Abilian Core: an enterprise application development platform based on the Flask micro-framework, the SQLAlchemy ORM

Overview

About

https://circleci.com/gh/abilian/abilian-core.svg?style=svg https://coveralls.io/repos/abilian/abilian-core/badge.svg?branch=master https://static.pepy.tech/badge/abilian-core

Abilian Core is an enterprise application development platform based on the Flask micro-framework, the SQLAlchemy ORM, good intentions and best practices (for some value of "best").

The full documentation is available on http://docs.abilian.com/.

Goals & principles

  • Development must be easy and fun (some some definition of "easy" and "fun", of course)
  • The less code (and configuration) we write, the better
  • Leverage existing reputable open source libraries and frameworks, such as SQLAlchemy and Flask
  • It must lower errors, bugs, project's time to deliver. It's intended to be a rapid application development tool
  • It must promote best practices in software development, specially Test-Driven Development (as advocated by the GOOS book)

Features

Here's a short list of features that you may find appealing in Abilian:

Infrastructure

  • Plugin framework
  • Asynchronous tasks (using Celery)
  • Security model and service

Domain model and services

  • Persistent domain object model, based on SQLAlchemy
  • Audit

Content management and services

  • Simple file-based content repository
  • Indexing service
  • Document preview and transformation

Social

  • Users, groups and social graph (followers)
  • Activity streams

User Interface and API

  • Forms (based on WTForms)
  • CRUD (Create, Retrieve, Edit/Update, Remove) interface from domain models
  • Labels and descriptions for each field
  • Various web utilities: view decorators, class-based views, Jinja2 filters, etc.
  • A default UI based on Bootstrap 3 and several carefully selected jQuery plugins such as Select2
  • REST and AJAX API helpers
  • i18n: support for multi-language via Babel, with multiple translation dictionaries

Management and admin

  • Initial settings wizard
  • Admin and user settings framework
  • System monitoring (using Sentry)

Current status

Abilian Core is currently alpha software, in terms of API stability.

It is currently used in several applications that have been developped by Abilian over the last two years:

  • Abilian SBE (Social Business Engine) - an enterprise 2.0 (social collaboration) platform
  • Abilian EMS (Event Management System)
  • Abilian CRM (Customer / Contact / Community Relationship Management System)
  • Abilian Le MOOC - a MOOC prototype
  • Abilian CMS - a Web CMS

In other words, Abilian Core is the foundation for a small, but growing, family of business-critical applications that our customers intend us to support in the coming years.

So while Abilian Core APIs, object model and even architecture, may (and most probably will) change due to various refactorings that are expected as we can't be expected to ship perfect software on the firt release, we also intend to treat it as a valuable business asset and keep maintaining and improving it in the foreseeable future.

Roadmap & getting involved

If you need help or for general discussions about the Abilian Platform, we recommend joing the Abilian Users forum on Google Groups.

For features and bug requests (or is it the other way around?), we recommend that you use the GitHub issue tracker.

Read the Contributing Guide for more information.

Install

If you are a Python web developer (which is the primary target for this project), you probably already know about:

So, after you have created and activated a virtualenv for the project, just run:

poetry

To use some features of the library, namely document and images transformation, you will need to install the additional native packages, using our operating system's package management tools (dpkg, yum, brew...):

  • A few image manipulation libraries (libpng, libjpeg)
  • The poppler-utils, unoconv, LibreOffice, ImageMagick utilities

Look at the fabfile.py for the exact list.

Testing

Abilian Core come with a full unit and integration testing suite. You can run it with make test (once your virtualenv has been activated and all required dependencies have been installed, see above).

Alternatively, you can use tox to run the full test suite in an isolated environment.

Licence

Abilian Core is licensed under the LGPL.

Credits

Abilian Core has been created by the development team at Abilian (currently: Stefane and Bertrand), with financial support from our wonderful customers, and R&D fundings from the French Government, the Paris Region and the European Union.

We are also specially grateful to:

  • Armin Ronacher for his work on Flask.
  • Michael Bayer for his work on SQLAlchemy.
  • Everyone who has been involved with and produced open source software for the Flask ecosystem (Kiran Jonnalagadda and the HasGeek team, Max Countryman, Matt Wright, Matt Good, Thomas Johansson, James Crasta, and many others).
  • The creators of Django, Pylons, TurboGears, Pyramid and Zope, for even more inspiration.
  • The whole Python community.

Links

Comments
  • Module json2: allow to call another search method

    Module json2: allow to call another search method

    this is an api endpoint (Module.json2) that searches with a regular database query (not Whoosh). Some modules may want to have their own search method (so as to add bonus information into the text results for example), so we call it if any or we rely on the basic search (name.ilike).

    opened by vindarel 9
  • Bump redis from 3.5.1 to 3.5.2

    Bump redis from 3.5.1 to 3.5.2

    Bumps redis from 3.5.1 to 3.5.2.

    Changelog

    Sourced from redis's changelog.

    • 3.5.2 (May 14, 2020)
      • Tune the locking in ConnectionPool.get_connection so that the lock is not held while waiting for the socket to establish and validate the TCP connection.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 6
  • Bump sentry-sdk from 0.14.3 to 0.14.4

    Bump sentry-sdk from 0.14.3 to 0.14.4

    Bumps sentry-sdk from 0.14.3 to 0.14.4.

    Release notes

    Sourced from sentry-sdk's releases.

    0.14.4

    • Fix bugs in transport rate limit enforcement for specific data categories. The bug should not have affected anybody because we do not yet emit rate limits for specific event types/data categories.
    • Fix a bug in capture_event where it would crash if given additional kwargs. Thanks to Tatiana Vasilevskaya!
    • Fix a bug where contextvars from the request handler were inaccessible in AIOHTTP error handlers.
    • Fix a bug where the Celery integration would crash if newrelic instrumented Celery as well.
    Changelog

    Sourced from sentry-sdk's changelog.

    0.14.4

    • Fix bugs in transport rate limit enforcement for specific data categories. The bug should not have affected anybody because we do not yet emit rate limits for specific event types/data categories.
    • Fix a bug in capture_event where it would crash if given additional kwargs. Thanks to Tatiana Vasilevskaya!
    • Fix a bug where contextvars from the request handler were inaccessible in AIOHTTP error handlers.
    • Fix a bug where the Celery integration would crash if newrelic instrumented Celery as well.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 6
  • Bump sqlalchemy from 1.3.16 to 1.3.17

    Bump sqlalchemy from 1.3.16 to 1.3.17

    Bumps sqlalchemy from 1.3.16 to 1.3.17.

    Release notes

    Sourced from sqlalchemy's releases.

    1.3.17

    Released: May 13, 2020

    orm

    • [orm] [bug] Fixed bug where using with_polymorphic() as the target of a join via RelationshipComparator.of_type() on a mapper that already has a subquery-based with_polymorphic setting that's equivalent to the one requested would not correctly alias the ON clause in the join.

      References: #5288

    • [orm] [bug] Fixed issue in the area of where loader options such as selectinload() interact with the baked query system, such that the caching of a query is not supposed to occur if the loader options themselves have elements such as with_polymorphic() objects in them that currently are not cache-compatible. The baked loader could sometimes not fully invalidate itself in these some of these scenarios leading to missed eager loads.

      References: #5303

    • [orm] [bug] Modified the internal "identity set" implementation, which is a set that hashes objects on their id() rather than their hash values, to not actually call the __hash__() method of the objects, which are typically user-mapped objects. Some methods were calling this method as a side effect of the implementation.

      References: #5304

    • [orm] [bug] An informative error message is raised when an ORM many-to-one comparison is attempted against an object that is not an actual mapped instance. Comparisons such as those to scalar subqueries aren't supported; generalized comparison with subqueries is better achieved using ~.RelationshipProperty.Comparator.has().

      References: #5269

    • [orm] [usecase] Added an accessor ColumnProperty.Comparator.expressions which provides access to the group of columns mapped under a multi-column ColumnProperty attribute.

      References: #5262

    • [orm] [usecase] Introduce _orm.relationship.sync_backref flag in a relationship to control if the synchronization events that mutate the in-Python attributes are added. This supersedes the previous change #5149, which warned that viewonly=True relationship target of a back_populates or backref configuration would be disallowed.

    ... (truncated)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 6
  • Bump deprecated from 1.2.9 to 1.2.10

    Bump deprecated from 1.2.9 to 1.2.10

    Bumps deprecated from 1.2.9 to 1.2.10.

    Release notes

    Sourced from deprecated's releases.

    v1.2.10 - Bug fix Release

    Fix #25: @deprecated respects global warning filters with actions other than "ignore" and "always" on Python 3.

    Changelog

    Sourced from deprecated's changelog.

    v1.2.10 (2020-05-13)

    Bug fix release

    Fix

    • Fix #25: @deprecated respects global warning filters with actions other than "ignore" and "always" on Python 3.

    Other

    • Change the configuration for TravisCI to build on pypy and pypy3.
    • Change the configuration for TravisCI and AppVeyor: drop configuration for Python 3.4 and add 3.8.
    Commits
    • a1c0a7f New bug fix release v1.2.10 (2020-05-13)
    • 90a976c Correct coverage version in tox.ini: use 'coverage < 5' to be able to...
    • a270ce2 Correct issue number in CHANGELOG.rst (close #25).
    • 9c42eed Fix #15: @deprecated respects global warning filters with actions other t...
    • 28fe02f Change the configuration for TravisCI and AppVeyor: drop configuration for Py...
    • b392e26 Appveyor: Drop Py34 and add Py38
    • c4351fb Update the banner in the documentation (version number is v1.2.10).
    • 59eff38 Remove the title-page.odg file (not used).
    • d9401ec Update the documentation about the supported versions of PyPy.
    • 73c3aa7 Change the configuration for TravisCI to build on pypy and pypy3.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 6
  • Bump eslint-plugin-import from 2.20.2 to 2.21.1

    Bump eslint-plugin-import from 2.20.2 to 2.21.1

    Bumps eslint-plugin-import from 2.20.2 to 2.21.1.

    Changelog

    Sourced from eslint-plugin-import's changelog.

    [2.21.1] - 2020-06-07

    Fixed

    • TypeScript: [import/named]: avoid requiring typescript when not using TS (#1805, thanks [@ljharb])

    [2.21.0] - 2020-06-07

    Added

    • [import/default]: support default export in TSExportAssignment (#1528, thanks [@joaovieira])
    • [no-cycle]: add ignoreExternal option (#1681, thanks [@sveyret])
    • [order]: Add support for TypeScript's "import equals"-expressions (#1785, thanks [@manuth])
    • [import/default]: support default export in TSExportAssignment (#1689, thanks [@Maxim-Mazurok])
    • [no-restricted-paths]: add custom message support (#1802, thanks [@malykhinvi])

    Fixed

    • [group-exports]: Flow type export awareness (#1702, thanks [@ernestostifano])
    • [order]: Recognize pathGroup config for first group (#1719, #1724, thanks [@forivall], [@xpl])
    • [no-unused-modules]: Fix re-export not counting as usage when used in combination with import (#1722, thanks [@Ephem])
    • [no-duplicates]: Handle TS import type (#1676, thanks [@kmui2])
    • [newline-after-import]: recognize decorators (#1139, thanks [@atos1990])
    • [no-unused-modules]: Revert "[flow] no-unused-modules: add flow type support" (#1770, thanks [@Hypnosphi])
    • TypeScript: Add nested namespace handling (#1763, thanks [@julien1619])
    • [namespace]/ExportMap: Fix interface declarations for TypeScript (#1764, thanks [@julien1619])
    • [no-unused-modules]: avoid order-dependence (#1744, thanks [@darkartur])
    • [no-internal-modules]: also check export from syntax (#1691, thanks [@adjerbetian])
    • TypeScript: [export]: avoid a crash with export = (#1801, thanks [@ljharb])

    Changed

    • [Refactor] no-extraneous-dependencies: use moduleVisitor (#1735, thanks [@adamborowski])
    • TypeScript config: Disable [named][] (#1726, thanks [@astorije])
    • [readme] Remove duplicate no-unused-modules from docs (#1690, thanks [@arvigeus])
    • [Docs] order: fix bad inline config (#1788, thanks [@nickofthyme])
    • [Tests] Add fix for Windows Subsystem for Linux (#1786, thanks [@manuth])
    • [Docs] no-unused-rules: Fix docs for unused exports (#1776, thanks [@barbogast])
    • [eslint] bump minimum v7 version to v7.2.0
    Commits
    • 63d2a3f Bump to v2.21.1
    • 381b2b5 [Fix] TypeScript: named: avoid requiring typescript when not using TS
    • 2699251 Bump to v2.21.0
    • d84062e [eslint] bump minimum v7 version to v7.2.0
    • 199143c [Deps] update array-includes, array.prototype.flat, `eslint-import-resolv...
    • 4ff9b92 [Fix] TypeScript: export: avoid a crash with export =
    • 0d6d12e [Tests] add test for export * from a d.ts file
    • 0b81052 [New] no-restricted-paths: Add custom message support
    • 0b585a1 [New] import/default: support default export in TSExportAssignment
    • 0547c7e [Tests] add test case for #1645
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies javascript 
    opened by dependabot-preview[bot] 2
  • Bump eslint from 7.0.0 to 7.2.0

    Bump eslint from 7.0.0 to 7.2.0

    Bumps eslint from 7.0.0 to 7.2.0.

    Release notes

    Sourced from eslint's releases.

    v7.2.0

    • b735a48 Update: add enforceForFunctionPrototypeMethods option to no-extra-parens (#12895) (Milos Djermanovic)
    • 27ef73f Update: reporter locr of func-call-spacing (refs #12334) (#13311) (Anix)
    • 353bfe9 Update: handle parentheses in multiline-ternary (fixes #13195) (#13367) (Milos Djermanovic)
    • a7fd343 Update: keyword-spacing unexpected space loc improve (refs #12334) (#13377) (Anix)
    • e49732e Fix: Ignore import expressions in no-unused-expressions rule (#13387) (Veniamin Krol)
    • 220349f Chore: Remove duplicate health files (#13380) (Nicholas C. Zakas)
    • dd949ae Update: support ?? operator, import.meta, and export * as ns (#13196) (Toru Nagashima)
    • d5fce9f Update: enable es2020 environment in --init (#13357) (Milos Djermanovic)
    • 21b1583 Docs: fixed broken hash link for working-with-rules.md (#13386) (Yosuke Ota)
    • b76aef7 Update: Improve report location for template-tag-spacing (refs #12334) (#13203) (Milos Djermanovic)
    • 578efad Chore: update no-unused-vars caughtErrors in eslint-config-eslint (#13351) (Milos Djermanovic)
    • 426088c Fix: no-unused-vars updated location to last reference (fixes #13181) (#13354) (Anix)
    • cb50b69 Update: Improve location for no-mixed-spaces-and-tabs (refs #12334) (#13365) (Milos Djermanovic)
    • f858f2a Chore: Add Tidelift to funding.yml (#13371) (Nicholas C. Zakas)
    • ee30e5d Sponsors: Sync README with website (ESLint Jenkins)
    • c29bd9f Chore: Add breaking/core change link to issue templates (#13344) (Kai Cataldo)
    • d55490f Sponsors: Sync README with website (ESLint Jenkins)

    v7.1.0

    • a93083a Fix: astUtils.getNextLocation returns invalid location after CRLF (#13275) (Milos Djermanovic)
    • df01af1 Update: padded-blocks loc position changes (refs #12334) (#13328) (Anix)
    • bd3f092 Fix: max-lines-per-function flagging arrow IIFEs (fixes #13332) (#13336) (cherryblossom000)
    • 25462b2 Update: block-spacing changed loc for extra (refs #12334) (#13314) (Anix)
    • de0aab9 Fix: report end loc in one-var-declaration-per-line (refs #12334) (#13326) (YeonJuan)
    • 1710296 Fix: no-new-symbol false positive with Symbol as an argument (#13337) (Milos Djermanovic)
    • cc01451 Fix: arrow-parens no reporting for comments inside (fixes #12995) (#13312) (Anix)
    • a195141 Update: reporting location for semi-spacing (refs #12334) (#13285) (Anix)
    • e3e4c41 Fix: fix false positives of no-new-func (#13333) (Pig Fang)
    • 611c676 Docs: Update new rules policies (#13343) (Nicholas C. Zakas)
    • 3a5fbb3 Chore: correct fileoverview doc in accessor-pairs (#13335) (YeonJuan)
    • b0a6b81 Update: Improve report location for rest-spread-spacing (refs #12334) (#13313) (Milos Djermanovic)
    • 68c8ee3 Fix: Stop path analyzer on unknown nodes (#13305) (Ilya Volodin)
    • 89e1081 Update: Improve report location for linebreak-style (refs #12334) (#13317) (Milos Djermanovic)
    • 0891379 Docs: Document the "correct" way to build an array with values (#13246) (Ed S)
    • 88127d7 Chore: remove checkbox from PR template prerequesites (#13330) (Kai Cataldo)
    • c636d57 New: no-loss-of-precision (fixes #11279) (#12747) (jmoore914)
    • 72a4e10 Chore: Mark SourceCode getComments() method as deprecated (fixes #13293) (#13296) (SuperOleg39)
    • 7f14846 Docs: fix broken link in Node.js API docs (#13307) (Kai Cataldo)
    • 02aeba1 Sponsors: Sync README with website (ESLint Jenkins)
    • 1f17533 Docs: Gitter -> Discord URL (refs #13039) (#13308) (Nicholas C. Zakas)
    • 82a448a Docs: improve documentation of no-return-await (#13215) (Linus Unnebäck)
    • 742941d Update: added typescript-eslint/recommended configs for init (#13235) (Anix)
    • 3d03df0 Sponsors: Sync README with website (ESLint Jenkins)
    • f44a6b4 Chore: fix invalid syntax in require-await tests (#13277) (Milos Djermanovic)
    • 2c778fb Fix: remove custom plugins from replacedBy metadata (#13274) (Kai Cataldo)
    • 0db3b1d Sponsors: Sync README with website (ESLint Jenkins)
    Changelog

    Sourced from eslint's changelog.

    v7.2.0 - June 5, 2020

    • b735a48 Update: add enforceForFunctionPrototypeMethods option to no-extra-parens (#12895) (Milos Djermanovic)

    • 27ef73f Update: reporter locr of func-call-spacing (refs #12334) (#13311) (Anix)

    • 353bfe9 Update: handle parentheses in multiline-ternary (fixes #13195) (#13367) (Milos Djermanovic)

    • a7fd343 Update: keyword-spacing unexpected space loc improve (refs #12334) (#13377) (Anix)

    • e49732e Fix: Ignore import expressions in no-unused-expressions rule (#13387) (Veniamin Krol)

    • 220349f Chore: Remove duplicate health files (#13380) (Nicholas C. Zakas)

    • dd949ae Update: support ?? operator, import.meta, and export * as ns (#13196) (Toru Nagashima)

    • d5fce9f Update: enable es2020 environment in --init (#13357) (Milos Djermanovic)

    • 21b1583 Docs: fixed broken hash link for working-with-rules.md (#13386) (Yosuke Ota)

    • b76aef7 Update: Improve report location for template-tag-spacing (refs #12334) (#13203) (Milos Djermanovic)

    • 578efad Chore: update no-unused-vars caughtErrors in eslint-config-eslint (#13351) (Milos Djermanovic)

    • 426088c Fix: no-unused-vars updated location to last reference (fixes #13181) (#13354) (Anix)

    • cb50b69 Update: Improve location for no-mixed-spaces-and-tabs (refs #12334) (#13365) (Milos Djermanovic)

    • f858f2a Chore: Add Tidelift to funding.yml (#13371) (Nicholas C. Zakas)

    • ee30e5d Sponsors: Sync README with website (ESLint Jenkins)

    • c29bd9f Chore: Add breaking/core change link to issue templates (#13344) (Kai Cataldo)

    • d55490f Sponsors: Sync README with website (ESLint Jenkins) v7.1.0 - May 22, 2020

    • a93083a Fix: astUtils.getNextLocation returns invalid location after CRLF (#13275) (Milos Djermanovic)

    • df01af1 Update: padded-blocks loc position changes (refs #12334) (#13328) (Anix)

    • bd3f092 Fix: max-lines-per-function flagging arrow IIFEs (fixes #13332) (#13336) (cherryblossom000)

    • 25462b2 Update: block-spacing changed loc for extra (refs #12334) (#13314) (Anix)

    • de0aab9 Fix: report end loc in one-var-declaration-per-line (refs #12334) (#13326) (YeonJuan)

    • 1710296 Fix: no-new-symbol false positive with Symbol as an argument (#13337) (Milos Djermanovic)

    • cc01451 Fix: arrow-parens no reporting for comments inside (fixes #12995) (#13312) (Anix)

    • a195141 Update: reporting location for semi-spacing (refs #12334) (#13285) (Anix)

    • e3e4c41 Fix: fix false positives of no-new-func (#13333) (Pig Fang)

    • 611c676 Docs: Update new rules policies (#13343) (Nicholas C. Zakas)

    • 3a5fbb3 Chore: correct fileoverview doc in accessor-pairs (#13335) (YeonJuan)

    • b0a6b81 Update: Improve report location for rest-spread-spacing (refs #12334) (#13313) (Milos Djermanovic)

    • 68c8ee3 Fix: Stop path analyzer on unknown nodes (#13305) (Ilya Volodin)

    • 89e1081 Update: Improve report location for linebreak-style (refs #12334) (#13317) (Milos Djermanovic)

    • 0891379 Docs: Document the "correct" way to build an array with values (#13246) (Ed S)

    • 88127d7 Chore: remove checkbox from PR template prerequesites (#13330) (Kai Cataldo)

    • c636d57 New: no-loss-of-precision (fixes #11279) (#12747) (jmoore914)

    • 72a4e10 Chore: Mark SourceCode getComments() method as deprecated (fixes #13293) (#13296) (SuperOleg39)

    • 7f14846 Docs: fix broken link in Node.js API docs (#13307) (Kai Cataldo)

    • 02aeba1 Sponsors: Sync README with website (ESLint Jenkins)

    • 1f17533 Docs: Gitter -> Discord URL (refs #13039) (#13308) (Nicholas C. Zakas)

    • 82a448a Docs: improve documentation of no-return-await (#13215) (Linus Unnebäck)

    • 742941d Update: added typescript-eslint/recommended configs for init (#13235) (Anix)

    • 3d03df0 Sponsors: Sync README with website (ESLint Jenkins)

    • f44a6b4 Chore: fix invalid syntax in require-await tests (#13277) (Milos Djermanovic)

    • 2c778fb Fix: remove custom plugins from replacedBy metadata (#13274) (Kai Cataldo)

    • 0db3b1d Sponsors: Sync README with website (ESLint Jenkins)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies javascript 
    opened by dependabot-preview[bot] 2
  • Bump pytest-randomly from 3.2.1 to 3.3.1

    Bump pytest-randomly from 3.2.1 to 3.3.1

    Bumps pytest-randomly from 3.2.1 to 3.3.1.

    Changelog

    Sourced from pytest-randomly's changelog.

    3.3.1 (2020-04-15)

    • Fix to work when pytest-xdist is not installed or active (PluginValidationError: unknown hook 'pytest_configure_node').

    3.3.0 (2020-04-15)

    • Add pytest-xdist support. Previously it only worked reliably when setting --randomly-seed explicitly. When not provided, the default seed generated in workers could differ and collection would fail. Now when it is not provided, all xdist worker processes shared the same default seed generated in the master process.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 2
  • Bump deprecated from 1.2.7 to 1.2.9

    Bump deprecated from 1.2.7 to 1.2.9

    Bumps deprecated from 1.2.7 to 1.2.9.

    Release notes

    Sourced from deprecated's releases.

    v1.2.9 - Bug fix Release

    • Fix #20
    • Fix #19 packit configuration

    v1.2.8 - Bug fix Release

    Fix #15: The @deprecated decorator doesn’t set a warning filter if the action keyword argument is not provided or None. In consequences, the warning messages are only emitted if the global filter allow it. For more information, see The Warning Filter in the Python documentation.

    Fix #13: Warning displays the correct filename and line number when decorating a class if wrapt does not have the compiled c extension.

    The API documentation and the Tutorial is improved to explain how to use custom warning categories and local filtering (warning filtering at function call).

    Fix #17: Customize the sidebar to add links to the documentation to the source in GitHub and to the Bug tracker. Add a logo in the sidebar and change the logo in the main page to see the library version.

    Add a detailed documentation about The “Sphinx” decorators.

    Change the Tox configuration to test the library with Wrapt 1.12.x.

    Changelog

    Sourced from deprecated's changelog.

    v1.2.9 (2020-04-10)

    Bug fix release

    Fix

    • Fix #20: Set the warnings.warn stacklevel to 2 if the Python implementation is PyPy.
    • Fix packit configuration: use dist-git-branch: fedora-all.

    Other

    • Change the Tox configuration to run tests on PyPy v2.7 and 3.6.

    v1.2.8 (2020-04-05)

    Bug fix release

    Fix

    • Fix #15: The @deprecated decorator doesn't set a warning filter if the action keyword argument is not provided or None. In consequences, the warning messages are only emitted if the global filter allow it. For more information, see The Warning Filter in the Python documentation.
    • Fix #13: Warning displays the correct filename and line number when decorating a class if wrapt does not have the compiled c extension.

    Documentation

    • The api documentation and the tutorial is improved to explain how to use custom warning categories and local filtering (warning filtering at function call).
    • Fix #17: Customize the sidebar to add links to the documentation to the source in GitHub and to the Bug tracker. Add a logo in the sidebar and change the logo in the main page to see the library version.
    • Add a detailed documentation about sphinx_deco.

    Other

    • Change the Tox configuration to test the library with Wrapt 1.12.x.
    Commits
    • 2b8e9e8 Add the missing long_description_content_type keyword in the setup co...
    • 6589bf5 New bug fix release v1.2.9 (2020-04-10)
    • 04f7dd3 Change the EditorConfig configuration: Yaml files are indented with 2 spaces.
    • 58ffd93 Fix packit configuration: use dist-git-branch: fedora-all.
    • aef92b1 Fix #20: Set the :func:warnings.warn stacklevel to 2 if the Python implemen...
    • 0867989 Change the Tox configuration to run tests on PyPy v2.7 and 3.6.
    • d8e1a1d dist_git_branch -> dist-git-branch
    • 2861cf1 Fix changelog in python-deprecated.spec.
    • 083b94d Prepare next version 1.2.9 (unreleased)
    • befe6fc New bug fix release v1.2.8 (2020-04-05)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 2
  • Bump sphinx from 2.4.4 to 3.0.1

    Bump sphinx from 2.4.4 to 3.0.1

    Bumps sphinx from 2.4.4 to 3.0.1.

    Changelog

    Sourced from sphinx's changelog.

    Release 3.0.1 (released Apr 11, 2020)

    Incompatible changes

    • #7418: std domain: :rst:dir:term role becomes case sensitive

    Bugs fixed

    • #7428: py domain: a reference to class None emits a nitpicky warning
    • #7445: py domain: a return annotation None in the function signature is not converted to a hyperlink when using intersphinx
    • #7418: std domain: duplication warning for glossary terms is case insensitive
    • #7438: C++, fix merging overloaded functions in parallel builds.
    • #7422: autodoc: fails with ValueError when using autodoc_mock_imports
    • #7435: autodoc: autodoc_typehints='description' doesn't suppress typehints in signature for classes/methods
    • #7451: autodoc: fails with AttributeError when an object returns non-string object as a __doc__ member
    • #7423: crashed when giving a non-string object to logger
    • #7479: html theme: Do not include xmlns attribute with HTML 5 doctype
    • #7426: html theme: Escape some links in HTML templates

    Release 3.0.0 (released Apr 06, 2020)

    Dependencies

    3.0.0b1

    • LaTeX: drop dependency on :program:extractbb for image inclusion in Japanese documents as .xbb files are unneeded by :program:dvipdfmx since TeXLive2015 (refs: #6189)
    • babel-2.0 or above is available (Unpinned)

    Incompatible changes

    3.0.0b1

    • Drop features and APIs deprecated in 1.8.x
    • #247: autosummary: stub files are overwritten automatically by default. see :confval:autosummary_generate_overwrite to change the behavior
    • #5923: autodoc: the members of object class are not documented by default when :inherited-members: and :special-members: are given.
    • #6830: py domain: meta fields in info-field-list becomes reserved. They are not displayed on output document now
    ... (truncated)
    Commits
    • 474f9d4 Bump to 3.0.1 final
    • 273ece4 Merge pull request #7452 from tk0miya/7451_error_for_non_string_docstring
    • 7b902e8 Fix #7451: autodoc: failed with non-string doc member
    • ebf2571 Merge pull request #7454 from tk0miya/7445_rtype_annotation_None
    • d9d381d Fix #7445: a return annotation None is not converted to a hyperlink
    • aca3f82 Merge pull request #7442 from tk0miya/7435_typehints_not_suppressed_for_class
    • e9e4aa8 Update CHANGES for PR #7426
    • 9add576 Update CHANGES for PR #7449
    • d9033a4 Merge pull request #7426 from mgeier/escape-links
    • 9ff5b21 Merge pull request #7449 from mitya57/no-xmlns
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 2
  • Bump sqlalchemy from 1.3.15 to 1.3.16

    Bump sqlalchemy from 1.3.15 to 1.3.16

    Bumps sqlalchemy from 1.3.15 to 1.3.16.

    Release notes

    Sourced from sqlalchemy's releases.

    1.3.16

    Released: April 7, 2020

    orm

    • [orm] [bug] Fixed bug in orm.selectinload() loading option where two or more loaders that represent different relationships with the same string key name as referenced from a single orm.with_polymorphic() construct with multiple subclass mappers would fail to invoke each subqueryload separately, instead making use of a single string-based slot that would prevent the other loaders from being invoked.

      References: #5228

    • [orm] [performance] Modified the queries used by subqueryload and selectinload to no longer ORDER BY the primary key of the parent entity; this ordering was there to allow the rows as they come in to be copied into lists directly with a minimal level of Python-side collation. However, these ORDER BY clauses can negatively impact the performance of the query as in many scenarios these columns are derived from a subquery or are otherwise not actual primary key columns such that SQL planners cannot make use of indexes. The Python-side collation uses the native itertools.group_by() to collate the incoming rows, and has been modified to allow multiple row-groups-per-parent to be assembled together using list.extend(), which should still allow for relatively fast Python-side performance. There will still be an ORDER BY present for a relationship that includes an explicit order_by parameter, however this is the only ORDER BY that will be added to the query for both kinds of loading.

      References: #5162

    • [orm] [bug] Fixed issue where a lazyload that uses session-local "get" against a target many-to-one relationship where an object with the correct primary key is present, however it's an instance of a sibling class, does not correctly return None as is the case when the lazy loader actually emits a load for that row.

      References: #5210

    orm declarative

    • [bug] [declarative] [orm] The string argument accepted as the first positional argument by the relationship() function when using the Declarative API is no longer interpreted using the Python eval() function; instead, the name is dot separated and the names are looked up directly in the name resolution dictionary without treating the value as a Python expression. However, passing a string argument to the other relationship() parameters
    ... (truncated)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies python 
    opened by dependabot-preview[bot] 2
  • chore(deps): bump json5 from 1.0.1 to 1.0.2

    chore(deps): bump json5 from 1.0.1 to 1.0.2

    Bumps json5 from 1.0.1 to 1.0.2.

    Release notes

    Sourced from json5's releases.

    v1.0.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
    Changelog

    Sourced from json5's changelog.

    Unreleased [code, diff]

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • chore(deps): bump certifi from 2021.5.30 to 2022.12.7

    chore(deps): bump certifi from 2021.5.30 to 2022.12.7

    Bumps certifi from 2021.5.30 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • chore(deps): bump certifi from 2021.5.30 to 2022.12.7 in /etc

    chore(deps): bump certifi from 2021.5.30 to 2022.12.7 in /etc

    Bumps certifi from 2021.5.30 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • chore(deps): bump minimist from 1.2.5 to 1.2.7

    chore(deps): bump minimist from 1.2.5 to 1.2.7

    Bumps minimist from 1.2.5 to 1.2.7.

    Changelog

    Sourced from minimist's changelog.

    v1.2.7 - 2022-10-10

    Commits

    • [meta] add auto-changelog 0ebf4eb
    • [actions] add reusable workflows e115b63
    • [eslint] add eslint; rules to enable later are warnings f58745b
    • [Dev Deps] switch from covert to nyc ab03356
    • [readme] rename and add badges 236f4a0
    • [meta] create FUNDING.yml; add funding in package.json 783a49b
    • [meta] use npmignore to autogenerate an npmignore file f81ece6
    • Only apps should have lockfiles 56cad44
    • [Dev Deps] update covert, tape; remove unnecessary tap 49c5f9f
    • [Tests] add aud in posttest 228ae93
    • [meta] add safe-publish-latest 01fc23f
    • [meta] update repo URLs 6b164c7

    v1.2.6 - 2022-03-21

    Commits

    • test from prototype pollution PR bc8ecee
    • isConstructorOrProto adapted from PR c2b9819
    • security notice for additional prototype pollution issue ef88b93
    Commits
    • c590d75 v1.2.7
    • 0ebf4eb [meta] add auto-changelog
    • e115b63 [actions] add reusable workflows
    • 01fc23f [meta] add safe-publish-latest
    • f58745b [eslint] add eslint; rules to enable later are warnings
    • 228ae93 [Tests] add aud in posttest
    • 236f4a0 [readme] rename and add badges
    • ab03356 [Dev Deps] switch from covert to nyc
    • 49c5f9f [Dev Deps] update covert, tape; remove unnecessary tap
    • 783a49b [meta] create FUNDING.yml; add funding in package.json
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • chore(deps): bump pillow from 8.3.2 to 9.3.0 in /etc

    chore(deps): bump pillow from 8.3.2 to 9.3.0 in /etc

    Bumps pillow from 8.3.2 to 9.3.0.

    Release notes

    Sourced from pillow's releases.

    9.3.0

    https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html

    Changes

    ... (truncated)

    Changelog

    Sourced from pillow's changelog.

    9.3.0 (2022-10-29)

    • Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [wiredfool]

    • Initialize libtiff buffer when saving #6699 [radarhere]

    • Inline fname2char to fix memory leak #6329 [nulano]

    • Fix memory leaks related to text features #6330 [nulano]

    • Use double quotes for version check on old CPython on Windows #6695 [hugovk]

    • Remove backup implementation of Round for Windows platforms #6693 [cgohlke]

    • Fixed set_variation_by_name offset #6445 [radarhere]

    • Fix malloc in _imagingft.c:font_setvaraxes #6690 [cgohlke]

    • Release Python GIL when converting images using matrix operations #6418 [hmaarrfk]

    • Added ExifTags enums #6630 [radarhere]

    • Do not modify previous frame when calculating delta in PNG #6683 [radarhere]

    • Added support for reading BMP images with RLE4 compression #6674 [npjg, radarhere]

    • Decode JPEG compressed BLP1 data in original mode #6678 [radarhere]

    • Added GPS TIFF tag info #6661 [radarhere]

    • Added conversion between RGB/RGBA/RGBX and LAB #6647 [radarhere]

    • Do not attempt normalization if mode is already normal #6644 [radarhere]

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Add CodeQL workflow for GitHub code scanning

    Add CodeQL workflow for GitHub code scanning

    Hi abilian/abilian-core!

    This is a one-off automatically generated pull request from LGTM.com :robot:. You might have heard that we’ve integrated LGTM’s underlying CodeQL analysis engine natively into GitHub. The result is GitHub code scanning!

    With LGTM fully integrated into code scanning, we are focused on improving CodeQL within the native GitHub code scanning experience. In order to take advantage of current and future improvements to our analysis capabilities, we suggest you enable code scanning on your repository. Please take a look at our blog post for more information.

    This pull request enables code scanning by adding an auto-generated codeql.yml workflow file for GitHub Actions to your repository — take a look! We tested it before opening this pull request, so all should be working :heavy_check_mark:. In fact, you might already have seen some alerts appear on this pull request!

    Where needed and if possible, we’ve adjusted the configuration to the needs of your particular repository. But of course, you should feel free to tweak it further! Check this page for detailed documentation.

    Questions? Check out the FAQ below!

    FAQ

    Click here to expand the FAQ section

    How often will the code scanning analysis run?

    By default, code scanning will trigger a scan with the CodeQL engine on the following events:

    • On every pull request — to flag up potential security problems for you to investigate before merging a PR.
    • On every push to your default branch and other protected branches — this keeps the analysis results on your repository’s Security tab up to date.
    • Once a week at a fixed time — to make sure you benefit from the latest updated security analysis even when no code was committed or PRs were opened.

    What will this cost?

    Nothing! The CodeQL engine will run inside GitHub Actions, making use of your unlimited free compute minutes for public repositories.

    What types of problems does CodeQL find?

    The CodeQL engine that powers GitHub code scanning is the exact same engine that powers LGTM.com. The exact set of rules has been tweaked slightly, but you should see almost exactly the same types of alerts as you were used to on LGTM.com: we’ve enabled the security-and-quality query suite for you.

    How do I upgrade my CodeQL engine?

    No need! New versions of the CodeQL analysis are constantly deployed on GitHub.com; your repository will automatically benefit from the most recently released version.

    The analysis doesn’t seem to be working

    If you get an error in GitHub Actions that indicates that CodeQL wasn’t able to analyze your code, please follow the instructions here to debug the analysis.

    How do I disable LGTM.com?

    If you have LGTM’s automatic pull request analysis enabled, then you can follow these steps to disable the LGTM pull request analysis. You don’t actually need to remove your repository from LGTM.com; it will automatically be removed in the next few months as part of the deprecation of LGTM.com (more info here).

    Which source code hosting platforms does code scanning support?

    GitHub code scanning is deeply integrated within GitHub itself. If you’d like to scan source code that is hosted elsewhere, we suggest that you create a mirror of that code on GitHub.

    How do I know this PR is legitimate?

    This PR is filed by the official LGTM.com GitHub App, in line with the deprecation timeline that was announced on the official GitHub Blog. The proposed GitHub Action workflow uses the official open source GitHub CodeQL Action. If you have any other questions or concerns, please join the discussion here in the official GitHub community!

    I have another question / how do I get in touch?

    Please join the discussion here to ask further questions and send us suggestions!

    opened by lgtm-com[bot] 0
Owner
Abilian open source projects
Open source projects maintained by Abilian SAS, a French company specialised in web, enterprise and data science applications in Python
Abilian open source projects
This repository holds those infrastructure-level modules, that every application requires that follows the core 12-factor principles.

py-12f-common About This repository holds those infrastructure-level modules, that every application requires that follows the core 12-factor principl

Tamás Benke 1 Dec 15, 2022
MuMMI Core is the underlying infrastructure and generalizable component of the MuMMI framework

MuMMI Core is the underlying infrastructure and generalizable component of the MuMMI framework, which facilitates the coordination of massively parallel multiscale simulations.

null 4 Aug 17, 2022
A micro-service that can be extended to help in monitoring systems

A micro-service that can be extended to help in monitoring systems. Be extensible to be incorporated in any of the systems to facilitate timely interventions.

Peter Kagwe 1 Feb 6, 2022
a url shortener with fastapi and tortoise-orm

fastapi-tortoise-orm-url-shortener a url shortener with fastapi and tortoise-orm

null 19 Aug 12, 2022
Python module to work with Magneto Database directly without using broken Magento 2 core

Python module to work with Magneto Database directly without using broken Magento 2 core

Egor Shitikov 13 Nov 10, 2022
An Airflow operator to call the main function from the dbt-core Python package

airflow-dbt-python An Airflow operator to call the main function from the dbt-core Python package Motivation Airflow running in a managed environment

Tomás Farías Santana 93 Jan 8, 2023
TMTC Commander Core

This commander application was first developed by KSat for the SOURCE project to test the on-board software but has evolved into a more generic tool for satellite developers to perform TMTC (Telemetry and Telecommand) handling and testing via different communication interfaces.

robamu 8 Dec 14, 2022
An alternative app for core Armoury Crate functions.

NoROG DISCLAIMER: Use at your own risk. This is alpha-quality software. It has not been extensively tested, though I personally run it daily on my lap

null 12 Nov 29, 2022
This is the core of the program which takes 5k SYMBOLS and looks back N years to pull in the daily OHLC data of those symbols and saves them to disc.

This is the core of the program which takes 5k SYMBOLS and looks back N years to pull in the daily OHLC data of those symbols and saves them to disc.

Daniel Caine 1 Jan 31, 2022
Flask-built web application that simulates a time and cost calculator for charging Electric Vehicles.

ev_charging_calculator Flask-built web application that simulates a time and cost calculator for charging Electric Vehicles. The project aims to simul

null 1 Nov 3, 2021
💻 Algo-Phantoms-Backend is an Application that provides pathways and quizzes along with a code editor to help you towards your DSA journey.📰🔥 This repository contains the REST APIs of the application.✨

Algo-Phantom-Backend ?? Algo-Phantoms-Backend is an Application that provides pathways and quizzes along with a code editor to help you towards your D

Algo Phantoms 44 Nov 15, 2022
ArinjoyTheDev 1 Jul 17, 2022
Flames Calculater App used to calculate flames status between two names created using python's Flask web framework.

Flames Finder Web App Flames Calculater App used to calculate flames status between two names created using python's Flask web framework. First, App g

Siva Prakash 4 Jan 2, 2022
A lightweight solution for local Particle development.

neopo A lightweight solution for local Particle development. Features Builds Particle projects locally without any overhead. Compatible with Particle

Nathan Robinson 19 Jan 1, 2023
NES development tool made with Python and Lua

NES Builder NES development and romhacking tool made with Python and Lua Current Stage: Alpha Features Open source "Build" project, which exports vari

null 10 Aug 19, 2022
Shell Trality API for local development.

Trality Simulator Intro This package is a work in progress. It allows local development of Trality bots in an IDE such as VS Code. The package provide

CrypTrality 1 Nov 17, 2021
Step by step development of a vending coffee machine project, including tkinter, sqlite3, simulation, etc.

Step by step development of a vending coffee machine project, including tkinter, sqlite3, simulation, etc.

Nikolaos Avouris 2 Dec 5, 2021
This an Anki add on that automatically converts Notion notes into Anki flash cards. Currently in development!

NotionFlash This is an Anki add on in development that will allow automatically convert your Notion study notes into Anki flash cards. The Anki deck c

Neeraj Patel 10 Oct 7, 2022
Tracking development of the Class Schedule Siri Shortcut, an iOS program that checks the type of school day and tells you class scheduling.

Class Schedule Shortcut Tracking development of the Class Schedule Siri Shortcut, an iOS program that checks the type of school day and tells you clas

null 3 Jun 28, 2022