Neo4j Movies Example application with Flask backend using the neo4j-python-driver

Last update: Dec 24, 2022

Overview

Neo4j Movies Application: Quick Start

This example application demonstrates how easy it is to get started with Neo4j in Python.

It is a very simple web application that uses our Movie graph dataset to provide a search with listing, a detail view and a graph visualization.

The Stack

These are the components of our Web Application:

Application Type: Python-Web Application
Web framework: Flask (Micro-Webframework)
Neo4j Database Connector: Neo4j Python Driver for Cypher Docs
Database: Neo4j-Server (4.x) with multi-database
Frontend: jquery, bootstrap, d3.js

Provision a database quickly with Neo4j Sandbox or Neo4j Aura.

Setup

First get yourself setup with virtualenv so we don’t break any other Python stuff you have on your machine. After you’ve got that installed let’s setup an environment for our app:

virtualenv neo4j-movies
source neo4j-movies/bin/activate

The next step is to install the dependencies for the app with pip (or pip3 for python3):

pip install -r requirements.txt

Run locally

Start your local Neo4j Server (Download & Install), open the Neo4j Browser. Then install the Movies data-set with :play movies, click the statement, and hit the triangular "Run" button.

And finally let’s start up a Flask web server:

python movies.py
# or python3 movies.py


Running on http://127.0.0.1:8080/

Navigate to http://localhost:8080 and you should see your first Neo4j application

Configuration options

Environment variable name	Default value (or N/A)
PORT	8080
NEO4J_URI	neo4j+s://demo.neo4jlabs.com
NEO4J_USER	movies
NEO4J_PASSWORD	movies
NEO4J_DATABASE	movies

Comments

ISSUE: The client is unauthorised due to authentication failure

Hi, I am trying to implement the sample movies python application and while doing so I am facing authentication failure error. I am following the steps mentioned in the website - https://github.com/neo4j-examples/movies-python-bolt. when I am running "python movies.py" command the following error is showing up - Traceback (most recent call last): File "movies.py", line 12, in <module> driver = GraphDatabase.driver('bolt://localhost',auth=basic_auth("neo4j", "p assword")) File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\v1\api.py", line 124, in driver return driver_class(uri, **config) File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\v1\direct.py", line 65, in __init__ pool.release(pool.acquire()) File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\v1\direct.py", line 39, in acquire connection = self.acquire_direct(address) # should always be a resolved add ress File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\bolt\connection.py", line 398, in acquire_direct connection = self.connector(address) File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\v1\direct.py", line 64, in <lambda> pool = DirectConnectionPool(lambda a: connect(a, security_plan.ssl_context, **config), self.address) File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\bolt\connection.py", line 555, in connect return Connection(s, der_encoded_server_certificate=der_encoded_server_certi ficate, **config) File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\bolt\connection.py", line 184, in __init__ self.sync() File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\bolt\connection.py", line 337, in sync detail_delta, summary_delta = self.fetch() File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\bolt\connection.py", line 287, in fetch response.on_failure(summary_metadata or {}) File "C:\Users\611593250\AppData\Local\Programs\Python\Python36-32\lib\site-pa ckages\neo4j\bolt\response.py", line 61, in on_failure raise AuthError(message) neo4j.exceptions.AuthError: The client is unauthorized due to authentication fai lure.

opened by KaustavRoy4 4

Database access is not allowed for user 'movies' with roles [PUBLIC, movies]

This web application doesn't work either using the database on demo.neo4jlabs.com or the local database. When using the database on demo.neo4jlabs.com, following exception is raised:

Traceback (most recent call last):                                                                                                                                                                                                                                               File "C:\Program Files\Python37\lib\site-packages\flask\app.py", line 2070, in wsgi_app
response = self.full_dispatch_request()                                                                                                                                                                                                                                      File "C:\Program Files\Python37\lib\site-packages\flask\app.py", line 1515, in full_dispatch_request
rv = self.handle_user_exception(e)
File "C:\Program Files\Python37\lib\site-packages\flask\app.py", line 1513, in full_dispatch_request
rv = self.dispatch_request()                                                                                                                                                                                                                                                 File "C:\Program Files\Python37\lib\site-packages\flask\app.py", line 1499, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
File "movies.py", line 65, in get_graph
results = db.read_transaction(lambda tx: list(tx.run("MATCH (m:Movie)<-[:ACTED_IN]-(a:Person) "
File "C:\Program Files\Python37\lib\site-packages\neo4j\work\simple.py", line 409, in read_transaction
return self._run_transaction(READ_ACCESS, transaction_function, *args, **kwargs)
File "C:\Program Files\Python37\lib\site-packages\neo4j\work\simple.py", line 338, in _run_transaction 
result = transaction_function(tx, *args, **kwargs)
File "movies.py", line 69, in <lambda>
100)}))) 
File "C:\Program Files\Python37\lib\site-packages\neo4j\work\transaction.py", line 130, in run
result._tx_ready_run(query, parameters, **kwparameters)
File "C:\Program Files\Python37\lib\site-packages\neo4j\work\result.py", line 100, in _tx_ready_run
self._run(query, parameters, None, None, None, **kwparameters)
File "C:\Program Files\Python37\lib\site-packages\neo4j\work\result.py", line 144, in _run
self._attach()
File "C:\Program Files\Python37\lib\site-packages\neo4j\work\result.py", line 245, in _attach
self._connection.fetch_message()
File "C:\Program Files\Python37\lib\site-packages\neo4j\work\result.py", line 62, in inner
func(*args, **kwargs)
File "C:\Program Files\Python37\lib\site-packages\neo4j\io\_bolt4.py", line 271, in fetch_message
response.on_failure(summary_metadata or {})
File "C:\Program Files\Python37\lib\site-packages\neo4j\io\_common.py", line 183, in on_failure
raise Neo4jError.hydrate(**metadata)
neo4j.exceptions.Forbidden: {code: Neo.ClientError.Security.Forbidden} {message: Database access is not allowed for user
'movies' with roles [PUBLIC, movies].}

When using the local database, when doing a search, there is no content displayed on the website.

opened by ghost 3

Bump flask from 0.10.1 to 1.0
Bumps flask from 0.10.1 to 1.0.

Release notes

Sourced from flask's releases.

1.0

The Pallets team is pleased to release Flask 1.0. [Read the announcement on our blog.](https://www.palletsprojects.com/blog/flask-1-0-released/

There are over a year's worth of changes in this release. Many features have been improved or changed. Read the changelog to understand how your project's code will be affected.

JSON Security Fix

Flask previously decoded incoming JSON bytes using the content type of the request. Although JSON should only be encoded as UTF-8, Flask was more lenient. However, Python includes non-text related encodings that could result in unexpected memory use by a request.

Flask will now detect the encoding of incoming JSON data as one of the supported UTF encodings, and will not allow arbitrary encodings from the request.

Install or Upgrade

Install from PyPI with pip:

pip install -U Flask

0.12.4

This is a repackage of 0.12.3 to fix an issue with how the package was built.

Upgrade

Upgrade from PyPI with pip. Use a version identifier if you want to stay at 0.12:

pip install -U 'Flask~=0.12.4'

0.12.3

This release includes an important security fix for JSON and a minor backport for CLI support in PyCharm. It is provided for projects that cannot update to Flask 1.0 immediately. See the 1.0 announcement and update to it instead if possible.

JSON Security Fix

Flask previously decoded incoming JSON bytes using the content type of the request. Although JSON should only be encoded as UTF-8, Flask was more lenient. However, Python includes non-text related encodings that could result in unexpected memory use by a request.

Flask will now detect the encoding of incoming JSON data as one of the supported UTF encodings, and will not allow arbitrary encodings from the request.

Upgrade

Upgrade from PyPI with pip. Use a version identifier if you want to stay at 0.12:

pip install -U 'Flask~=0.12.3'
... (truncated)

Changelog

Sourced from flask's changelog.

Version 1.0

Released 2018-04-26

Python 2.6 and 3.3 are no longer supported.

Bump minimum dependency versions to the latest stable versions: Werkzeug >= 0.14, Jinja >= 2.10, itsdangerous >= 0.24, Click >= 5.1. :issue:2586

Skip :meth:app.run <Flask.run> when a Flask application is run from the command line. This avoids some behavior that was confusing to debug.

Change the default for :data:JSONIFY_PRETTYPRINT_REGULAR to False. :func:~json.jsonify returns a compact format by default, and an indented format in debug mode. :pr:2193

:meth:Flask.__init__ <Flask> accepts the host_matching argument and sets it on :attr:~Flask.url_map. :issue:1559

:meth:Flask.__init__ <Flask> accepts the static_host argument and passes it as the host argument when defining the static route. :issue:1559

:func:send_file supports Unicode in attachment_filename. :pr:2223

Pass _scheme argument from :func:url_for to :meth:~Flask.handle_url_build_error. :pr:2017

:meth:~Flask.add_url_rule accepts the provide_automatic_options argument to disable adding the OPTIONS method. :pr:1489

:class:~views.MethodView subclasses inherit method handlers from base classes. :pr:1936

Errors caused while opening the session at the beginning of the request are handled by the app's error handlers. :pr:2254

Blueprints gained :attr:~Blueprint.json_encoder and :attr:~Blueprint.json_decoder attributes to override the app's encoder and decoder. :pr:1898

:meth:Flask.make_response raises TypeError instead of ValueError for bad response types. The error messages have been improved to describe why the type is invalid. :pr:2256

Add routes CLI command to output routes registered on the application. :pr:2259

Show warning when session cookie domain is a bare hostname or an IP address, as these may not behave properly in some browsers, such as Chrome. :pr:2282

Allow IP address as exact session cookie domain. :pr:2282

SESSION_COOKIE_DOMAIN is set if it is detected through SERVER_NAME. :pr:2282

Auto-detect zero-argument app factory called create_app or make_app from FLASK_APP. :pr:2297

Factory functions are not required to take a script_info parameter to work with the flask command. If they take a single parameter or a parameter named script_info, the

... (truncated)

Commits

291f3c3 Bump version number to 1.0

36e68a4 release 1.0

216151c Merge branch '0.12-maintenance'

23047a7 Bump version number to 0.12.4.dev

1a9e58e Bump version number to 0.12.3

63deee0 release 0.12.3

062745b Merge pull request #2720 from pallets/setup-link

5c8110d ensure order of project urls

10a77a5 Add project_urls so that PyPI will show GitHub stats.

22992a0 add donate link

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 3
Updated deprecated query syntax. Updated neo4j version

The current version did not work with Neo4j 4.0.1 due to deprecated query syntax. Updated the queries and using a more recent version of the neo4j library.

opened by asantod 3
OSError thrown upon starting the example

I have exported the NEO4J_PASSWORD environment variable, even tried replacing the password in the driver initialization. Also tried adding a port number in the driver line.

(neo4j-movies)#> python movies.py Traceback (most recent call last): File "movies.py", line 13, in <module> driver = GraphDatabase.driver('bolt://localhost',auth=basic_auth("neo4j", password)) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/v1/api.py", line 94, in driver return Driver(uri, **config) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/v1/api.py", line 133, in __new__ return subclass(uri, **config) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/v1/direct.py", line 73, in __new__ pool.release(pool.acquire()) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/v1/direct.py", line 44, in acquire return self.acquire_direct(self.address) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/bolt/connection.py", line 453, in acquire_direct connection = self.connector(address, self.connection_error_handler) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/v1/direct.py", line 70, in connector return connect(address, security_plan.ssl_context, error_handler, **config) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/bolt/connection.py", line 707, in connect raise last_error File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/bolt/connection.py", line 698, in connect s, der_encoded_server_certificate = _secure(s, address[0], ssl_context, **config) File "/home/blackplague/development/movies-python-bolt/neo4j-movies/lib/python3.7/site-packages/neo4j/bolt/connection.py", line 601, in _secure s = ssl_context.wrap_socket(s, server_hostname=host if HAS_SNI and host else None) File "/home/blackplague/bin/anaconda3/lib/python3.7/ssl.py", line 412, in wrap_socket session=session File "/home/blackplague/bin/anaconda3/lib/python3.7/ssl.py", line 853, in _create self.do_handshake() File "/home/blackplague/bin/anaconda3/lib/python3.7/ssl.py", line 1117, in do_handshake self._sslobj.do_handshake() OSError: [Errno 0] Error

Any idea how to progress from here?

opened by blackplague 3
Accessing graph database is slow

Hello I find that creating couple of nodes and updating them takes around 5-6 seconds each time. Is it normal ? Are there any ways to improve the access to the database ?

opened by aytekincem 3

ImportError: cannot import name 'ResultError'

has this been deprecated?

>>> from neo4j.v1 import GraphDatabase, basic_auth, ResultError
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ImportError: cannot import name 'ResultError'

opened by Northshoot 3

Bump starlette from 0.17.1 to 0.20.0
Bumps starlette from 0.17.1 to 0.20.0.

Release notes

Sourced from starlette's releases.

Version 0.20.0

Removed

Drop Python 3.6 support #1357 and #1616.

Version 0.19.1

Fixed

Fix inference of Route.name when created from methods #1553.

Avoid TypeError on websocket.disconnect when code is None #1574.

Deprecated

Deprecate WS_1004_NO_STATUS_RCVD and WS_1005_ABNORMAL_CLOSURE in favor of WS_1005_NO_STATUS_RCVD and WS_1006_ABNORMAL_CLOSURE, as the previous constants didn't match the WebSockets specs #1580.

Version 0.19.0

Added

Error handler will always run, even if the error happens on a background task #761.

Add headers parameter to HTTPException #1435.

Internal responses with 405 status code insert an Allow header, as described by RFC 7231 #1436.

The content argument in JSONResponse is now required #1431.

Add custom URL convertor register #1437.

Add content disposition type parameter to FileResponse #1266.

Add next query param with original request URL in requires decorator #920.

Add raw_path to TestClient scope #1445.

Add union operators to MutableHeaders #1240.

Display missing route details on debug page #1363.

Change anyio required version range to >=3.4.0,<5.0 #1421 and #1460.

Add typing-extensions>=3.10 requirement - used only on lower versions than Python 3.10 #1475.

Fixed

Prevent BaseHTTPMiddleware from hiding errors of StreamingResponse and mounted applications #1459.

SessionMiddleware uses an explicit path=..., instead of defaulting to the ASGI 'root_path' #1512.

Request.client is now compliant with the ASGI specifications #1462.

Raise KeyError at early stage for missing boundary #1349.

Deprecated

Deprecate WSGIMiddleware in favor of a2wsgi #1504.

Deprecate run_until_first_complete #1443.

Version 0.18.0

Added

Change default chunk size from 4Kb to 64Kb on FileResponse #1345.

Add support for functools.partial in WebSocketRoute #1356.

Add StaticFiles packages with directory #1350.

Allow environment options in Jinja2Templates #1401.

Allow HEAD method on HttpEndpoint #1346.

Accept additional headers on websocket.accept message #1361 and #1422.

Add reason to WebSocket close ASGI event #1417.

Add headers attribute to UploadFile #1382.

Don't omit Content-Length header for Content-Length: 0 cases #1395.

Don't set headers for responses with 1xx, 204 and 304 status code #1397.

SessionMiddleware.max_age now accepts None, so cookie can last as long as the browser session #1387.

... (truncated)

Changelog

Sourced from starlette's changelog.

0.20.0

May 3, 2022

Removed

Drop Python 3.6 support #1357 and #1616.

0.19.1

April 22, 2022

Fixed

Fix inference of Route.name when created from methods #1553.

Avoid TypeError on websocket.disconnect when code is None #1574.

Deprecated

Deprecate WS_1004_NO_STATUS_RCVD and WS_1005_ABNORMAL_CLOSURE in favor of WS_1005_NO_STATUS_RCVD and WS_1006_ABNORMAL_CLOSURE, as the previous constants didn't match the WebSockets specs #1580.

0.19.0

March 9, 2022

Added

Error handler will always run, even if the error happens on a background task #761.

Add headers parameter to HTTPException #1435.

Internal responses with 405 status code insert an Allow header, as described by RFC 7231 #1436.

The content argument in JSONResponse is now required #1431.

Add custom URL convertor register #1437.

Add content disposition type parameter to FileResponse #1266.

Add next query param with original request URL in requires decorator #920.

Add raw_path to TestClient scope #1445.

Add union operators to MutableHeaders #1240.

Display missing route details on debug page #1363.

Change anyio required version range to >=3.4.0,<5.0 #1421 and #1460.

Add typing-extensions>=3.10 requirement - used only on lower versions than Python 3.10 #1475.

Fixed

Prevent BaseHTTPMiddleware from hiding errors of StreamingResponse and mounted applications #1459.

SessionMiddleware uses an explicit path=..., instead of defaulting to the ASGI 'root_path' #1512.

Request.client is now compliant with the ASGI specifications #1462.

Raise KeyError at early stage for missing boundary #1349.

Deprecated

Deprecate WSGIMiddleware in favor of a2wsgi #1504.

Deprecate run_until_first_complete #1443.

0.18.0

... (truncated)

Commits

830f348 Version 0.20.0 (#1600)

eda6e7e Bump twine from 3.8.0 to 4.0.0 (#1615)

589df78 Remove compat code for Python < 3.7 (#1616)

88de894 Bump types-contextvars from 2.4.2 to 2.4.5 (#1611)

5addd26 Bump types-dataclasses from 0.6.2 to 0.6.5 (#1613)

dbb851f Bump pytest from 7.0.1 to 7.1.2 (#1614)

6219b09 Bump mypy from 0.942 to 0.950 (#1607)

9a1e885 Annotate samesite parameter on set_cookie (#1590)

decc527 Document BackgroundTasks behavior when an error happens (#1605)

5a9b414 Document interaction of BaseHTTPMiddleware and contextvars (#1525)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 2
Bump starlette from 0.17.1 to 0.19.1
Bumps starlette from 0.17.1 to 0.19.1.

Release notes

Sourced from starlette's releases.

Version 0.19.1

Fixed

Fix inference of Route.name when created from methods #1553.

Avoid TypeError on websocket.disconnect when code is None #1574.

Deprecated

Deprecate WS_1004_NO_STATUS_RCVD and WS_1005_ABNORMAL_CLOSURE in favor of WS_1005_NO_STATUS_RCVD and WS_1006_ABNORMAL_CLOSURE, as the previous constants didn't match the WebSockets specs #1580.

Version 0.19.0

Added

Error handler will always run, even if the error happens on a background task #761.

Add headers parameter to HTTPException #1435.

Internal responses with 405 status code insert an Allow header, as described by RFC 7231 #1436.

The content argument in JSONResponse is now required #1431.

Add custom URL convertor register #1437.

Add content disposition type parameter to FileResponse #1266.

Add next query param with original request URL in requires decorator #920.

Add raw_path to TestClient scope #1445.

Add union operators to MutableHeaders #1240.

Display missing route details on debug page #1363.

Change anyio required version range to >=3.4.0,<5.0 #1421 and #1460.

Add typing-extensions>=3.10 requirement - used only on lower versions than Python 3.10 #1475.

Fixed

Prevent BaseHTTPMiddleware from hiding errors of StreamingResponse and mounted applications #1459.

SessionMiddleware uses an explicit path=..., instead of defaulting to the ASGI 'root_path' #1512.

Request.client is now compliant with the ASGI specifications #1462.

Raise KeyError at early stage for missing boundary #1349.

Deprecated

Deprecate WSGIMiddleware in favor of a2wsgi #1504.

Deprecate run_until_first_complete #1443.

Version 0.18.0

Added

Change default chunk size from 4Kb to 64Kb on FileResponse #1345.

Add support for functools.partial in WebSocketRoute #1356.

Add StaticFiles packages with directory #1350.

Allow environment options in Jinja2Templates #1401.

Allow HEAD method on HttpEndpoint #1346.

Accept additional headers on websocket.accept message #1361 and #1422.

Add reason to WebSocket close ASGI event #1417.

Add headers attribute to UploadFile #1382.

Don't omit Content-Length header for Content-Length: 0 cases #1395.

Don't set headers for responses with 1xx, 204 and 304 status code #1397.

SessionMiddleware.max_age now accepts None, so cookie can last as long as the browser session #1387.

Fixed

Tweak hashlib.md5() function on FileResponses ETag generation. The parameter usedforsecurity flag is set to False, if the flag is available on the system. This fixes an error raised on systems with FIPS enabled #1366 and #1410.

Fix path_params type on url_path_for() method i.e. turn str into Any #1341.

... (truncated)

Changelog

Sourced from starlette's changelog.

0.19.1

April 22, 2022

Fixed

Fix inference of Route.name when created from methods #1553.

Avoid TypeError on websocket.disconnect when code is None #1574.

Deprecated

Deprecate WS_1004_NO_STATUS_RCVD and WS_1005_ABNORMAL_CLOSURE in favor of WS_1005_NO_STATUS_RCVD and WS_1006_ABNORMAL_CLOSURE, as the previous constants didn't match the WebSockets specs #1580.

0.19.0

March 9, 2022

Added

Error handler will always run, even if the error happens on a background task #761.

Add headers parameter to HTTPException #1435.

Internal responses with 405 status code insert an Allow header, as described by RFC 7231 #1436.

The content argument in JSONResponse is now required #1431.

Add custom URL convertor register #1437.

Add content disposition type parameter to FileResponse #1266.

Add next query param with original request URL in requires decorator #920.

Add raw_path to TestClient scope #1445.

Add union operators to MutableHeaders #1240.

Display missing route details on debug page #1363.

Change anyio required version range to >=3.4.0,<5.0 #1421 and #1460.

Add typing-extensions>=3.10 requirement - used only on lower versions than Python 3.10 #1475.

Fixed

Prevent BaseHTTPMiddleware from hiding errors of StreamingResponse and mounted applications #1459.

SessionMiddleware uses an explicit path=..., instead of defaulting to the ASGI 'root_path' #1512.

Request.client is now compliant with the ASGI specifications #1462.

Raise KeyError at early stage for missing boundary #1349.

Deprecated

Deprecate WSGIMiddleware in favor of a2wsgi #1504.

Deprecate run_until_first_complete #1443.

0.18.0

January 23, 2022

Added

Change default chunk size from 4Kb to 64Kb on FileResponse #1345.

Add support for functools.partial in WebSocketRoute #1356.

Add StaticFiles packages with directory #1350.

Allow environment options in Jinja2Templates #1401.

... (truncated)

Commits

702fe81 Version 0.19.1 (#1591)

9329160 Deprecate WS_1004_NO_STATUS_RCVD and WS_1005_ABNORMAL_CLOSURE (#1580)

5b56e7d Add typing.Optional on missing annotations (#1549)

d7cbe2a Apply right name to Route when created from methods (#1553)

487f05d Avoid TypeError on websocket.disconnect when code is None (#1574)

20d24a8 Bump mkdocs-material from 8.1.3 to 8.2.8 (#1564)

f699189 Bump mkdocs from 1.2.4 to 1.3.0 (#1566)

c5b0556 Downgrade flake8 from 4.0.1 to 3.9.2 (#1567)

d43cf0d Bump mypy from 0.931 to 0.942 (#1563)

8a571a4 Bump black to 22.3.0 (#1558)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 2
Bump starlette from 0.17.1 to 0.19.0
Bumps starlette from 0.17.1 to 0.19.0.

Release notes

Sourced from starlette's releases.

Version 0.19.0

Added

Error handler will always run, even if the error happens on a background task #761.

Add headers parameter to HTTPException #1435.

Internal responses with 405 status code insert an Allow header, as described by RFC 7231 #1436.

The content argument in JSONResponse is now required #1431.

Add custom URL convertor register #1437.

Add content disposition type parameter to FileResponse #1266.

Add next query param with original request URL in requires decorator #920.

Add raw_path to TestClient scope #1445.

Add union operators to MutableHeaders #1240.

Display missing route details on debug page #1363.

Change anyio required version range to >=3.4.0,<5.0 #1421 and #1460.

Add typing-extensions>=3.10 requirement - used only on lower versions than Python 3.10 #1475.

Fixed

Prevent BaseHTTPMiddleware from hiding errors of StreamingResponse and mounted applications #1459.

SessionMiddleware uses an explicit path=..., instead of defaulting to the ASGI 'root_path' #1512.

Request.client is now compliant with the ASGI specifications #1462.

Raise KeyError at early stage for missing boundary #1349.

Deprecated

Deprecate WSGIMiddleware in favor of a2wsgi #1504.

Deprecate run_until_first_complete #1443.

Version 0.18.0

Added

Change default chunk size from 4Kb to 64Kb on FileResponse #1345.

Add support for functools.partial in WebSocketRoute #1356.

Add StaticFiles packages with directory #1350.

Allow environment options in Jinja2Templates #1401.

Allow HEAD method on HttpEndpoint #1346.

Accept additional headers on websocket.accept message #1361 and #1422.

Add reason to WebSocket close ASGI event #1417.

Add headers attribute to UploadFile #1382.

Don't omit Content-Length header for Content-Length: 0 cases #1395.

Don't set headers for responses with 1xx, 204 and 304 status code #1397.

SessionMiddleware.max_age now accepts None, so cookie can last as long as the browser session #1387.

Fixed

Tweak hashlib.md5() function on FileResponses ETag generation. The parameter usedforsecurity flag is set to False, if the flag is available on the system. This fixes an error raised on systems with FIPS enabled #1366 and #1410.

Fix path_params type on url_path_for() method i.e. turn str into Any #1341.

Host now ignores port on routing #1322.

Changelog

Sourced from starlette's changelog.

0.19.0

March 9, 2022

Added

Error handler will always run, even if the error happens on a background task #761.

Add headers parameter to HTTPException #1435.

Internal responses with 405 status code insert an Allow header, as described by RFC 7231 #1436.

The content argument in JSONResponse is now required #1431.

Add custom URL convertor register #1437.

Add content disposition type parameter to FileResponse #1266.

Add next query param with original request URL in requires decorator #920.

Add raw_path to TestClient scope #1445.

Add union operators to MutableHeaders #1240.

Display missing route details on debug page #1363.

Change anyio required version range to >=3.4.0,<5.0 #1421 and #1460.

Add typing-extensions>=3.10 requirement - used only on lower versions than Python 3.10 #1475.

Fixed

Prevent BaseHTTPMiddleware from hiding errors of StreamingResponse and mounted applications #1459.

SessionMiddleware uses an explicit path=..., instead of defaulting to the ASGI 'root_path' #1512.

Request.client is now compliant with the ASGI specifications #1462.

Raise KeyError at early stage for missing boundary #1349.

Deprecated

Deprecate WSGIMiddleware in favor of a2wsgi #1504.

Deprecate run_until_first_complete #1443.

0.18.0

January 23, 2022

Added

Change default chunk size from 4Kb to 64Kb on FileResponse #1345.

Add support for functools.partial in WebSocketRoute #1356.

Add StaticFiles packages with directory #1350.

Allow environment options in Jinja2Templates #1401.

Allow HEAD method on HttpEndpoint #1346.

Accept additional headers on websocket.accept message #1361 and #1422.

Add reason to WebSocket close ASGI event #1417.

Add headers attribute to UploadFile #1382.

Don't omit Content-Length header for Content-Length: 0 cases #1395.

Don't set headers for responses with 1xx, 204 and 304 status code #1397.

SessionMiddleware.max_age now accepts None, so cookie can last as long as the browser session #1387.

Fixed

Tweak hashlib.md5() function on FileResponses ETag generation. The parameter usedforsecurity flag is set to False, if the flag is available on the system. This fixes an error raised on systems with FIPS enabled #1366 and #1410.

Fix path_params type on url_path_for() method i.e. turn str into Any #1341.

Host now ignores port on routing #1322.

Commits

e086fc2 Version 0.19.0 (#1439)

6798311 Update third-party-packages.md (#1540)

813aa8d Bump databases[sqlite] from 0.5.3 to 0.5.5 (#1530)

88a2b54 Bump twine from 3.7.1 to 3.8.0 (#1532)

61e92e2 Bump pytest from 6.2.5 to 7.0.1 (#1529)

b032e07 Add apiman to third-party-packages document (#1526)

2ec6db2 First pass adding next qparam to redirect (#920)

b1ae0c3 Add union operators to MutableHeaders (#1240)

c91014d Add PR template (#1442)

6ad5a6a Add content disposition type parameter to FileResponse (#1266)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 2
Bump starlette from 0.17.1 to 0.18.0
Bumps starlette from 0.17.1 to 0.18.0.

Release notes

Sourced from starlette's releases.

Version 0.18.0

Added

Change default chunk size from 4Kb to 64Kb on FileResponse #1345.

Add support for functools.partial in WebSocketRoute #1356.

Add StaticFiles packages with directory #1350.

Allow environment options in Jinja2Templates #1401.

Allow HEAD method on HttpEndpoint #1346.

Accept additional headers on websocket.accept message #1361 and #1422.

Add reason to WebSocket close ASGI event #1417.

Add headers attribute to UploadFile #1382.

Don't omit Content-Length header for Content-Length: 0 cases #1395.

Don't set headers for responses with 1xx, 204 and 304 status code #1397.

SessionMiddleware.max_age now accepts None, so cookie can last as long as the browser session #1387.

Fixed

Tweak hashlib.md5() function on FileResponses ETag generation. The parameter usedforsecurity flag is set to False, if the flag is available on the system. This fixes an error raised on systems with FIPS enabled #1366 and #1410.

Fix path_params type on url_path_for() method i.e. turn str into Any #1341.

Host now ignores port on routing #1322.

Changelog

Sourced from starlette's changelog.

0.18.0

January 23, 2022

Added

Change default chunk size from 4Kb to 64Kb on FileResponse #1345.

Add support for functools.partial in WebSocketRoute #1356.

Add StaticFiles packages with directory #1350.

Allow environment options in Jinja2Templates #1401.

Allow HEAD method on HttpEndpoint #1346.

Accept additional headers on websocket.accept message #1361 and #1422.

Add reason to WebSocket close ASGI event #1417.

Add headers attribute to UploadFile #1382.

Don't omit Content-Length header for Content-Length: 0 cases #1395.

Don't set headers for responses with 1xx, 204 and 304 status code #1397.

SessionMiddleware.max_age now accepts None, so cookie can last as long as the browser session #1387.

Fixed

Tweak hashlib.md5() function on FileResponses ETag generation. The parameter usedforsecurity flag is set to False, if the flag is available on the system. This fixes an error raised on systems with FIPS enabled #1366 and #1410.

Fix path_params type on url_path_for() method i.e. turn str into Any #1341.

Host now ignores port on routing #1322.

Commits

832bc85 Version 0.18.0 (#1380)

34d9f0f Add reason to WebSocket closure (#1417)

9d282a9 Default WebSocket accept message headers to an empty list (#1422)

1974937 Adjust type of exception_handlers to allow async callable (#1423)

3e6b26d Allow Environment options in Jinja2Templates (#1401)

ad495c7 Add third-party CSRF middlewares (#1414)

3182495 Improvements on authentication documentation (#1420)

e06425b Sort third-party packages and add starlette-wtf (#1415)

fcc4c70 Use typing NoReturn (#1412)

7d79ad9 Fix md5_hexdigest wrapper on FIPS enabled systems (#1410)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 2
Bump fastapi from 0.87.0 to 0.88.0
Bumps fastapi from 0.87.0 to 0.88.0.

Release notes

Sourced from fastapi's releases.

0.88.0

Upgrades

⬆ Bump Starlette to version 0.22.0 to fix bad encoding for query parameters in new TestClient. PR #5659 by @azogue.

Docs

✏️ Fix typo in docs for docs/en/docs/advanced/middleware.md. PR #5376 by @rifatrakib.

Translations

🌐 Add Portuguese translation for docs/pt/docs/deployment/docker.md. PR #5663 by @ayr-ton.

Internal

👷 Tweak build-docs to improve CI performance. PR #5699 by @tiangolo.

⬆ [pre-commit.ci] pre-commit autoupdate. PR #5566 by @pre-commit-ci[bot].

⬆️ Upgrade Ruff. PR #5698 by @tiangolo.

👷 Remove pip cache for Smokeshow as it depends on a requirements.txt. PR #5700 by @tiangolo.

💚 Fix pip cache for Smokeshow. PR #5697 by @tiangolo.

👷 Fix and tweak CI cache handling. PR #5696 by @tiangolo.

👷 Update setup-python action in tests to use new caching feature. PR #5680 by @madkinsz.

⬆ Bump black from 22.8.0 to 22.10.0. PR #5569 by @dependabot[bot].

Commits

612b8ff 🔖 Release version 0.88.0

46bb5d2 📝 Update release notes

c458ca6 📝 Update release notes

46974c5 ⬆ Bump Starlette to version 0.22.0 to fix bad encoding for query parameters...

89ec1f2 📝 Update release notes

128c925 📝 Update release notes

8842036 👷 Tweak build-docs to improve CI performance (#5699)

9b4e85f ⬆ [pre-commit.ci] pre-commit autoupdate (#5566)

991db7b 📝 Update release notes

ebd917a 🌐 Add Portuguese translation for docs/pt/docs/deployment/docker.md (#5663)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
Bump neo4j from 5.0.0a2 to 5.3.0
Bumps neo4j from 5.0.0a2 to 5.3.0.

Release notes

Sourced from neo4j's releases.

Neo4j Python Driver 5.2.1

https://github.com/neo4j/neo4j-python-driver/wiki/5.x-changelog#521

Neo4j Python Driver 5.2.0

https://github.com/neo4j/neo4j-python-driver/wiki/5.x-changelog#520

Neo4j Python Driver 5.1.0

https://github.com/neo4j/neo4j-python-driver/wiki/5.x-changelog#510

Neo4j Python Driver 5.0.1

https://github.com/neo4j/neo4j-python-driver/wiki/5.x-changelog#501

Neo4j Python Driver 5.0.0

https://github.com/neo4j/neo4j-python-driver/wiki/5.x-changelog#500

Changelog

Sourced from neo4j's changelog.

Neo4j Driver Change Log (breaking/major changes only)

See also https://github.com/neo4j/neo4j-python-driver/wiki for more details.

Version 5.3

Python 3.11 support added

Removed undocumented, unused neo4j.data.map_type

Query strings are now typed LiteralString instead of str to help mitigate accidental Cypher injections. There are rare use-cases where a computed string is necessary. Please use # type: ignore, or typing.cast to suppress the type checking in those cases.

The experimental bookmark manager feature was changed to no longer track bookmarks per database.
This effectively changes the signature of almost all bookmark manager related methods:

neo4j.BookmarkManger and neo4j.AsyncBookmarkManger abstract base classes:

update_bookmarks has no longer a database argument.

get_bookmarks has no longer a database argument.

The get_all_bookmarks method was removed.

The forget method was removed.

neo4j.GraphDatabase.bookmark_manager and neo4j.AsyncGraphDatabase.bookmark_manager factory methods:

initial_bookmarks is no longer a mapping from database name to bookmarks but plain bookmarks.

bookmarks_supplier no longer receives the database name as an argument.

bookmarks_consumer no longer receives the database name as an argument.

Version 5.2

No breaking or major changes.

Version 5.1

No breaking or major changes.

Version 5.0

Python 3.10 support added

Python 3.6 support has been dropped.

Result, Session, and Transaction can no longer be imported from neo4j.work. They should've been imported from neo4j all along.
Remark: It's recommended to import everything needed directly from noe4j if available, not its submodules or subpackages.

Experimental pipelines feature has been removed.

... (truncated)

Commits

f8e3f88 Bookmark manager no longer tracks per database (#859)

2486240 API docs: elaborate on home database resolution (#865)

b12f9fb Modernize packaging (#867)

fa81522 Code clean-up (#860)

4a7549e Bump package version to 5.3 (#866)

e3b54e4 Modernize GitHub templates (issues and PRs) (#864)

29f9415 Add Python 3.11 support (#861)

01335c7 Don't install tests subpackages either (#855)

52d3a94 General API docs improvements (#858)

87b8f6d Package py.typed marker file (#856)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0