SNYK security fix * [Fixes #10055] Modify Metadata form with permissions check (#10057) * -[Fixes #10055] Modify Metadata form with permissions check * - check user in form * - update tests * - add tests Co-authored-by: Giovanni Allegri <[email protected]> * Bump django-mptt from 0.13.4 to 0.14.0 (#10081) Bumps [django-mptt](https://github.com/django-mptt/django-mptt) from 0.13.4 to 0.14.0. - [Release notes](https://github.com/django-mptt/django-mptt/releases) - [Changelog](https://github.com/django-mptt/django-mptt/blob/main/CHANGELOG.rst) - [Commits](https://github.com/django-mptt/django-mptt/compare/0.13.4...0.14) --- updated-dependencies: - dependency-name: django-mptt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10070] Let the resource manager handle also raw sld (#10071) * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * [Fixes #10070] Let the resource manager handle also raw sld * Update django-invitations requirement from <1.9.4 to <2.0.1 (#10084) * Update django-invitations requirement from <1.9.4 to <2.0.1 Updates the requirements on [django-invitations](https://github.com/jazzband/django-invitations) to permit the latest version. - [Release notes](https://github.com/jazzband/django-invitations/releases) - [Changelog](https://github.com/jazzband/django-invitations/blob/master/CHANGELOG.md) - [Commits](https://github.com/jazzband/django-invitations/compare/0.1...2.0.0) --- updated-dependencies: - dependency-name: django-invitations dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * - fix the adapter Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: afabiani <[email protected]> * fix: requirements.txt to reduce vulnerabilities (#10099) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3039675 * Bump drf-spectacular from 0.24.1 to 0.24.2 (#10088) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.24.1 to 0.24.2. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.24.1...0.24.2) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump invoke from 1.7.1 to 1.7.3 (#10086) Bumps [invoke](https://github.com/pyinvoke/invoke) from 1.7.1 to 1.7.3. - [Release notes](https://github.com/pyinvoke/invoke/releases) - [Commits](https://github.com/pyinvoke/invoke/compare/1.7.1...1.7.3) --- updated-dependencies: - dependency-name: invoke dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump protobuf from 4.21.6 to 4.21.7 (#10085) Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 4.21.6 to 4.21.7. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.2.1 to 2022.4 (#10083) Bumps [pytz](https://github.com/stub42/pytz) from 2022.2.1 to 2022.4. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/commits) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10073] Unable to view Maps tab in Recent activities (#10074) Co-authored-by: Giovanni Allegri <[email protected]> Co-authored-by: Alessio Fabiani <[email protected]> * Bump mistune from 2.0.3 to 2.0.4 (#10082) Bumps [mistune](https://github.com/lepture/mistune) from 2.0.3 to 2.0.4. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/v2.0.4/docs/changes.rst) - [Commits](https://github.com/lepture/mistune/compare/v2.0.3...v2.0.4) --- updated-dependencies: - dependency-name: mistune dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10091] improve thumbnails quality (#10092) * improve thumbnails quality * force convertion to jpeg * - update tests * - fix tests Co-authored-by: marthamareal <[email protected]> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10075] Improvements to the upload time step UI (#10094) * -[Fixes #10075] Improvements to the upload time step UI * clarify why user is inside this step Co-authored-by: Giovanni Allegri <[email protected]> Co-authored-by: Alessio Fabiani <[email protected]> * Bump coverage from 6.4.4 to 6.5.0 (#10079) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.4 to 6.5.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.4.4...6.5.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10113] Data retriver keep kmz files even if is unzipped (#10114) * [Fixes #10113] Data retriever keeps kmz files even if are unzipped * Bump sherlock from 0.3.2 to 0.4.0 (#10116) Bumps [sherlock](https://github.com/py-sherlock/sherlock) from 0.3.2 to 0.4.0. - [Release notes](https://github.com/py-sherlock/sherlock/releases) - [Changelog](https://github.com/py-sherlock/sherlock/blob/master/CHANGELOG.rst) - [Commits](https://github.com/py-sherlock/sherlock/commits/v0.4.0) --- updated-dependencies: - dependency-name: sherlock dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * -[Fixes #10104] Sort resource APIs with created date (#10105) Co-authored-by: Alessio Fabiani <[email protected]> * Bump requests-toolbelt from 0.9.1 to 0.10.0 (#10118) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.9.1 to 0.10.0. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.9.1...0.10.0) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump psycopg2 from 2.9.3 to 2.9.4 (#10117) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.3 to 2.9.4. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.80 to 1.24.87 (#10107) Bumps [boto3](https://github.com/boto/boto3) from 1.24.80 to 1.24.87. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.80...1.24.87) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Dependencies] Align setup.cfg to requirements.txt (#10124) * [Fixes #10120] Celery autoscale values are too low and wrongly positioned (#10121) * [Fixes #7852] Update catalog and background layers url configuration in settings.py and related files (#9950) * -[Fixes #7852] Update catalog and background layers url configuration in settings.py and related files * - update geoid url * [Fixes #10130] Data retriever dont assign the folder/file permissions correcly (#10131) Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10134] New simple renderer to generate thumbnails for PDFs (#10135) * PDF thumbnail renderer * - add unit tests * command to generate thumbnails for docs * flake fix * renamed management command * add requirement to setup.cfg * make command similar to other sync commands * removed unused import * fix flake8 Co-authored-by: marthamareal <[email protected]> * [Fixes #10138] Render pdf thumbnails from top margin (#10139) * render pdf thumbnails from top margin * fix flake * [Fixes #10142] storage_manager copy dont assign the folder/file permi… (#10143) * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * [Fixes #10142] storage_manager copy dont assign the folder/file permissions correcly * Bump wandb from 0.12.17 to 0.13.4 (#10152) Bumps [wandb](https://github.com/wandb/wandb) from 0.12.17 to 0.13.4. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.12.17...v0.13.4) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Update setuptools requirement from <65.5.0,>=59.1.1 to >=59.1.1,<65.6.0 (#10150) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v59.1.1...v65.5.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pip from 22.2.2 to 22.3 (#10149) Bumps [pip](https://github.com/pypa/pip) from 22.2.2 to 22.3. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.2.2...22.3) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump shapely from 1.8.4 to 1.8.5.post1 (#10147) Bumps [shapely](https://github.com/shapely/shapely) from 1.8.4 to 1.8.5.post1. - [Release notes](https://github.com/shapely/shapely/releases) - [Changelog](https://github.com/shapely/shapely/blob/1.8.5.post1/CHANGES.txt) - [Commits](https://github.com/shapely/shapely/compare/1.8.4...1.8.5.post1) --- updated-dependencies: - dependency-name: shapely dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.41 to 1.4.42 (#10145) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.41 to 1.4.42. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.34.0 to 11.35.0 (#10146) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.34.0 to 11.35.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.34.0...v11.35.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.87 to 1.24.91 (#10151) Bumps [boto3](https://github.com/boto/boto3) from 1.24.87 to 1.24.91. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.87...1.24.91) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Align requirements.txt comments with 4.x (#10162) * [Fixes #10168] Add 'executions' field to concrete instance endpoints (#10169) * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10168] Add 'executions' field to concrete instance endpoints * [Fixes #10171] Dynamic rendering of document_detail view template (#10172) * add preview mode to document metadata page * Remove Return to button inside metadata detail page * [Hardening] Avoid "backup.py" failing while trying to set "w" perms on the GeoServer catalog file * Fix migrations 4x (#10176) * - Fixing migrations upg 33x -> 4x * fix migration * missing files * - Fixing migrations upg 33x -> 4x * - Fixing migrations upg 33x -> 4x Co-authored-by: mattiagiupponi <[email protected]> * [Hardening] Make the migration '0074_drop_curated_thumbs' more robust * [Fixes #10198] uwsgi library update (#10199) * [Fixes #10195] Backup and restore procedure is not successful (#10196) * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] Backup and restore procedure is not successful * [Fixes #10195] test fix build * [Fixes #10204] restore mapstore catalog settings (#10205) * [Fixes #10192] Include source into the ExecutionRequest model (#10193) Co-authored-by: Alessio Fabiani <[email protected]> * Bump oauthlib from 3.2.1 to 3.2.2 (#10189) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * fix ip whitelisting (#10218) * Update httplib2 requirement from <0.20.5 to <0.21.1 (#10227) Updates the requirements on [httplib2](https://github.com/httplib2/httplib2) to permit the latest version. - [Release notes](https://github.com/httplib2/httplib2/releases) - [Changelog](https://github.com/httplib2/httplib2/blob/master/CHANGELOG) - [Commits](https://github.com/httplib2/httplib2/compare/0.9...v0.21.0) --- updated-dependencies: - dependency-name: httplib2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump pillow from 9.1.1 to 9.3.0 (#10229) Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.1.1 to 9.3.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/9.1.1...9.3.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump twisted from 22.8.0 to 22.10.0 (#10233) Bumps [twisted](https://github.com/twisted/twisted) from 22.8.0 to 22.10.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.8.0...twisted-22.10.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.24.91 to 1.26.0 (#10235) Bumps [boto3](https://github.com/boto/boto3) from 1.24.91 to 1.26.0. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.24.91...1.26.0) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytz from 2022.4 to 2022.6 (#10234) Bumps [pytz](https://github.com/stub42/pytz) from 2022.4 to 2022.6. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/compare/release_2022.4...release_2022.6) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump ipython from 8.5.0 to 8.6.0 (#10228) Bumps [ipython](https://github.com/ipython/ipython) from 8.5.0 to 8.6.0. - [Release notes](https://github.com/ipython/ipython/releases) - [Commits](https://github.com/ipython/ipython/compare/8.5.0...8.6.0) --- updated-dependencies: - dependency-name: ipython dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump requests-toolbelt from 0.10.0 to 0.10.1 (#10225) Bumps [requests-toolbelt](https://github.com/requests/toolbelt) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/requests/toolbelt/releases) - [Changelog](https://github.com/requests/toolbelt/blob/master/HISTORY.rst) - [Commits](https://github.com/requests/toolbelt/compare/0.10.0...0.10.1) --- updated-dependencies: - dependency-name: requests-toolbelt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 7.1.3 to 7.2.0 (#10224) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.3 to 7.2.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.1.3...7.2.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.10.1 to 7.11.0 (#10223) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.10.1 to 7.11.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.10.1...7.11.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psycopg2 from 2.9.4 to 2.9.5 (#10222) Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.4 to 2.9.5. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyjwt from 2.5.0 to 2.6.0 (#10186) Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/commits) --- updated-dependencies: - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.2 to 5.9.3 (#10185) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.2 to 5.9.3. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.2...release-5.9.3) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.3 to 3.8.4 (#10184) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.3 to 3.8.4. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.3...v3.8.4) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: scripts/docker/nginx/Dockerfile to reduce vulnerabilities (#10180) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE316-CURL-3011748 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3040799 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050523 - https://snyk.io/vuln/SNYK-ALPINE316-LIBXML2-3050527 - https://snyk.io/vuln/SNYK-ALPINE316-ZLIB-2976176 Co-authored-by: Alessio Fabiani <[email protected]> * [Dependencies] Align "setup.cfg" to "requirements.txt" (#10242) * [Fixes #10251] Review geonode management command set_layers_permissions (#10252) * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Fixes #10251] Review geonode management command set_layers_permissions * [Hardening] Prevent migration 0034_maplayer_extra_params_and_current_style to fail abruptly in the case the maplayer has no styles associated with it * [Fixes #10263] non admin user in fresh instance cannot create resources_ (#10264) * [Fixes #10208] Add a custom hook at the end of the permissions assign (#10213) Co-authored-by: Alessio Fabiani <[email protected]> * Fix broken test (#10266) * Fix broken test build * Fix broken test build * Bump GeoServer to version 2.20.6 (#10164) * [Fixes #10214] metadata_only filter not working properly (#10215) * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly * [Fixes #10214] metadata_only filter not working properly Co-authored-by: Alessio Fabiani <[email protected]> * Bump jsonschema from 4.16.0 to 4.17.0 (#10262) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.16.0 to 4.17.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.16.0...v4.17.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump pip from 22.3 to 22.3.1 (#10261) Bumps [pip](https://github.com/pypa/pip) from 22.3 to 22.3.1. - [Release notes](https://github.com/pypa/pip/releases) - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](https://github.com/pypa/pip/compare/22.3...22.3.1) --- updated-dependencies: - dependency-name: pip dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-bdd from 6.0.1 to 6.1.0 (#10260) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.0.1 to 6.1.0. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.0.1...6.1.0) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-select2 from 7.11.0 to 8.0.0 (#10259) Bumps [django-select2](https://github.com/codingjoe/django-select2) from 7.11.0 to 8.0.0. - [Release notes](https://github.com/codingjoe/django-select2/releases) - [Commits](https://github.com/codingjoe/django-select2/compare/7.11.0...8.0.0) --- updated-dependencies: - dependency-name: django-select2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.42 to 1.4.43 (#10258) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.42 to 1.4.43. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump docker from 6.0.0 to 6.0.1 (#10256) Bumps [docker](https://github.com/docker/docker-py) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/docker/docker-py/releases) - [Commits](https://github.com/docker/docker-py/compare/6.0.0...6.0.1) --- updated-dependencies: - dependency-name: docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump wandb from 0.13.4 to 0.13.5 (#10255) Bumps [wandb](https://github.com/wandb/wandb) from 0.13.4 to 0.13.5. - [Release notes](https://github.com/wandb/wandb/releases) - [Changelog](https://github.com/wandb/wandb/blob/main/CHANGELOG.md) - [Commits](https://github.com/wandb/wandb/compare/v0.13.4...v0.13.5) --- updated-dependencies: - dependency-name: wandb dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #10251] improve feedback to the user and UI experience of batch permisisons assignment (#10281) * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * [Fixes #10251] improve feedback to the user and UI experience * Bump boto3 from 1.26.0 to 1.26.4 (#10273) Bumps [boto3](https://github.com/boto/boto3) from 1.26.0 to 1.26.4. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.0...1.26.4) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * [Dependencies] Align setup.cfg to requirements.txt (#10284) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" (#10288) * [Fixes #10287] The "set_layer_permissions" management command does not behave correctly with "AnonyousUser" * [Fixes #10270] Document creation via API v2 (#10271) * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 * [Fixes #10270] Document creation via API v2 Co-authored-by: Alessio Fabiani <[email protected]> * fix: requirements_tests.txt to reduce vulnerabilities (#10299) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 * Bump pytest-bdd from 6.1.0 to 6.1.1 (#10297) Bumps [pytest-bdd](https://github.com/pytest-dev/pytest-bdd) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/pytest-dev/pytest-bdd/releases) - [Changelog](https://github.com/pytest-dev/pytest-bdd/blob/master/CHANGES.rst) - [Commits](https://github.com/pytest-dev/pytest-bdd/compare/6.1.0...6.1.1) --- updated-dependencies: - dependency-name: pytest-bdd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alessio Fabiani <[email protected]> * Bump pymupdf from 1.20.2 to 1.21.0 (#10296) Bumps [pymupdf](https://github.com/pymupdf/pymupdf) from 1.20.2 to 1.21.0. - [Release notes](https://github.com/pymupdf/pymupdf/releases) - [Changelog](https://github.com/pymupdf/PyMuPDF/blob/master/changes.txt) - [Commits](https://github.com/pymupdf/pymupdf/compare/1.20.2...1.21.0) --- updated-dependencies: - dependency-name: pymupdf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sqlalchemy from 1.4.43 to 1.4.44 (#10294) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.4.43 to 1.4.44. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump psutil from 5.9.3 to 5.9.4 (#10293) Bumps [psutil](https://github.com/giampaolo/psutil) from 5.9.3 to 5.9.4. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](https://github.com/giampaolo/psutil/compare/release-5.9.3...release-5.9.4) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dropbox from 11.35.0 to 11.36.0 (#10292) Bumps [dropbox](https://github.com/dropbox/dropbox-sdk-python) from 11.35.0 to 11.36.0. - [Release notes](https://github.com/dropbox/dropbox-sdk-python/releases) - [Commits](https://github.com/dropbox/dropbox-sdk-python/compare/v11.35.0...v11.36.0) --- updated-dependencies: - dependency-name: dropbox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump google-cloud-storage from 2.5.0 to 2.6.0 (#10291) Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/python-storage/compare/v2.5.0...v2.6.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.4 to 1.26.11 (#10312) Bumps [boto3](https://github.com/boto/boto3) from 1.26.4 to 1.26.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.4...1.26.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align setup.cfg with requirements.txt (#10315) * [Fixes #10303] automatic periodic TaskResult removal (#10306) * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] automatic periodic TaskResult removal * [Fixes #10303] fix flake8 formatting Co-authored-by: Alessio Fabiani <[email protected]> * [Fixes #10302] Incorrect permissions assigned on cloning a resource (#10309) * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] Incorrect permissions assigned on cloning a resource * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 formatting * [Fixes #10302] test fix broken tests * [Fixes #10302] fix flake8 * - Fix test case * [Fixes #10302] fix flake8 Co-authored-by: Alessio Fabiani <[email protected]> * Create SECURITY.md (#10285) * Create SECURITY.md * Update SECURITY.md fix minor typo Co-authored-by: Florian Hoedt <[email protected]> * Update setuptools requirement from <65.6.0,>=59.1.1 to >=59.1.1,<65.7.0 (#10327) Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v65.5.1...v65.6.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump python-slugify from 6.1.2 to 7.0.0 (#10322) Bumps [python-slugify](https://github.com/un33k/python-slugify) from 6.1.2 to 7.0.0. - [Release notes](https://github.com/un33k/python-slugify/releases) - [Changelog](https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md) - [Commits](https://github.com/un33k/python-slugify/compare/v6.1.2...v7.0.0) --- updated-dependencies: - dependency-name: python-slugify dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.11 to 1.26.14 (#10330) Bumps [boto3](https://github.com/boto/boto3) from 1.26.11 to 1.26.14. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.11...1.26.14) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump mako from 1.2.3 to 1.2.4 (#10325) Bumps [mako](https://github.com/sqlalchemy/mako) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/sqlalchemy/mako/releases) - [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/mako/commits) --- updated-dependencies: - dependency-name: mako dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump selenium-requests from 2.0.0 to 2.0.1 (#10324) Bumps [selenium-requests]() from 2.0.0 to 2.0.1. --- updated-dependencies: - dependency-name: selenium-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump webdriver-manager from 3.8.4 to 3.8.5 (#10323) Bumps [webdriver-manager](https://github.com/SergeyPirogov/webdriver_manager) from 3.8.4 to 3.8.5. - [Release notes](https://github.com/SergeyPirogov/webdriver_manager/releases) - [Changelog](https://github.com/SergeyPirogov/webdriver_manager/blob/master/CHANGELOG.md) - [Commits](https://github.com/SergeyPirogov/webdriver_manager/compare/v3.8.4...v3.8.5) --- updated-dependencies: - dependency-name: webdriver-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Fixes #9041] Docker NGINX listen on ports 80/443 (#10338) * [Dependencies] Align setup.cfg with requirements.txt (#10339) * Bump django-grappelli from 3.0.3 to 3.0.4 (#10351) Bumps [django-grappelli](https://github.com/sehmaschine/django-grappelli) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/sehmaschine/django-grappelli/releases) - [Changelog](https://github.com/sehmaschine/django-grappelli/blob/master/docs/changelog.rst) - [Commits](https://github.com/sehmaschine/django-grappelli/compare/3.0.3...3.0.4) --- updated-dependencies: - dependency-name: django-grappelli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: requirements_dev.txt to reduce vulnerabilities (#10300) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 Co-authored-by: snyk-bot <[email protected]> * changed bbox_polygon and llbox_polygone to read only in serializer for #10316 (#10317) Co-authored-by: mattiagiupponi <[email protected]> Co-authored-by: Giovanni Allegri <[email protected]> * Bump urllib3 from 1.26.12 to 1.26.13 (#10350) Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.12 to 1.26.13. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/1.26.13/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.12...1.26.13) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.17.0 to 4.17.1 (#10349) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.17.0 to 4.17.1. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.17.0...v4.17.1) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.26.14 to 1.26.17 (#10354) Bumps [boto3](https://github.com/boto/boto3) from 1.26.14 to 1.26.17. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.26.14...1.26.17) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flake8 from 5.0.4 to 6.0.0 (#10348) Bumps [flake8](https://github.com/pycqa/flake8) from 5.0.4 to 6.0.0. - [Release notes](https://github.com/pycqa/flake8/releases) - [Commits](https://github.com/pycqa/flake8/compare/5.0.4...6.0.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Dependencies] Align "setup.cfg" to "requirements.txt" (#10363) * [CLA] Add MalteIwanicki to clabot (#10381) * Bump jsonschema from 4.17.1 to 4.17.3 (#10372) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.17.1 to 4.17.3. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.17.1...v4.17.3) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot]…

marthamareal self-assigned this Sep 22, 2022

cla-bot bot added the cla-signed CLA Bot: community license agreement signed label Sep 22, 2022

marthamareal marked this pull request as draft September 22, 2022 13:54

marthamareal force-pushed the ISSUE_10041 branch from 40a5516 to 7895c7b Compare September 26, 2022 08:42

marthamareal force-pushed the ISSUE_10041 branch from 7895c7b to d52755c Compare September 26, 2022 09:21

marthamareal force-pushed the ISSUE_10041 branch from d52755c to 717928b Compare September 26, 2022 10:39

marthamareal marked this pull request as ready for review September 26, 2022 10:59

marthamareal added the backport 4.0.x label Sep 26, 2022

giohappy requested review from mattiagiupponi and giohappy September 28, 2022 08:13

giohappy reviewed Sep 28, 2022

View reviewed changes

mattiagiupponi requested changes Sep 28, 2022

View reviewed changes

marthamareal added 3 commits September 28, 2022 13:28

-[Fixes #10040] Remove auto-generated thumbnail for documents

b83a102

- update thumbnail pixels

2287695

- add tests

4798ce5

marthamareal force-pushed the ISSUE_10041 branch from 4faa1a3 to 4798ce5 Compare September 28, 2022 10:29

- fix-tests

d62477b

- fix-tests

453eb1c

mattiagiupponi approved these changes Sep 29, 2022

View reviewed changes

mattiagiupponi merged commit 601be61 into master Sep 29, 2022

mattiagiupponi deleted the ISSUE_10041 branch September 29, 2022 09:34

github-actions bot mentioned this pull request Sep 29, 2022

[Backport 4.0.x] [Fixes #10041] Review the thumbnail scaling process #10069

Merged

github-actions bot pushed a commit that referenced this pull request Sep 29, 2022

[Fixes #10041] Review the thumbnail scaling process (#10046)

5270e30

* -[Fixes #10040] Remove auto-generated thumbnail for documents * - update thumbnail pixels * - add tests * - fix-tests * - fix-tests

afabiani added this to the 4.0.2 milestone Sep 29, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Fixes #10041] Review the thumbnail scaling process #10046

[Fixes #10041] Review the thumbnail scaling process #10046

marthamareal commented Sep 22, 2022 •

edited by mattiagiupponi

Loading

lgtm-com bot commented Sep 26, 2022

lgtm-com bot commented Sep 26, 2022

lgtm-com bot commented Sep 26, 2022

codecov bot commented Sep 26, 2022 •

edited

Loading

giohappy left a comment

lgtm-com bot commented Sep 28, 2022

marthamareal commented Sep 28, 2022

mattiagiupponi left a comment

marthamareal commented Sep 28, 2022

lgtm-com bot commented Sep 28, 2022

lgtm-com bot commented Sep 28, 2022

lgtm-com bot commented Sep 28, 2022

giohappy commented Sep 29, 2022 •

edited

Loading

mattiagiupponi commented Sep 29, 2022

[Fixes #10041] Review the thumbnail scaling process #10046

[Fixes #10041] Review the thumbnail scaling process #10046

Conversation

marthamareal commented Sep 22, 2022 • edited by mattiagiupponi Loading

Checklist

lgtm-com bot commented Sep 26, 2022

lgtm-com bot commented Sep 26, 2022

lgtm-com bot commented Sep 26, 2022

codecov bot commented Sep 26, 2022 • edited Loading

Codecov Report

giohappy left a comment

Choose a reason for hiding this comment

lgtm-com bot commented Sep 28, 2022

marthamareal commented Sep 28, 2022

mattiagiupponi left a comment

Choose a reason for hiding this comment

marthamareal commented Sep 28, 2022

lgtm-com bot commented Sep 28, 2022

lgtm-com bot commented Sep 28, 2022

lgtm-com bot commented Sep 28, 2022

giohappy commented Sep 29, 2022 • edited Loading

mattiagiupponi commented Sep 29, 2022

marthamareal commented Sep 22, 2022 •

edited by mattiagiupponi

Loading

codecov bot commented Sep 26, 2022 •

edited

Loading

giohappy commented Sep 29, 2022 •

edited

Loading