Kinto is a minimalist JSON storage service with synchronisation and sharing abilities.
Fixes #1973
Try it here: https://kinto.github.io/kinto-account-demo/
kinto.tpl file with it.This is a work in progress, may I have some feedback on the current work before pushing forward with the reset password functionality and the documentation?
Thanks!
Fixes #939
email if the configured userid_field is emailWe could make this piece of code work with both Auth0 and Firefox Accounts \o/
@rfk f?
Fixes #1507
![[WIP] Optimize postgresql storage get all fixes 1507](https://avatars.githubusercontent.com/u/26739?v=4)
kinto.tpl file with it.Fixes #631
Features:
/v1/swagger.jsonLimitations:
Pending:
test_resources)r? @glasserc @Natim @leplatrem
in progressThe idea is that sometimes a new record has to be created from a front-end, with the "admin" rights, but we obviously don't want the admin credentials to be available on the front-end.
Such a case is when you want to allow a user to register to a newsletter on your website: if you create all the records with the same user, that same user can view the list of all the registered emails for the newsletter (even if the permissions don't include read : system.Everyone, as an owner it has the read permission).
So this plugin would add an endpoint that would allow an anonymous POST to create a record as a different registered user, transferring the ownership.
Example configuration:
kinto.newsletter.bucket = myproject
kinto.newsletter.collection = newsletter
kinto.newsletter.owner = account:admin
Example usage:
echo '{"data": {"email": "[email protected]", "name": "test name"}}' | http POST https://kinto.server/v1/newsletter
Propositions:
/newsletter root endpoint it could be a "leaf" endpoint like the kinto-attachment plugin does: http POST https://..../v1/buckets/foo/collections/bar/newsletterowner as metadata: echo '{"data": {...}, "owner": "account:admin"} | http POST ....
In this case, we might want to discuss the security and configuration implications (provide a list of allowed owners? A list of allowed resources to create with a different owner?)As a heads up: the same "newsletter" use case could be fixed by having finer grained permissions (eg a "read-only" permission that would not give read access to the owner/creator).
While investigating #1507, @peterbe discovered that the DISTINCT doesn't really make sense unless you have a wildcard parent_id. He proved this to his own satisfaction by removing DISTINCT and observing that no tests break.
Under what circumstances do we even have a wildcard parent_id? Unlike delete, where you might want to delete a thing and all its children, I couldn't think of a way to invoke this mechanism using the HTTP API. Indeed, there's a subtle bug in the current query and the fact that nobody has reported it makes me suspect that nobody ever actually uses it. Can we get rid of it?
I had a quick chat with @enguerran who is planning to use Kinto with a similar use case than the formbuilder:
The problem if you do that is that people that needs to create record in the collection cannot actually access the schema.
However if you add the read permission on the collection, they can read the schema as well as all records in the collection (their and other's people onces.)
The use case there is to have the admin to be able to read all records and users to be able to see only their own records for a given collection.
We also want to be able to list the collection the user can administrate. It makes it impossible if we give the read permission on the collection.
A quick fix would be to allow to read the schema or the collection data if we give the record:create permission.
While working on #790 I realize that there is something not clear in our specifications.
Currently, if a resource has a mandatory field (eg. groups members), then we cannot do a PUT with just the permissions values. This is because a PUT can lead to a creation, and the members fields has to be provided.
On other resources, which have no mandatory field, it is perfectly possible to only provide permissions.
But, I believe we should make every resources behave the same way.
For example, when we'll implement the edition of permissions in Kinto-admin, we don't want to have to pass the data if it was not changed.
Two solutions:
[]) for the groups members attribute (my prefered one, trivial and not absurd)data to be omitted only when the PUT replaces an existing object (more complex to implement, but would work for any resource with mandatory fields)Fixes #1659
For when it's necessary to drop support for older Python Versions.
kinto/config/__init__.pykinto/schema_validation.pykinto/core/scripts.pykinto/core/openapi.pykinto/core/__init__.pykinto/core/utils.pykinto/core/cache/postgresql/__init__.pykinto/core/storage/memory.pykinto/core/storage/exceptions.pykinto/core/storage/postgresql/client.pykinto/core/storage/testing.pykinto/core/statsd.pykinto/core/initialization.pykinto/core/resource/model.pykinto/core/resource/schema.pykinto/core/permission/memory.pykinto/core/views/heartbeat.pykinto/core/views/errors.pykinto/core/views/batch.pykinto/core/testing.pykinto/plugins/quotas/scripts.pykinto/plugins/quotas/listener.pykinto/plugins/openid/__init__.pykinto/plugins/openid/views.pykinto/plugins/default_bucket/__init__.pykinto/plugins/history/listener.pykinto/authorization.pykinto/views/records.pykinto/core/authentication.pykinto/core/events.pykinto/core/storage/postgresql/__init__.pykinto/core/storage/postgresql/migrator.pykinto/core/errors.pykinto/core/resource/__init__.pykinto/core/resource/viewset.pykinto/core/permission/postgresql/__init__.pykinto/core/authorization.pykinto/plugins/accounts/scripts.pykinto/plugins/accounts/__init__.pykinto/plugins/accounts/views.pykinto/plugins/accounts/authentication.pykinto/views/permissions.pykinto/views/groups.pykinto/__main__.pyReaching a plural endpoint with a million record should be super fast when using pagination (?_limit=10) or filtering. Apparently, it's not the case.
I suspect https://github.com/Kinto/kinto/pull/1267 to be responsible for the regression.
See https://github.com/mozilla-services/buildhub/issues/350 (840K records)
For anyone interested in tackling this, here is a quick way to fill up a collection with fake records:
$ psql -h localhost -U postgres -w
DO
$$
BEGIN
FOR i IN 1..100000 LOOP
INSERT INTO records (id, parent_id, collection_id) VALUES ('id-' || i, '/buckets/a/collections/b', 'record');
END LOOP;
END;
$$;
Following some discussions, here's my rough thoughts on creating an "accounts registration" plugin. The use case is having a flow for users to 1/ register an account 2/ receive a "registration code" via email 2/ validate their email using this "registration code" 3/ reset their password if needed
1/ anonymous POST on /accountsmgmt/register/<email>
2/ this creates a record {"id": email, "password": hash, "registration-code": uuid}
3/ an email is sent with a link to /accountsmgmt/register/validate/<registration-code>
4/ GETing /accountsmgmt/register/validate/<registration-code> returns the ID which is the username (the email)
5/ POSTing to /accountsmgmt/register/validate/<registration-code> creates a kinto account with the same id and password, and updates the current "register" record to mark it as used (or deletes it)
1/ anonymous POST on acountsmgmt/resetpassword/<email>
2/ this creates a record {"id": email, "reset-code": uuid}
3/ an email is sent with a link to /accountsmgmt/resetpassword/reset/<reset-code>
4/ GETing /accountsmgmt/resetpassword/<reset-code> returns the ID which is the username (the email)
5/ POSTing the new password to /accountsmgmt/resetpassword/reset/<reset-code> updates the kinto account with the same ID, and updates the current "register" record to mark it as used (or deletes it)
Using the email (username) as the ID as the advantage of not having several registration or password reset codes laying around for the same user. The drawback is that we're not benefiting from the "kinto resource" management as we're GET/POST-ing on endpoints that are the registration or password reset codes, and not the IDs.
Not sure if that makes sense? Do you have any feedback, ideas or tips?
question plugin-idea scope:authenticationBumps tox from 3.27.1 to 4.0.18.
Sourced from tox's releases.
4.0.18
What's Changed
- Handle whitespace around requirements by
@gaborbernatin tox-dev/tox#2779Full Changelog: https://github.com/tox-dev/tox/compare/4.0.17...4.0.18
4.0.17
What's Changed
- Suppress a report output when verbosity = 0. by
@q0win tox-dev/tox#2774- Fix --sdistonly behaviour by
@q0win tox-dev/tox#2775- Override toxworkdir with --workdir. by
@q0win tox-dev/tox#2776New Contributors
@q0wmade their first contribution in tox-dev/tox#2774Full Changelog: https://github.com/tox-dev/tox/compare/4.0.16...4.0.17
4.0.16
What's Changed
- Fix change_dir is not always relative to tox_root by
@gaborbernatin tox-dev/tox#2761Full Changelog: https://github.com/tox-dev/tox/compare/4.0.15...4.0.16
4.0.15
What's Changed
- test_sequential: resolve() the system_executable by
@masenfin tox-dev/tox#2751- Fix provisioning by
@gaborbernatin tox-dev/tox#2750- Fix complex negative factor filters not working by
@gaborbernatin tox-dev/tox#2757Full Changelog: https://github.com/tox-dev/tox/compare/4.0.14...4.0.15
4.0.14
What's Changed
- Ignore non-test section names and invalid factor filters by
@gaborbernatin tox-dev/tox#2748Full Changelog: https://github.com/tox-dev/tox/compare/4.0.13...4.0.14
4.0.13
What's Changed
- Fix plain section shadows env config by
@gaborbernatin tox-dev/tox#2742- Fix space not accepted in factor filter expression by
@gaborbernatin tox-dev/tox#2744Full Changelog: https://github.com/tox-dev/tox/compare/4.0.12...4.0.13
4.0.12
... (truncated)
Sourced from tox's changelog.
v4.0.18 (2022-12-26)
Bugfixes - 4.0.18
- Strip leading and trailing whitespace when parsing elements in requirement files - by :user:`gaborbernat`. (:issue:`2773`)v4.0.17 (2022-12-25)
Features - 4.0.17
- Suppress a report output when verbosity = 0. (:issue:
2697)Bugfixes - 4.0.17
- Fix ``--sdistonly`` behaviour. (:issue:`2653`) - Override toxworkdir with --workdir. (:issue:`2654`)v4.0.16 (2022-12-20)
Bugfixes - 4.0.16
- Fix :ref:
change_diris relative to current working directory rather than to the :ref:tox_rootwhen using the-cargument to locate thetox.inifile - by :user:gaborbernat. (:issue:2619)v4.0.15 (2022-12-19)
Bugfixes - 4.0.15
- Fix tox auto-provisioning not working and relax :ref:`min_version` default from ``4.0`` to no version constraint - by user:`gaborbernat`. (:issue:`2634`) - Fix assertion in ``test_result_json_sequential`` when interpreter ``_base_executable`` is a hardlink (macOS homebrew) - by user:`masenf`. (:issue:`2720`) - Complex negative factor filters not working - by user:`gaborbernat`. (:issue:`2747`)v4.0.14 (2022-12-18)
Bugfixes - 4.0.14
- Do not include non test environment sections or factor filters in INI configuration to factor discovery - by :user:
gaborbernat. (:issue:2746)
... (truncated)
2ec5879 release 4.0.18acac244 Handle whitespace around requirements (#2779)d970c76 release 4.0.17bf87bea Override toxworkdir with --workdir. (#2776)a36ff9d Fix --sdistonly behaviour (#2775)b0c3cf6 Suppress a report output when verbosity = 0. (#2774)d8e86dd Update README.md463cd12 Update README.mdf460c84 release 4.0.1647052d4 Fix change_dir is not always relative to tox_root (#2761)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Bumps isort from 5.10.1 to 5.11.4.
Sourced from isort's releases.
5.11.4
Changes
- Remove obsolete
tomlimport from the test suite (#1978)@mgorny- Stop installing documentation files to top-level site-packages (#2057)
@mgorny- Only run release workflows for upstream (#2052)
@hugovk:package: Dependencies
- Bump Poetry 1.3.1 (#2058)
@staticdev5.11.3
Changes
- Renable portray (#2043)
@timothycrosley- chore(ci): add minimum GitHub token permissions for workflows (#1969)
@varunsh-coder:beetle: Fixes
- Fix packaging pypoetry (#2042)
@staticdev- Fix settings for py3.11 (#2040)
@staticdev:construction_worker: Continuous Integration
- General CI improvements (#2041)
@staticdev- Add release workflow (#2026)
@staticdevv5.11.3
Changes
- Renable portray (#2043)
@timothycrosley- chore(ci): add minimum GitHub token permissions for workflows (#1969)
@varunsh-coder:beetle: Fixes
- Fix packaging pypoetry (#2042)
@staticdev- Fix settings for py3.11 (#2040)
@staticdev:construction_worker: Continuous Integration
- General CI improvements (#2041)
@staticdev- Add release workflow (#2026)
@staticdev5.11.2
Changes
5.11.1
Changes December 12 2022
... (truncated)
Sourced from isort's changelog.
5.11.4 December 21 2022
- Fixed #2038 (again): stop installing documentation files to top-level site-packages (#2057)
@mgorny- CI: only run release workflows for upstream (#2052)
@hugovk- Tests: remove obsolete toml import from the test suite (#1978)
@mgorny- CI: bump Poetry 1.3.1 (#2058)
@staticdev5.11.3 December 16 2022
- Fixed #2007: settings for py3.11 (#2040)
@staticdev- Fixed #2038: packaging pypoetry (#2042)
@staticdev- Docs: renable portray (#2043)
@timothycrosley- Ci: add minimum GitHub token permissions for workflows (#1969)
@varunsh-coder- Ci: general CI improvements (#2041)
@staticdev- Ci: add release workflow (#2026)
@staticdev5.11.2 December 12 2022
- Hotfix #2034: isort --version is not accurate on 5.11.x releases (#2034)
@gschaffner5.11.1 December 12 2022
- Hotfix #2031: only call
colorama.initifcoloramais available (#2032)@tomaarsen5.11.0 December 12 2022
- Added official support for Python 3.11 (#1996, #2008, #2011)
@staticdev- Dropped support for Python 3.6 (#2019)
@barrelful- Fixed problematic tests (#2021, #2022)
@staticdev- Fixed #1960: Rich compatibility (#1961)
@ofek- Fixed #1945, #1986: Python 4.0 upper bound dependency resolving issues
@staticdev- Fixed Pyodide CDN URL (#1991)
@andersk- Docs: clarify description of use_parentheses (#1941)
@mgedmin- Fixed #1976:
blackcompatibility for.pyifiles@XuehaiPan- Implemented #1683: magic trailing comma option (#1876)
@legau- Add missing space in unrecoverable exception message (#1933)
@andersk- Fixed #1895: skip-gitignore: use allow list, not deny list
@bmalehorn- Fixed #1917: infinite loop for unmatched parenthesis (#1919)
@anirudnits- Docs: shared profiles (#1896)
@matthewhughes934- Fixed build-backend values in the example plugins (#1892)
@mgorny- Remove reference to jamescurtin/isort-action (#1885)
@AndrewLane- Split long cython import lines (#1931)
@davidcollins001- Update plone profile: copy of
black, plus three settings. (#1926)@mauritsvanrees- Fixed #1815, #1862: Add a command-line flag to sort all re-exports (#1863)
@parafoxia- Fixed #1854:
lines_before_importsappending lines after comments (#1861)@legau- Remove redundant
multi_line_output = 3from "Compatibility with black" (#1858)@jdufresne- Add tox config example (#1856)
@umonaca- Docs: add examples for frozenset and tuple settings (#1822)
@sgaist- Docs: add multiple config documentation (#1850)
@anirudnits
98390f5 Merge pull request #2059 from PyCQA/version/5.11.4df69a05 Bump version 5.11.4f9add58 Merge pull request #2058 from PyCQA/deps/poetry-1.3.136caa91 Bump Poetry 1.3.13c2e2d0 Merge pull request #1978 from mgorny/toml-test45d6abd Remove obsolete toml import from the test suite3020e0b Merge pull request #2057 from mgorny/poetry-installa6fdbfd Stop installing documentation files to top-level site-packagesff306f8 Fix tag template to match old standard227c4ae Merge pull request #2052 from hugovk/mainDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Bumps sentry-sdk from 1.11.1 to 1.12.1.
Sourced from sentry-sdk's releases.
1.12.1
Various fixes & improvements
- Link errors to OTel spans (#1787) by
@antonpirker1.12.0
Basic OTel support
This adds support to automatically integrate OpenTelemetry performance tracing with Sentry.
See the documentation on how to set it up: https://docs.sentry.io/platforms/python/performance/instrumentation/opentelemetry/
Give it a try and let us know if you have any feedback or problems with using it.
By:
@antonpirker(#1772, #1766, #1765)Various fixes & improvements
- Tox Cleanup (#1749) by
@antonpirker- CI: Fix Github action checks (#1780) by
@Zylphrex- Profiling: Introduce active thread id on scope (#1764) by
@Zylphrex- Profiling: Eagerly hash stack for profiles (#1755) by
@Zylphrex- Profiling: Resolve inherited method class names (#1756) by
@Zylphrex
Sourced from sentry-sdk's changelog.
1.12.1
Various fixes & improvements
- Link errors to OTel spans (#1787) by
@antonpirker1.12.0
Basic OTel support
This adds support to automatically integrate OpenTelemetry performance tracing with Sentry.
See the documentation on how to set it up: https://docs.sentry.io/platforms/python/performance/instrumentation/opentelemetry/
Give it a try and let us know if you have any feedback or problems with using it.
By:
@antonpirker(#1772, #1766, #1765)Various fixes & improvements
- Tox Cleanup (#1749) by
@antonpirker- CI: Fix Github action checks (#1780) by
@Zylphrex- Profiling: Introduce active thread id on scope (#1764) by
@Zylphrex- Profiling: Eagerly hash stack for profiles (#1755) by
@Zylphrex- Profiling: Resolve inherited method class names (#1756) by
@Zylphrex
ab1496f release: 1.12.16959941 Link errors to OTel spans (#1787)561cd4b Merge branch 'release/1.12.0'abfdce8 Updated changelog0a02915 release: 1.12.0d0eed0e Basic OTel support (#1772)eb0db0a Tox Cleanup (#1749)dd26fbe fix(ci): Fix Github action checks (#1780)b1290c6 feat(profiling): Introduce active thread id on scope (#1764)46697dd Add instrumenter config to switch between Otel and Sentry instrumentation. (#...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Bumps black from 22.10.0 to 22.12.0.
Sourced from black's releases.
22.12.0
Preview style
- Enforce empty lines before classes and functions with sticky leading comments (#3302)
- Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
- Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
- Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)
Configuration
- Fix incorrectly applied
.gitignorerules by considering the.gitignorelocation and the relative path to the target file (#3338)- Fix incorrectly ignoring
.gitignorepresence when more than one source directory is specified (#3336)Parser
- Parsing support has been added for walruses inside generator expression that are passed as function args (for example,
any(match := my_re.match(text) for text in texts)) (#3327).Integrations
- Vim plugin: Optionally allow using the system installation of Black via
let g:black_use_virtualenv = 0(#3309)
Sourced from black's changelog.
22.12.0
Preview style
- Enforce empty lines before classes and functions with sticky leading comments (#3302)
- Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
- Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
- Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)
Configuration
- Fix incorrectly applied
.gitignorerules by considering the.gitignorelocation and the relative path to the target file (#3338)- Fix incorrectly ignoring
.gitignorepresence when more than one source directory is specified (#3336)Parser
- Parsing support has been added for walruses inside generator expression that are passed as function args (for example,
any(match := my_re.match(text) for text in texts)) (#3327).Integrations
- Vim plugin: Optionally allow using the system installation of Black via
let g:black_use_virtualenv = 0(#3309)
2ddea29 Prepare release 22.12.0 (#3413)5b1443a release: skip bad macos wheels for now (#3411)9ace064 Bump peter-evans/find-comment from 2.0.1 to 2.1.0 (#3404)19c5fe4 Fix CI with latest flake8-bugbear (#3412)d4a8564 Bump sphinx-copybutton from 0.5.0 to 0.5.1 in /docs (#3390)2793249 Wordsmith current_style.md (#3383)d97b789 Remove whitespaces of whitespace-only files (#3348)c23a5c1 Clarify that Black runs with --safe by default (#3378)8091b25 Correctly handle trailing commas that are inside a line's leading non-nested ...ffaaf48 Compare each .gitignore found with an appropiate relative path (#3338)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Bumps sqlalchemy from 1.4.44 to 1.4.45.
Sourced from sqlalchemy's releases.
1.4.45
Released: December 10, 2022
orm
[orm] [bug] Fixed bug where
_orm.Session.merge()would fail to preserve the current loaded contents of relationship attributes that were indicated with the_orm.relationship.viewonlyparameter, thus defeating strategies that use_orm.Session.merge()to pull fully loaded objects from caches and other similar techniques. In a related change, fixed issue where an object that contains a loaded relationship that was nonetheless configured aslazy='raise'on the mapping would fail when passed to_orm.Session.merge(); checks for "raise" are now suspended within the merge process assuming the_orm.Session.merge.loadparameter remains at its default ofTrue.Overall, this is a behavioral adjustment to a change introduced in the 1.4 series as of #4994, which took "merge" out of the set of cascades applied by default to "viewonly" relationships. As "viewonly" relationships aren't persisted under any circumstances, allowing their contents to transfer during "merge" does not impact the persistence behavior of the target object. This allows
_orm.Session.merge()to correctly suit one of its use cases, that of adding objects to aSessionthat were loaded elsewhere, often for the purposes of restoring from a cache.References: #8862
[orm] [bug] Fixed issues in
_orm.with_expression()where expressions that were composed of columns that were referenced from the enclosing SELECT would not render correct SQL in some contexts, in the case where the expression had a label name that matched the attribute which used_orm.query_expression(), even when_orm.query_expression()had no default expression. For the moment, if the_orm.query_expression()does have a default expression, that label name is still used for that default, and an additional label with the same name will continue to be ignored. Overall, this case is pretty thorny so further adjustments might be warranted.References: #8881
engine
[engine] [bug] Fixed issue where
_engine.Result.freeze()method would not work for textual SQL using either_sql.text()or_engine.Connection.exec_driver_sql().References: #8963
... (truncated)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Bumps newrelic from 8.4.0 to 8.5.0.
fd0fd01 Fix Type Constructor Classes in Code Level Metrics (#708)f977ba6 Add TraceCache Guarded Iteration (#704)a63e33f Update instrumented methods in redis. (#707)b849010 Reverts removal of flask_restful hooks. (#705)864f086 Fix bug in celery where works don't report data (#696)87b649f Validator transfer from fixtures.py to validators directory, Part 2 (#690)67feaa7 Remove pylint codes from flake8 config (#701)60a5d68 Fix tornado master tests & instrument redis 4.3.5 (#695)eead7a7 Fix Confluent Kafka Producer Arguments (#699)eb28b52 Pin Github Actions Runner to Ubuntu 20 for Py27 (#698)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)New Features
Cache-Control response header in root URL endpoint (/v1/) when the instance is configured as read-only.Bug Fixes
ResourceChanged events if they were triggered from
events listeners (cascade) (see mozilla/remote-settings#203)Bug Fixes
Internal Changes
Internal Changes
Bug Fixes
For a complete log of Kinto Admin changes, see v1.31.0...v2.0.0
Full Changelog: https://github.com/Kinto/kinto/compare/14.6.1...14.7.0
Source code(tar.gz)Bug Fixes
/permissions endpoint when a setting is misinterpreted as resource permission (e.g. signer.auto_create_resources_principals)Internal Changes
Dockerfile & docker-compose for faster, usable builds (#2942)New feature
kinto.version_prefix_redirect_ttl_seconds setting in order to send Cache-Control response headers on version prefix redirects (fixes #2874)Bug fixes
Documentation
Internal changes
Documentation
Internal changes
New feature
Documentation
Internal changes
Bug fixes
Internal Changes
New feature
kinto.explicit_permissions = false to only rely on inherited permissions (see settings docs)Internal Changes
kinto.core.storage.exceptions.ReadonlyError)Bug fixes
json class attribute (removed in v14.0.0)?_since=null (fixes #2595)Breaking changes
strict_json option, and use ultrajson everywhereInternal Changes
Bug fixes
Documentation
Bug fixes
Security fix
Bug fixes
Internal Changes
auth parameter from postgresql/memory storage backendsBug fixes
kinto init command (#2375)Internal Changes
auth parameter from storage backend methods.Bug fixes
Bug fixes
New Features
Content-Security-Policy header and report URI (fixes #2303)Internal Changes
Internal changes
Internal changes
Bug fixes
/__version__ endpointContent-Type to default_cors_headers (refs #2220)__user_data__ (fixes #2063)New features
Bug fixes
Internal changes
Internal changes
Bug fixes
sqlalchemy.pool.NullPool for PostgreSQL backends.
The default pool_size of 25 is maintained on the default pool class
(QueuePoolWithMaxBacklog). When using custom connection pools, please
refer to SQLAlchemy documentation for default values.Internal changes
New features
validate endpoint at /accounts/{user id}/validate/{validation key} which can be used to validate an account when the account
validation option is enabled on the accounts plugin.reset-password endpoint at /accounts/(user id)/reset-password which can be used to reset a user's password when the account validation option is enabled on the accounts plugin.Bug fixes
Documentation
Internal changes
setup.cfg for package metadata (ref #1921)API is now at version 1.22. See API changelog
Source code(tar.gz)Bug fixes
Nerd-Storage is a simple web server for sharing files on the local network. It supports the download of files and directories, the upload of multiple files at once, making a directory, updates and deletions.
Barman, Backup and Recovery Manager for PostgreSQL Barman (Backup and Recovery Manager) is an open-source administration tool for disaster recovery of
Datasette An open source multi-tool for exploring and publishing data Datasette is a tool for exploring and publishing data. It helps people take data
mycli A command line client for MySQL that can do auto-completion and syntax highlighting. HomePage: http://mycli.net Documentation: http://mycli.net/
A REPL for Postgres This is a postgres client that does auto-completion and syntax highlighting. Home Page: http://pgcli.com MySQL Equivalent: http://
sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of
Fully Automated Youtube Channel ▒█▀▀█ █▀▀█ ▀▀█▀▀ ▀▀█▀▀ █░░█ █▀▀▄ █▀▀ █▀▀█ ▒█▀▀▄ █░░█ ░░█░░ ░▒█░░ █░░█ █▀▀▄ █▀▀ █▄▄▀ ▒█▄▄█ ▀▀▀▀ ░░▀░░ ░▒█░░ ░▀▀▀ ▀▀▀░
CaterApp is a cross platform, remotely data sharing tool created for sharing files in a quick and secured manner. It is aimed to integrate this tool with several more features including providing a User Interface.
Delta Sharing: An Open Protocol for Secure Data Sharing Delta Sharing is an open protocol for secure real-time exchange of large datasets, which enabl
The-Secret-Sharing-Schemes This interactive script demonstrates the Secret Shari
File-sharing-Bot Telegram Bot to store Posts and Documents and it can Access by Special Links. I Guess This Will Be Usefull For Many People..... ?? .
Genalog is an open source, cross-platform python package allowing generation of synthetic document images with custom degradations and text alignment capabilities.
dhSegment dhSegment is a tool for Historical Document Processing. Its generic approach allows to segment regions and extract content from different ty
Open Semantic Search https://opensemanticsearch.org Integrated search server, ETL framework for document processing (crawling, text extraction, text a
JSONManipulator JSONManipulator is a Python package to retrieve, add, delete, change and store objects in JSON files. Installation Use the package man
pickleDB pickleDB is lightweight, fast, and simple database based on the json module. And it's BSD licensed! pickleDB is Fun >>> import pickledb >>>
OH-MY-PICKLEDB oh-my-pickleDB is a lightweight, fast, and intuitive data manager written in python ?? Table of Contents About Getting Started Deployme
Shelf DB Introduction Shelf DB is a tiny document database for Python to stores documents or JSON-like data. Get it $ pip install shelfdb shelfquery S
jsonpickle jsonpickle is a library for the two-way conversion of complex Python objects and JSON. jsonpickle builds upon the existing JSON encoders, s
Same as json.dumps or json.loads, feapson support feapson.dumps and feapson.loads
68 Jun 7, 2022
1.5k Dec 30, 2022
6.8k Jan 1, 2023
10.7k Jan 7, 2023
25.7k Jan 2, 2023
249 Jan 2, 2023
3 Jun 27, 2021
497 Jan 2, 2023
1 Jan 2, 2022
1 Dec 17, 2021
235 Dec 22, 2022
343 Dec 24, 2022
684 Jan 6, 2023
1 Jan 7, 2022
738 Jan 4, 2023
6 Feb 20, 2022
35 Nov 3, 2022
1.1k Jan 2, 2023
5 Dec 1, 2021