A Python framework for building geospatial web-applications

Last update: Dec 27, 2022

Related tags

Overview

Hey there, this is Greppo...

A Python framework for building geospatial web-applications.

Greppo is an open-source Python framework that makes it easy to build applications. It provides a toolkit for to quickly integrate data, algorithms, visualizations and UI for interactivity.

Documentation: docs.greppo.io

Website: https://greppo.io

Discord Community: https://discord.gg/RNJBjgh8gz

Installation

$ pip install greppo

We suggest you use a virtual environment to manage your packages for this project. For more infromation and troubleshooting visit the Installation Guide.

A simple example

# inside app.py

from greppo import app
import geopandas as gpd

data_gdf = gpd.read_file("geospatial_data.geojson")

buildings_gdf = gpd.read_file("./data/buildings.geojson")

app.overlay_layer(
    buildings_gdf,
    title="Buildings",
    description="Buildings in a neighbourhood in Amsterdam",
    style={"fillColor": "#F87979"},
    visible=True,
)

app.base_layer(
    name="Open Street Map",
    visible=True,
    url="https://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png",
    subdomains=None,
    attribution='© OpenStreetMap contributors',
)

Then run the aplication using the greppo cli command:

greppo serve app.py

To view the app that is being served, enter this address of the localhost 127.0.0.1:8000/ in your web browser.

Support & Community

Do you have questions? Ideas? Want to share your project? Join us on discord Invite Link.

License

Greppo is licensed under Apache V2.

Comments

file not found error

I am able to install greppo package. But getting this error:


# greppo serve app.py --host 172.31.38.540
INFO:     Started server process [10836]
INFO:     Waiting for application startup.
INFO:     Application startup complete.
INFO:     Uvicorn running on http://172.31.38.540:8080 (Press CTRL+C to quit)
INFO:     18.209.195.135:54298 - "GET / HTTP/1.1" 200 OK
INFO:     18.209.195.135:54298 - "GET /css/app.a14da775.css HTTP/1.1" 200 OK
INFO:     18.209.195.135:54297 - "GET /css/chunk-vendors.db50bcea.css HTTP/1.1" 200 OK
INFO:     18.209.195.135:54301 - "GET /js/chunk-vendors.526a29f2.js HTTP/1.1" 200 OK
INFO:     18.209.195.135:54300 - "GET /js/app.7529265e.js HTTP/1.1" 200 OK
ERROR:fiona._env:geospatial_data.geojson: No such file or directory
INFO:     18.209.195.135:54301 - "GET /api HTTP/1.1" 500 Internal Server Error
ERROR:    Exception in ASGI application
Traceback (most recent call last):
  File "fiona/_shim.pyx", line 83, in fiona._shim.gdal_open_vector
  File "fiona/_err.pyx", line 291, in fiona._err.exc_wrap_pointer
fiona._err.CPLE_OpenFailedError: geospatial_data.geojson: No such file or directory

opened by shantanuo 16

List included Plugins / Libraries

I see that you included Leaflet.draw, it would be fair if you list somewhere (visible) which Libraries you are using behind.

PS: Leaflet.draw is a dead project, Leaflet-Geoman is more modern and up to date

opened by Falke-Design 4
Installing greppo (dependencies)

The installation of Fiona on Windows machines usually doesn't work by default. Since Fiona seems to be a dependency of greppo (and GDAL being a dependency of Fiona, ...) I'd give a hint regarding a manual installation with e.g. the wheel files by Christoph Gohlke.

It probably is up for discussion on whose repository this issue should be submitted and I understand if you think that it isn't the greppo repository since you are targeting Data Scientists that probably know their ways around Python and packages. However, in order to make the library available to a wider audience, I think the accessibility should be as best as possible which is why it might make sense to hint how to get the dependencies right.

opened by grndng 4
Please Help - error installing greppo (Windows)

Hello Guys!

Thanks for building Greppo! I am having some issues installing it, so I would really appreciate it if you could please five a hand:

I have created a different environment in Anaconda Prompt and tried to install greppo there, as @krishadi mentioned in the Discord group, but still with no success.

Any help would be greatly appreciated.

Looking forward to hearing from you soon. Have a good one!

David E.

opened by davidestrada1 3

Use xyzservices in base layers

As far a I can tell, a user needs to specify all details of a base layer when adding it to app.

from greppo import app

app.base_layer(
    name="CartoDB Light",
    visible=True,
    url="https://cartodb-basemaps-a.global.ssl.fastly.net/light_all/{z}/{x}/{y}@2x.png",
    subdomains=None,
    attribution='&copy; <a target="_blank" href="http://osm.org/copyright">OpenStreetMap</a> contributors',
)

You can make this easier if you make this dependent on the xyzservices package we have built for geopandas and contextily. It has all these info, so you could do something like

from greppo import app
import xyzservices.providers as xyz

app.base_layer(
    xyz.CartoDB.Positron,
    visible=True,
)

Or you can use its query_name method under the hood and simplify it to

from greppo import app

app.base_layer(
    name="CartoDB Positron",
    visible=True,
)

Happy to help with that if you need.

opened by martinfleis 2

Bump loader-utils, @vue/cli-plugin-babel, @vue/cli-plugin-eslint and @vue/cli-service in /frontend
Bumps loader-utils to 1.4.1 and updates ancestor dependencies loader-utils, @vue/cli-plugin-babel, @vue/cli-plugin-eslint and @vue/cli-service. These dependencies need to be updated together.

Updates loader-utils from 0.2.17 to 1.4.1

Release notes

Sourced from loader-utils's releases.

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

v1.4.0

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

v1.3.0

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

v1.2.3

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

v1.2.2

1.2.2 (2018-12-27)

Bug Fixes

fixed a hash type extracting in interpolateName (#137) (f8a71f4)

v1.2.1

1.2.1 (2018-12-25)

... (truncated)

Changelog

Sourced from loader-utils's changelog.

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

1.2.2 (2018-12-27)

Bug Fixes

fixed a hash type extracting in interpolateName (#137) (f8a71f4)

1.2.1 (2018-12-25)

... (truncated)

Commits

8f082b3 chore(release): 1.4.1

4504e34 fix: security problem (#220)

d95b8b5 chore(release): 1.4.0

cd0e428 feat: the resourceQuery is passed to the interpolateName method (#163)

06d36cf chore(release): 1.3.0

469eeba feat: support the [query] template for the interpolatedName method (#162)

909c99d chore: funding.yml config and CI fix (#159)

b5b74f0 Set up CI with Azure Pipelines

7970c48 docs: small grammar change (#144)

b91a76c chore(release): 1.2.3

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.

Updates @vue/cli-plugin-babel from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-plugin-babel's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-plugin-babel's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

4a0655f v5.0.7

ef08a08 v5.0.6

98c66c9 v5.0.5

ca97fc2 v5.0.4

dd53f26 v5.0.3

a859b1f v5.0.2

92d80a8 v5.0.1

c913cdc v5.0.0

75a6d69 v5.0.0-rc.3

Additional commits viewable in compare view

Updates @vue/cli-plugin-eslint from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-plugin-eslint's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-plugin-eslint's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

4a0655f v5.0.7

ef08a08 v5.0.6

98c66c9 v5.0.5

ca97fc2 v5.0.4

dd53f26 v5.0.3

a859b1f v5.0.2

92d80a8 v5.0.1

c913cdc v5.0.0

75a6d69 v5.0.0-rc.3

Additional commits viewable in compare view

Updates @vue/cli-service from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-service's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-service's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

0260e4d fix: add devServer.server.type to useHttps judgement (#7222)

4a0655f v5.0.7

beffe8a fix: allow disabling progress plugin via devServer.client.progress

558dea2 fix: support devServer.server option, avoid deprecation warning

bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)

ef08a08 v5.0.6

fcf27e3 fixup! fix: compatibility with Vue 2.7

a648958 fix: compatibility with Vue 2.7

98c66c9 v5.0.5

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 1
Could not find module 'geos_c.dll'

"Collecting Shapely==1.7.1 Using cached Shapely-1.7.1.tar.gz (383 kB) Preparing metadata (setup.py) ... error error: subprocess-exited-with-error

× python setup.py egg_info did not run successfully. │ exit code: 1 ╰─> [10 lines of output] Traceback (most recent call last): File "", line 2, in File "", line 34, in File "C:\Users\waqas\AppData\Local\Temp\pip-install-tejpkfb2\shapely_c15553460ad04164b9fc4f0138c13331\setup.py", line 85 , in from shapely.buildcfg import geos_version_string, geos_version,
File "C:\Users\waqas\AppData\Local\Temp\pip-install-tejpkfb2\shapely_c15553460ad04164b9fc4f0138c13331\shapely_buildcfg. py", line 205, in lgeos = CDLL("geos_c.dll") File "C:\Users\waqas\AppData\Local\Programs\Python\Python310\lib\ctypes_init.py", line 374, in init self._handle = _dlopen(self._name, mode) FileNotFoundError: Could not find module 'geos_c.dll' (or one of its dependencies). Try using the full path with construct or syntax. [end of output]

note: This error originates from a subprocess, and is likely not a problem with pip. error: metadata-generation-failed

× Encountered error while generating package metadata. ╰─> See above for output.

note: This is an issue with the package mentioned above, not pip. hint: See above for details.

" " This error is coming how to resolve it "

opened by Muhammad-Waqas5012 1
Bump moment from 2.29.1 to 2.29.2 in /frontend
Bumps moment from 2.29.1 to 2.29.2.

Changelog

Sourced from moment's changelog.

2.29.2 See full changelog

Release Apr 3 2022

Address https://github.com/advisories/GHSA-8hfj-j24r-96c4

Commits

75e2ac5 Build 2.29.2

5a29877 Bump version to 2.29.2

4fd847b Update changelog for 2.29.2

4211bfc [bugfix] Avoid loading path-looking locales from fs

f2a813a [misc] Fix indentation (according to prettier)

7a10de8 [test] Avoid hours around DST

e968092 [locale] ar-ly: fix locale name (#5828)

53d7ee6 [misc] fix builds (#5836)

52019f1 [misc] Specify length of toArray return type (#5766)

0dcaaa6 [locale] tr: update translation of Monday and Saturday (#5756)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 1
Error: 'GreppoApp' object has no attribute 'base_layer'

That's a great project and I'm very happy to try it out! Unfortunately, after installing the necessary dependencies and create a sample app.py with app.base_layer( ... ) as shown in the demo section of the documentation, I keep getting errors like: AttributeError: 'GreppoApp' object has no attribute 'base_layer'.

Is there something I'm missing?

opened by sotosoul 1
Bump pillow from 8.4.0 to 9.0.1 in /library
Bumps pillow from 8.4.0 to 9.0.1.

Release notes

Sourced from pillow's releases.

9.0.1

https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html

Changes

In show_file, use os.remove to remove temporary images. CVE-2022-24303 #6010 [@radarhere, @hugovk]

Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817 #6009 [radarhere]

9.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html

Changes

Restrict builtins for ImageMath.eval() #5923 [@radarhere]

Ensure JpegImagePlugin stops at the end of a truncated file #5921 [@radarhere]

Fixed ImagePath.Path array handling #5920 [@radarhere]

Remove consecutive duplicate tiles that only differ by their offset #5919 [@radarhere]

Removed redundant part of condition #5915 [@radarhere]

Explicitly enable strip chopping for large uncompressed TIFFs #5517 [@kmilos]

Use the Windows method to get TCL functions on Cygwin #5807 [@DWesl]

Changed error type to allow for incremental WebP parsing #5404 [@radarhere]

Improved I;16 operations on big endian #5901 [@radarhere]

Ensure that BMP pixel data offset does not ignore palette #5899 [@radarhere]

Limit quantized palette to number of colors #5879 [@radarhere]

Use latin1 encoding to decode bytes #5870 [@radarhere]

Fixed palette index for zeroed color in FASTOCTREE quantize #5869 [@radarhere]

When saving RGBA to GIF, make use of first transparent palette entry #5859 [@radarhere]

Pass SAMPLEFORMAT to libtiff #5848 [@radarhere]

Added rounding when converting P and PA #5824 [@radarhere]

Improved putdata() documentation and data handling #5910 [@radarhere]

Exclude carriage return in PDF regex to help prevent ReDoS #5912 [@radarhere]

Image.NONE is only used for resampling and dithers #5908 [@radarhere]

Fixed freeing pointer in ImageDraw.Outline.transform #5909 [@radarhere]

Add Tidelift alignment action and badge #5763 [@aclark4life]

Replaced further direct invocations of setup.py #5906 [@radarhere]

Added ImageShow support for xdg-open #5897 [@m-shinder]

Fixed typo #5902 [@radarhere]

Switched from deprecated "setup.py install" to "pip install ." #5896 [@radarhere]

Support 16-bit grayscale ImageQt conversion #5856 [@cmbruns]

Fixed raising OSError in _safe_read when size is greater than SAFEBLOCK #5872 [@radarhere]

Convert subsequent GIF frames to RGB or RGBA #5857 [@radarhere]

WebP: Fix memory leak during decoding on failure #5798 [@ilai-deutel]

Do not prematurely return in ImageFile when saving to stdout #5665 [@infmagic2047]

Added support for top right and bottom right TGA orientations #5829 [@radarhere]

Corrected ICNS file length in header #5845 [@radarhere]

Block tile TIFF tags when saving #5839 [@radarhere]

Added line width argument to ImageDraw polygon #5694 [@radarhere]

Do not redeclare class each time when converting to NumPy #5844 [@radarhere]

Only prevent repeated polygon pixels when drawing with transparency #5835 [@radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

9.0.1 (2022-02-03)

In show_file, use os.remove to remove temporary images. CVE-2022-24303 #6010 [radarhere, hugovk]

Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817 #6009 [radarhere]

9.0.0 (2022-01-02)

Restrict builtins for ImageMath.eval(). CVE-2022-22817 #5923 [radarhere]

Ensure JpegImagePlugin stops at the end of a truncated file #5921 [radarhere]

Fixed ImagePath.Path array handling. CVE-2022-22815, CVE-2022-22816 #5920 [radarhere]

Remove consecutive duplicate tiles that only differ by their offset #5919 [radarhere]

Improved I;16 operations on big endian #5901 [radarhere]

Limit quantized palette to number of colors #5879 [radarhere]

Fixed palette index for zeroed color in FASTOCTREE quantize #5869 [radarhere]

When saving RGBA to GIF, make use of first transparent palette entry #5859 [radarhere]

Pass SAMPLEFORMAT to libtiff #5848 [radarhere]

Added rounding when converting P and PA #5824 [radarhere]

Improved putdata() documentation and data handling #5910 [radarhere]

Exclude carriage return in PDF regex to help prevent ReDoS #5912 [hugovk]

Fixed freeing pointer in ImageDraw.Outline.transform #5909 [radarhere]

... (truncated)

Commits

6deac9e 9.0.1 version bump

c04d812 Update CHANGES.rst [ci skip]

4fabec3 Added release notes for 9.0.1

02affaa Added delay after opening image with xdg-open

ca0b585 Updated formatting

427221e In show_file, use os.remove to remove temporary images

c930be0 Restrict builtins within lambdas for ImageMath.eval

75b69dd Dont need to pin for GHA

cd938a7 Autolink CWE numbers with sphinx-issues

2e9c461 Add CVE IDs

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies python
opened by dependabot[bot] 1

AttributeError: module 'ast' has no attribute 'unparse'

Hey there!

Tried to run the example code from the quickstart locally and got an error thrown:

INFO:     127.0.0.1:42240 - "GET /api HTTP/1.1" 500 Internal Server Error
ERROR:    Exception in ASGI application
Traceback (most recent call last):
  File "/home/conor/.local/lib/python3.8/site-packages/uvicorn/protocols/http/h11_impl.py", line 373, in run_asgi
    result = await app(self.scope, self.receive, self.send)
  File "/home/conor/.local/lib/python3.8/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__
    return await self.app(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/applications.py", line 112, in __call__
    await self.middleware_stack(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/middleware/errors.py", line 181, in __call__
    raise exc
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/middleware/errors.py", line 159, in __call__
    await self.app(scope, receive, _send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/middleware/cors.py", line 84, in __call__
    await self.app(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/exceptions.py", line 82, in __call__
    raise exc
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/exceptions.py", line 71, in __call__
    await self.app(scope, receive, sender)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/routing.py", line 656, in __call__
    await route.handle(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/routing.py", line 259, in handle
    await self.app(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/routing.py", line 61, in app
    response = await func(request)
  File "/home/conor/.local/lib/python3.8/site-packages/greppo/greppo_server.py", line 30, in api_endpoint
    payload, _ = await script_task(script_name=user_script, input_updates=input_updates)
  File "/home/conor/.local/lib/python3.8/site-packages/greppo/user_script_utils.py", line 253, in script_task
    payload = run_script(
  File "/home/conor/.local/lib/python3.8/site-packages/greppo/user_script_utils.py", line 226, in run_script
    logger.debug(ast.unparse(user_code))
AttributeError: module 'ast' has no attribute 'unparse'
ERROR:uvicorn.error:Exception in ASGI application
Traceback (most recent call last):
  File "/home/conor/.local/lib/python3.8/site-packages/uvicorn/protocols/http/h11_impl.py", line 373, in run_asgi
    result = await app(self.scope, self.receive, self.send)
  File "/home/conor/.local/lib/python3.8/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__
    return await self.app(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/applications.py", line 112, in __call__
    await self.middleware_stack(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/middleware/errors.py", line 181, in __call__
    raise exc
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/middleware/errors.py", line 159, in __call__
    await self.app(scope, receive, _send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/middleware/cors.py", line 84, in __call__
    await self.app(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/exceptions.py", line 82, in __call__
    raise exc
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/exceptions.py", line 71, in __call__
    await self.app(scope, receive, sender)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/routing.py", line 656, in __call__
    await route.handle(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/routing.py", line 259, in handle
    await self.app(scope, receive, send)
  File "/home/conor/.local/lib/python3.8/site-packages/starlette/routing.py", line 61, in app
    response = await func(request)
  File "/home/conor/.local/lib/python3.8/site-packages/greppo/greppo_server.py", line 30, in api_endpoint
    payload, _ = await script_task(script_name=user_script, input_updates=input_updates)
  File "/home/conor/.local/lib/python3.8/site-packages/greppo/user_script_utils.py", line 253, in script_task
    payload = run_script(
  File "/home/conor/.local/lib/python3.8/site-packages/greppo/user_script_utils.py", line 226, in run_script
    logger.debug(ast.unparse(user_code))
AttributeError: module 'ast' has no attribute 'unparse'

Being lazy I didn't install Greppo in a virtualenv or anything, just ran python3 -m pip install greppo.

Environment:

Python: 3.8.10
Ubuntu: 20.04
Greppo: 0.0.23

opened by conor-f 1

Bump json5, @vue/cli-plugin-babel, @vue/cli-plugin-eslint and @vue/cli-service in /frontend
Bumps json5 to 2.2.2 and updates ancestor dependencies json5, @vue/cli-plugin-babel, @vue/cli-plugin-eslint and @vue/cli-service. These dependencies need to be updated together.

Updates json5 from 0.5.1 to 2.2.2

Release notes

Sourced from json5's releases.

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

Fix: Bump minimist to v1.2.5. (#222)

v2.1.1

New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)

Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)

Fix: Spelling mistakes have been fixed. (#196)

v2.1.0

New: The index.mjs and index.min.mjs browser builds in the dist directory support ES6 modules. (#187)

v2.0.1

Fix: The browser builds in the dist directory support ES5. (#182)

v2.0.0

Major: JSON5 officially supports Node.js v6 and later. Support for Node.js v4 has been dropped. Since Node.js v6 supports ES5 features, the code has been rewritten in native ES5, and the dependence on Babel has been eliminated.

New: Support for Unicode 10 has been added.

New: The test framework has been migrated from Mocha to Tap.

New: The browser build at dist/index.js is no longer minified by default. A minified version is available at dist/index.min.js. (#181)

Fix: The warning has been made clearer when line and paragraph separators are used in strings.

Fix: package.json5 has been restored, and it is automatically generated and

... (truncated)

Changelog

Sourced from json5's changelog.

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

Fix: Bump minimist to v1.2.5. (#222)

v2.1.1 [code, diff]

New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)

Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)

Fix: Spelling mistakes have been fixed. (#196)

... (truncated)

Commits

14f8cb1 2.2.2

10cc7ca docs: update CHANGELOG for v2.2.2

7774c10 fix: add proto to objects and arrays

edde30a Readme: slight tweak to intro

97286f8 Improve example in readme

d720b4f Improve readme (e.g. explain JSON5 better!) (#291)

910ce25 docs: fix spelling of Aseem

2aab4dd test: require tap as t in cli tests

6d42686 test: remove mocha syntax from tests

4798b9d docs: update installation and usage for modules

Additional commits viewable in compare view

Updates @vue/cli-plugin-babel from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-plugin-babel's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-plugin-babel's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

4a0655f v5.0.7

ef08a08 v5.0.6

98c66c9 v5.0.5

ca97fc2 v5.0.4

dd53f26 v5.0.3

a859b1f v5.0.2

92d80a8 v5.0.1

c913cdc v5.0.0

75a6d69 v5.0.0-rc.3

Additional commits viewable in compare view

Updates @vue/cli-plugin-eslint from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-plugin-eslint's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-plugin-eslint's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

4a0655f v5.0.7

ef08a08 v5.0.6

98c66c9 v5.0.5

ca97fc2 v5.0.4

dd53f26 v5.0.3

a859b1f v5.0.2

92d80a8 v5.0.1

c913cdc v5.0.0

75a6d69 v5.0.0-rc.3

Additional commits viewable in compare view

Updates @vue/cli-service from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-service's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-service's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

0260e4d fix: add devServer.server.type to useHttps judgement (#7222)

4a0655f v5.0.7

beffe8a fix: allow disabling progress plugin via devServer.client.progress

558dea2 fix: support devServer.server option, avoid deprecation warning

bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)

ef08a08 v5.0.6

fcf27e3 fixup! fix: compatibility with Vue 2.7

a648958 fix: compatibility with Vue 2.7

98c66c9 v5.0.5

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
Bump express from 4.17.2 to 4.18.2 in /frontend
Bumps express from 4.17.2 to 4.18.2.

Release notes

Sourced from express's releases.

4.18.2

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1

Fix hanging on large stack of sync routes

4.18.0

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

Fix emitted 416 error missing headers property

Limit the headers removed for 304 response

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

8368dc1 4.18.2

61f4049 docs: replace Freenode with Libera Chat

bb7907b build: [email protected]

f56ce73 build: [email protected]

24b3dc5 deps: [email protected]

689d175 deps: [email protected]

340be0f build: [email protected]

33e8dc3 docs: use Node.js name style

644f646 build: [email protected]

ecd7572 build: [email protected]

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
Bump certifi from 2021.10.8 to 2022.12.7 in /library
Bumps certifi from 2021.10.8 to 2022.12.7.

Commits

9e9e840 2022.12.07

b81bdb2 2022.09.24

939a28f 2022.09.14

aca828a 2022.06.15.2

de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...

b8eb5e9 2022.06.15.1

47fb7ab Fix deprecation warning on Python 3.11 (#199)

b0b48e0 fixes #198 -- update link in license

9d514b4 2022.06.15

4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies python
opened by dependabot[bot] 0
Bump decode-uri-component from 0.2.0 to 0.2.2 in /frontend
Bumps decode-uri-component from 0.2.0 to 0.2.2.

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

Commits

a0eea46 0.2.2

980e0bf Prevent overwriting previously decoded tokens

3c8a373 0.2.1

76abc93 Switch to GitHub workflows

746ca5d Fix issue where decode throws - fixes #6

486d7e2 Update license (#1)

a650457 Tidelift tasks

66e1c28 Meta tweaks

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
Bump pillow from 8.4.0 to 9.3.0 in /library
Bumps pillow from 8.4.0 to 9.3.0.

Release notes

Sourced from pillow's releases.

9.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html

Changes

Initialize libtiff buffer when saving #6699 [@radarhere]

Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [@wiredfool]

Inline fname2char to fix memory leak #6329 [@nulano]

Fix memory leaks related to text features #6330 [@nulano]

Use double quotes for version check on old CPython on Windows #6695 [@hugovk]

GHA: replace deprecated set-output command with GITHUB_OUTPUT file #6697 [@nulano]

Remove backup implementation of Round for Windows platforms #6693 [@cgohlke]

Upload fribidi.dll to GitHub Actions #6532 [@nulano]

Fixed set_variation_by_name offset #6445 [@radarhere]

Windows build improvements #6562 [@nulano]

Fix malloc in _imagingft.c:font_setvaraxes #6690 [@cgohlke]

Only use ASCII characters in C source file #6691 [@cgohlke]

Release Python GIL when converting images using matrix operations #6418 [@hmaarrfk]

Added ExifTags enums #6630 [@radarhere]

Do not modify previous frame when calculating delta in PNG #6683 [@radarhere]

Added support for reading BMP images with RLE4 compression #6674 [@npjg]

Decode JPEG compressed BLP1 data in original mode #6678 [@radarhere]

pylint warnings #6659 [@marksmayo]

Added GPS TIFF tag info #6661 [@radarhere]

Added conversion between RGB/RGBA/RGBX and LAB #6647 [@radarhere]

Do not attempt normalization if mode is already normal #6644 [@radarhere]

Fixed seeking to an L frame in a GIF #6576 [@radarhere]

Consider all frames when selecting mode for PNG save_all #6610 [@radarhere]

Don't reassign crc on ChunkStream close #6627 [@radarhere]

Raise a warning if NumPy failed to raise an error during conversion #6594 [@radarhere]

Only read a maximum of 100 bytes at a time in IMT header #6623 [@radarhere]

Show all frames in ImageShow #6611 [@radarhere]

Allow FLI palette chunk to not be first #6626 [@radarhere]

If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode #6592 [@radarhere]

Round box position to integer when pasting embedded color #6517 [@radarhere]

Removed EXIF prefix when saving WebP #6582 [@radarhere]

Pad IM palette to 768 bytes when saving #6579 [@radarhere]

Added DDS BC6H reading #6449 [@ShadelessFox]

Added support for opening WhiteIsZero 16-bit integer TIFF images #6642 [@JayWiz]

Raise an error when allocating translucent color to RGB palette #6654 [@jsbueno]

Moved mode check outside of loops #6650 [@radarhere]

Added reading of TIFF child images #6569 [@radarhere]

Improved ImageOps palette handling #6596 [@PososikTeam]

Defer parsing of palette into colors #6567 [@radarhere]

Apply transparency to P images in ImageTk.PhotoImage #6559 [@radarhere]

Use rounding in ImageOps contain() and pad() #6522 [@bibinhashley]

Fixed GIF remapping to palette with duplicate entries #6548 [@radarhere]

Allow remap_palette() to return an image with less than 256 palette entries #6543 [@radarhere]

Corrected BMP and TGA palette size when saving #6500 [@radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

9.3.0 (2022-10-29)

Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [wiredfool]

Initialize libtiff buffer when saving #6699 [radarhere]

Inline fname2char to fix memory leak #6329 [nulano]

Fix memory leaks related to text features #6330 [nulano]

Use double quotes for version check on old CPython on Windows #6695 [hugovk]

Remove backup implementation of Round for Windows platforms #6693 [cgohlke]

Fixed set_variation_by_name offset #6445 [radarhere]

Fix malloc in _imagingft.c:font_setvaraxes #6690 [cgohlke]

Release Python GIL when converting images using matrix operations #6418 [hmaarrfk]

Added ExifTags enums #6630 [radarhere]

Do not modify previous frame when calculating delta in PNG #6683 [radarhere]

Added support for reading BMP images with RLE4 compression #6674 [npjg, radarhere]

Decode JPEG compressed BLP1 data in original mode #6678 [radarhere]

Added GPS TIFF tag info #6661 [radarhere]

Added conversion between RGB/RGBA/RGBX and LAB #6647 [radarhere]

Do not attempt normalization if mode is already normal #6644 [radarhere]

... (truncated)

Commits

d594f4c Update CHANGES.rst [ci skip]

909dc64 9.3.0 version bump

1a51ce7 Merge pull request #6699 from hugovk/security-libtiff_buffer

2444cdd Merge pull request #6700 from hugovk/security-samples_per_pixel-sec

744f455 Added release notes

0846bfa Add to release notes

799a6a0 Fix linting

00b25fd Hide UserWarning in logs

05b175e Tighter test case

13f2c5a Prevent DOS with large SAMPLESPERPIXEL in Tiff IFD

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies python
opened by dependabot[bot] 0
Bump loader-utils, @vue/cli-plugin-babel, @vue/cli-plugin-eslint and @vue/cli-service in /frontend
Bumps loader-utils to 1.4.2 and updates ancestor dependencies loader-utils, @vue/cli-plugin-babel, @vue/cli-plugin-eslint and @vue/cli-service. These dependencies need to be updated together.

Updates loader-utils from 0.2.17 to 1.4.2

Release notes

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

v1.4.0

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

v1.3.0

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

v1.2.3

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

v1.2.2

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

Changelog

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

Commits

331ad50 chore(release): 1.4.2

17cbf8f fix: ReDoS problem (#226)

8f082b3 chore(release): 1.4.1

4504e34 fix: security problem (#220)

d95b8b5 chore(release): 1.4.0

cd0e428 feat: the resourceQuery is passed to the interpolateName method (#163)

06d36cf chore(release): 1.3.0

469eeba feat: support the [query] template for the interpolatedName method (#162)

909c99d chore: funding.yml config and CI fix (#159)

b5b74f0 Set up CI with Azure Pipelines

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.

Updates @vue/cli-plugin-babel from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-plugin-babel's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-plugin-babel's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

4a0655f v5.0.7

ef08a08 v5.0.6

98c66c9 v5.0.5

ca97fc2 v5.0.4

dd53f26 v5.0.3

a859b1f v5.0.2

92d80a8 v5.0.1

c913cdc v5.0.0

75a6d69 v5.0.0-rc.3

Additional commits viewable in compare view

Updates @vue/cli-plugin-eslint from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-plugin-eslint's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-plugin-eslint's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

4a0655f v5.0.7

ef08a08 v5.0.6

98c66c9 v5.0.5

ca97fc2 v5.0.4

dd53f26 v5.0.3

a859b1f v5.0.2

92d80a8 v5.0.1

c913cdc v5.0.0

75a6d69 v5.0.0-rc.3

Additional commits viewable in compare view

Updates @vue/cli-service from 4.5.15 to 5.0.8

Release notes

Sourced from @vue/cli-service's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-service's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

0260e4d fix: add devServer.server.type to useHttps judgement (#7222)

4a0655f v5.0.7

beffe8a fix: allow disabling progress plugin via devServer.client.progress

558dea2 fix: support devServer.server option, avoid deprecation warning

bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)

ef08a08 v5.0.6

fcf27e3 fixup! fix: compatibility with Vue 2.7

a648958 fix: compatibility with Vue 2.7

98c66c9 v5.0.5

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0