The official Magenta Voice Skill SDK used to develop skills for the Magenta Voice Assistant using Voice Platform!

Overview

Magenta Voice Skill SDK

DevelopmentSupportContributeContributorsLicensing

Magenta Voice Skill SDK for Python is a package that assists in creating Voice Applications for Magenta Voice Platform.

About

This is a reworked stack with explicit async/await concurrency and based on FastAPI ASGI framework.

Old stable (Bottle/Gevent) 0.xx branch

Installation

Runtime

Runtime installation: python -m pip install skill-sdk.

Runtime (full)

Runtime installation with Prometheus metrics exporter and distributed tracing adapter: python -m pip install skill-sdk[all].

Development

Development installation: python -m pip install skill-sdk[dev].

Quickstart

To bootstrap a new project, install SDK for development:

pip install skill-sdk[dev]

Initialize a new project with vs command:

vs init

Run the skill in development mode:

vs develop

Click http://localhost:4242 to access Designer UI.

Hello World

from skill_sdk import skill, Response


@skill.intent_handler("HELLO_WORLD__INTENT")
async def handler() -> Response:
    return Response("Hello World!")

app = skill.init_app()

app.include(handler=handler)

Code of Conduct

This project has adopted the Contributor Covenant in version 2.0 as our code of conduct. Please see the details in our CODE_OF_CONDUCT.md. All contributors must abide by the code of conduct.

Working Language

We decided to apply English as the primary project language.

Consequently, all content will be made available primarily in English. We also ask all interested people to use English as language to create issues, in their code (comments, documentation etc.) and when you send requests to us. The application itself and all end-user facing content will be made available in other languages as needed.

Support and Feedback

The following channels are available for discussions, feedback, and support requests:

Type Channel
Issues
Other Requests

How to Contribute

Contribution and feedback is encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our Contribution Guidelines. By participating in this project, you agree to abide by its Code of Conduct at all times.

Contributors

Our commitment to open source means that we are enabling -in fact encouraging- all interested parties to contribute and become part of its developer community.

Licensing

Copyright (c) 2021 Deutsche Telekom AG.

Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.

You may obtain a copy of the License by reviewing the file LICENSE in the repository.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the LICENSE for the specific language governing permissions and limitations under the License.

Comments
  • Issue after using vs init

    Issue after using vs init

    I tried to use the command vs init after installing the voice skill sdk. But i get the following issue: Traceback (most recent call last): File "/home/buffy/.pyenv/versions/3.9.6/bin/vs", line 8, in <module> sys.exit(main()) File "/home/buffy/.pyenv/versions/3.9.6/lib/python3.9/site-packages/skill_sdk/__main__.py", line 62, in main arguments.command(arguments) File "/home/buffy/.pyenv/versions/3.9.6/lib/python3.9/site-packages/skill_sdk/cli/init.py", line 26, in execute import questionary ModuleNotFoundError: No module named 'questionary'

    opened by buffy93 2
  • Add a high level functional API for creating responses and making http calls

    Add a high level functional API for creating responses and making http calls

    As a developer I want to be able to do this (or similar stuff):

    def handle():
      # ... some other magic intent handler code
      c = card(_("CARD_TITLE")).sub_title(_("CARD_SUB_TITLE")).action("https://google.de",_("ACTION_TITLE"))
      return response(message).card(c)
    

    and

    with session() as http:
      res = http.get("https://example.com")
      res.raise_for_status()
    

    instead of using Javaesque CircuitBreaker API.

    enhancement help wanted 
    opened by 4thel00z 2
  • Add documentation for the external developers

    Add documentation for the external developers

    Convert this document: https://gard.telekom.de/gardwiki/pages/viewpage.action?pageId=341421514 into markdown and add it to /docs/external_developers

    • [x] add all the images
    • [x] convert the text
    opened by 4thel00z 2
  • Bump url-parse from 1.5.1 to 1.5.7 in /skill-ui

    Bump url-parse from 1.5.1 to 1.5.7 in /skill-ui

    Bumps url-parse from 1.5.1 to 1.5.7.

    Commits
    • 8b3f5f2 1.5.7
    • ef45a13 [fix] Readd the empty userinfo to url.href (#226)
    • 88df234 [doc] Add soft deprecation notice
    • 78e9f2f [security] Fix nits
    • e6fa434 [security] Add credits for incorrect handling of userinfo vulnerability
    • 4c9fa23 1.5.6
    • 7b0b8a6 Merge pull request #223 from unshiftio/fix/at-sign-handling-in-userinfo
    • e4a5807 1.5.5
    • 193b44b [minor] Simplify whitespace regex
    • 319851b [fix] Remove CR, HT, and LF
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 1
  • Bump follow-redirects from 1.14.1 to 1.14.7 in /skill-ui

    Bump follow-redirects from 1.14.1 to 1.14.7 in /skill-ui

    Bumps follow-redirects from 1.14.1 to 1.14.7.

    Commits
    • 2ede36d Release version 1.14.7 of the npm package.
    • 8b347cb Drop Cookie header across domains.
    • 6f5029a Release version 1.14.6 of the npm package.
    • af706be Ignore null headers.
    • d01ab7a Release version 1.14.5 of the npm package.
    • 40052ea Make compatible with Node 17.
    • 86f7572 Fix: clear internal timer on request abort to avoid leakage
    • 2e1eaf0 Keep Authorization header on subdomain redirects.
    • 2ad9e82 Carry over Host header on relative redirects (#172)
    • 77e2a58 Release version 1.14.4 of the npm package.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 1
  • Bump url-parse from 1.5.1 to 1.5.3 in /skill-ui

    Bump url-parse from 1.5.1 to 1.5.3 in /skill-ui

    Bumps url-parse from 1.5.1 to 1.5.3.

    Commits
    • ad44493 [dist] 1.5.3
    • c798461 [fix] Fix host parsing for file URLs (#210)
    • 201034b [dist] 1.5.2
    • 2d9ac2c [fix] Sanitize only special URLs (#209)
    • fb128af [fix] Use 'null' as origin for non special URLs
    • fed6d9e [fix] Add a leading slash only if the URL is special
    • 94872e7 [fix] Do not incorrectly set the slashes property to true
    • 81ab967 [fix] Ignore slashes after the protocol for special URLs
    • ee22050 [ci] Use GitHub Actions
    • d2979b5 [fix] Special case the file: protocol (#204)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 1
  • Bump postcss from 7.0.35 to 7.0.36 in /skill-ui

    Bump postcss from 7.0.35 to 7.0.36 in /skill-ui

    Bumps postcss from 7.0.35 to 7.0.36.

    Release notes

    Sourced from postcss's releases.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.
    Changelog

    Sourced from postcss's changelog.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 1
  • Bump fastapi from 0.65.1 to 0.65.2

    Bump fastapi from 0.65.1 to 0.65.2

    Bumps fastapi from 0.65.1 to 0.65.2.

    Release notes

    Sourced from fastapi's releases.

    0.65.2

    Security fixes

    This change fixes a CSRF security vulnerability when using cookies for authentication in path operations with JSON payloads sent by browsers.

    In versions lower than 0.65.2, FastAPI would try to read the request payload as JSON even if the content-type header sent was not set to application/json or a compatible JSON media type (e.g. application/geo+json).

    So, a request with a content type of text/plain containing JSON data would be accepted and the JSON data would be extracted.

    But requests with content type text/plain are exempt from CORS preflights, for being considered Simple requests. So, the browser would execute them right away including cookies, and the text content could be a JSON string that would be parsed and accepted by the FastAPI application.

    See CVE-2021-32677 for more details.

    Thanks to Dima Boger for the security report! 🙇🔒

    Internal

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 1
  • Bump ws from 6.2.1 to 6.2.2 in /skill-ui

    Bump ws from 6.2.1 to 6.2.2 in /skill-ui

    Bumps ws from 6.2.1 to 6.2.2.

    Release notes

    Sourced from ws's releases.

    6.2.2

    Bug fixes

    • Backported 00c425ec to the 6.x release line (78c676d2).
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump dns-packet from 1.3.1 to 1.3.4 in /skill-ui

    Bump dns-packet from 1.3.1 to 1.3.4 in /skill-ui

    Bumps dns-packet from 1.3.1 to 1.3.4.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Scaffold project is missing in SDK binary distribution

    Scaffold project is missing in SDK binary distribution

    Trying to initialize a project with vs init:

    Traceback (most recent call last):
      File "/home/vadim/PycharmProjects/test/.venv/bin/vs", line 8, in <module>
        sys.exit(main())
      File "/home/vadim/PycharmProjects/test/.venv/lib/python3.8/site-packages/skill_sdk/__main__.py", line 55, in main
        arguments.command(arguments)
      File "/home/vadim/PycharmProjects/test/.venv/lib/python3.8/site-packages/skill_sdk/cli/init.py", line 68, in execute
        copy_tree(scaffold_path.__str__(), path.__str__())
      File "/usr/lib/python3.8/distutils/dir_util.py", line 126, in copy_tree
        raise DistutilsFileError(
    distutils.errors.DistutilsFileError: cannot copy tree '/home/vadim/PycharmProjects/test/.venv/lib/python3.8/site-packages/skill_sdk/cli/scaffold': not a directory
    
    opened by tvadim 1
  • Bump minimist from 1.2.5 to 1.2.6 in /skill-ui

    Bump minimist from 1.2.5 to 1.2.6 in /skill-ui

    Bumps minimist from 1.2.5 to 1.2.6.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump url-parse from 1.5.1 to 1.5.10 in /skill-ui

    Bump url-parse from 1.5.1 to 1.5.10 in /skill-ui

    Bumps url-parse from 1.5.1 to 1.5.10.

    Commits
    • 8cd4c6c 1.5.10
    • ce7a01f [fix] Improve handling of empty port
    • 0071490 [doc] Update JSDoc comment
    • a7044e3 [minor] Use more descriptive variable name
    • d547792 [security] Add credits for CVE-2022-0691
    • ad23357 1.5.9
    • 0e3fb54 [fix] Strip all control characters from the beginning of the URL
    • 61864a8 [security] Add credits for CVE-2022-0686
    • bb0104d 1.5.8
    • d5c6479 [fix] Handle the case where the port is specified but empty
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump follow-redirects from 1.14.1 to 1.14.8 in /skill-ui

    Bump follow-redirects from 1.14.1 to 1.14.8 in /skill-ui

    Bumps follow-redirects from 1.14.1 to 1.14.8.

    Commits
    • 3d81dc3 Release version 1.14.8 of the npm package.
    • 62e546a Drop confidential headers across schemes.
    • 2ede36d Release version 1.14.7 of the npm package.
    • 8b347cb Drop Cookie header across domains.
    • 6f5029a Release version 1.14.6 of the npm package.
    • af706be Ignore null headers.
    • d01ab7a Release version 1.14.5 of the npm package.
    • 40052ea Make compatible with Node 17.
    • 86f7572 Fix: clear internal timer on request abort to avoid leakage
    • 2e1eaf0 Keep Authorization header on subdomain redirects.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump postcss from 7.0.35 to 7.0.39 in /skill-ui

    Bump postcss from 7.0.35 to 7.0.39 in /skill-ui

    Bumps postcss from 7.0.35 to 7.0.39.

    Release notes

    Sourced from postcss's releases.

    7.0.39

    • Reduce package size.
    • Backport nanocolors to picocolors migration.

    7.0.38

    • Update Processor#version.

    7.0.37

    • Backport chalk to nanocolors migration.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.
    Changelog

    Sourced from postcss's changelog.

    7.0.39

    • Reduce package size.
    • Backport nanocolors to picocolors migration.

    7.0.38

    • Update Processor#version.

    7.0.37

    • Backport chalk to nanocolors migration.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump shelljs from 0.8.4 to 0.8.5 in /skill-ui

    Bump shelljs from 0.8.4 to 0.8.5 in /skill-ui

    Bumps shelljs from 0.8.4 to 0.8.5.

    Release notes

    Sourced from shelljs's releases.

    v0.8.5

    This was a small security fix for #1058.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
Releases(1.2.1)
  • 1.2.1(Apr 7, 2022)

  • 1.2.0(Apr 5, 2022)

    1.2.0 - 2022-04-05

    Features

    • Enhance User-Agent header to include kubernetes POD name when it comes to SVH cluster requests
    • Adding newReferenceType called MEDIA_CONTENT_END
    Source code(tar.gz)
    Source code(zip)
  • 1.1.9(Mar 31, 2022)

    1.1.9 - 2022-03-31

    Bugfixes

    • Making variable postal_code Optional of class AddressComponents due to some cities from location service has no postal code
    Source code(tar.gz)
    Source code(zip)
  • 1.1.8(Mar 17, 2022)

  • 1.1.7(Mar 15, 2022)

  • 1.1.6(Feb 9, 2022)

    1.1.6 - 2022-02-09

    Features

    • Introduce cvi service-token decryption utility.

    • Refactor unit tests from unittest to pytest module.

    Bugfixes

    • Fixed uvicorn logging when --log-level set to trace.

    • Bump FastAPI from 0.68.0 to 0.70.0.

    • Fix mypy error

    Source code(tar.gz)
    Source code(zip)
  • 0.16.2(Feb 8, 2022)

  • 0.16.1(Feb 8, 2022)

  • 0.16.0(Dec 7, 2021)

  • 1.1.4(Sep 13, 2021)

    1.1.4 - 2021-08-18

    Features

    Bugfixes

    • Corrected "X-Tenant-Id" tracing header propagation and logging.

    • Fixed "typing.List" annotation handling in UI.

    • Fixed cutting DelayedClientTask from skill response. Added type annotation to DelayedClientTask.invoke keyword arguments.

    • Fixed EntityValueException if an intent handler parameter annotated as skill_sdk.intents.Request.

    • Fixed ValidationError when loading skill settings caused by not set API_KEY environment variable.

    • Fixed asyncio - Task exception was never retrieved error message in debug log UI display.

    • Bump FastAPI from 0.67.0 to 0.68.0.

    Source code(tar.gz)
    Source code(zip)
  • 0.15.3(Aug 10, 2021)

  • 1.1.3(Jul 26, 2021)

    1.1.3 - 2021-07-26

    Bugfixes

    • Fixed persistent service URL in howto.

    • Added "skill_id"/"client_type_name"/"user_profile_config" arguments to create_context helper.

    • "Magenta transaction ID" value added to logging record.

    • Bump FastAPI from 0.66.0 to 0.67.0.

    Source code(tar.gz)
    Source code(zip)
  • 0.15.2(Jul 26, 2021)

    [v0.15.2] - 2021-07-26

    Features

    • Magenta transaction Id value added to logging record.
    • "Tenant" logging value is read from "X-TenantId" header.

      IMPORTANT: for logging purpose only, do not use this header to build tenant-specific logic.

    Miscellaneous

    • Requirements bump:
      • apispec from 4.6.0 to 4.7.1
      • python-dateutil from 2.8.1 to 2.8.2
      • requests from 2.25.1 to 2.26.0
    Source code(tar.gz)
    Source code(zip)
  • 1.1.2(Jul 13, 2021)

    1.1.2 - 2021-07-12

    Features

    • Added "Baggage-X-Magenta-Transaction-Id" header propagation. The header is also available for logging as:
    from skill_sdk.log import tracing_headers
    
    >>> tracing_headers()
    {<HeaderKeys.trace_id: 'X-B3-TraceId'>: 'trace-id', <HeaderKeys.span_id: 'X-B3-SpanId'>: 'span-id', <HeaderKeys.tenant_id: 'X-TenantId'>: 'tenant-id', <HeaderKeys.testing_flag: 'X-Testing'>: '1', <HeaderKeys.magenta_transaction_id: 'Baggage-X-Magenta-Transaction-Id'>: 'my-id'}
    

    Bugfixes

    • Bump FastAPI from 0.65.2 to 0.66.0. Release notes.

    • Fixed vs run [module] command that ignored the module parameter.

    Source code(tar.gz)
    Source code(zip)
  • 1.1.1(Jun 30, 2021)

  • 1.1.0(Jun 22, 2021)

    1.1.0 - 2021-06-22

    Features

    • Add support for the new companion app cards format: Action Cards v3.0.

    • When joining internationalization message strings (i18n.Message), translation keys are joined along with their values for better readability.

    Source code(tar.gz)
    Source code(zip)
  • 0.15.0(Jun 22, 2021)

    [v0.15.0] - 2021-06-22

    Features

    • Add support for the new companion app cards format: Action Cards v3.0.

    Miscellaneous

    • Requirements bump:
      • apispec from 4.5.0 to 4.6.0
    Source code(tar.gz)
    Source code(zip)
  • 1.0.6(Jun 14, 2021)

    1.0.6 - 2021-06-14

    Bugfixes

    • Bump FastAPI from 0.65.1 to 0.65.2. Fixes CSRF vulnerability: CVE-2021-32677.

    • Fix skill.test_intent helper FALLBACK_INTENT handling.

    • Remove skill.init_app initialization when running vs version command.

    Source code(tar.gz)
    Source code(zip)
  • 0.14.4(Jun 10, 2021)

    [v0.14.4] - 2021-06-10

    Bugfixes

    • Fixed skill.test_intent helper FALLBACK_INTENT handling.

    Miscellaneous

    • Requirements bump:
      • apispec from 4.4.0 to 4.5.0
      • prometheus_client from 0.10.0 to 0.11.0
    Source code(tar.gz)
    Source code(zip)
  • 1.0.5(Jun 7, 2021)

    1.0.5 - 2021-06-07

    Features

    • Skill configuration is compatible with dotenv. Skill setting values can be overwritten with environment variables.

      File with environment settings can be specified when running a skill with --env-file argument to vs CLI tool. To start skill in development mode with environment settings loaded from .env.dev file:

      vs develop --env-file .env.dev

    Bugfixes

    • Various UI fixes.

    • Logging:

      • Fix uvicorn access log formatter to consistently use either human-readable or GELF format.

      • Add logging helpers to optionally hide JWT-like token strings.

    Source code(tar.gz)
    Source code(zip)
  • 1.0.4(Jun 7, 2021)

    1.0.4 - 2021-05-26

    Bugfixes

    • Fix the initialization of Prometheus metrics exporter endpoint.

    • Logging:

      • Display uvicorn access log in GELF format.

      • Add Gunicorn logging formatter: can be used to export skill logs as GELF-compatible JSON when deploying with Gunicorn.
        To activate, add --logger-class=skill_sdk.log.GunicornLogger parameter when deploying the skill.

    Source code(tar.gz)
    Source code(zip)
  • 0.14.3(May 12, 2021)

    [v0.14.3] - 2021-05-12

    Features

    • Internationalization module supports YAML translations in RoR i18n format.

    Bugfixes

    • Test helper skill.test_intent fixed with correct intent name creating a test invoke context.
    Source code(tar.gz)
    Source code(zip)
  • 1.0.2(May 5, 2021)

    1.0.2 - 2021-05-05

    Features

    • #49: On-demand debug logging. This feature is activated with X-User-Debug-Log header: if header is present in skill invoke request, logging level is lowered to DEBUG.

    • #51: Address lookup and device location endpoints of location service:

      • LocationService.device_location retrieves the device location (the info, a user has setup in companion app) with geo coordinates.

      • LocationService.address_lookup returns a list of addresses (with geo-coordinates) for a given query. A query consists of any of address fields (country, zip, street name, house number).

    Bugfixes

    • Environment variable placeholders (in skill.conf) may now contain curly braces, so you can have formatted string literals as default values.
    Source code(tar.gz)
    Source code(zip)
  • 0.14.2(May 5, 2021)

    [v0.14.2] - 2021-05-05

    Bugfixes

    • Environment variable placeholders can contain curly braces in default values. You can now place formatted string literals to default values.

    • Location service returns 404 (Not Found) if no location data is present for a device. This error code is now treated as normal, and None value is returned instead.

    Source code(tar.gz)
    Source code(zip)
  • 0.14.1(May 4, 2021)

    [v0.14.1] - 2021-05-04

    Features

    • Device location endpoint added to location service. It is a preferable way for a skill to get device location information, such as address or zip-code.

    Miscellaneous

    • Requirements bump:
      • apispec from 4.3.0 to 4.4.0
      • arrow from 1.0.2 to 1.1.0
      • gunicorn from 20.0.4 to 20.1.0
      • prometheus_client from 0.10.0 to 0.10.1
      • py-zipkin from 0.20.1 to 0.20.2
      • requests-mock from 1.8.0 to 1.9.2
    Source code(tar.gz)
    Source code(zip)
  • 1.0.1(Apr 8, 2021)

    1.0.1 - 2021-04-08

    Bugfixes

    • #47: Scaffold project files added to both binary and source distribution.

    Features

    • #45: New "response_hook" parameter when constructing requests.Client/AsyncClient. Allows plugging in observability metrics when calling partner services. For example, to count requests to partner service with response codes:

      from skill_sdk.requests import AsyncClient
      from skill_sdk.middleware.prometheus import count_partner_calls
      
      async with AsyncClient(
          response_hook=count_partner_calls("partner-service")
      ) as client:
          response = await client.get("https://partner-service-api")
      
    • #43: Source code documentation has been reviewed.

    • #42: Asyncio event loops can be nested when calling utils.run_until_complete. Usable when mixing sync and async handlers.

    Source code(tar.gz)
    Source code(zip)
  • 1.0(Mar 26, 2021)

    Major changes

    Explicit concurrency model:

    Skill SDK for Python supports asynchronous coroutines (async def intent handlers):

    @skill.intent_handler("HELLO_WORLD__INTENT")
    async def handler() -> Response:
      return await long_running_async_function()
    

    Synchronous handlers are also supported and executed in ThreadPoolExecutor.

    Breaking changes

    1. No more text services.

      This is a major step towards completely phasing out the text services. Only local translations (both gettext .po/.mo and YAML formats) are supported. The translations will not be reloaded from cloud service.

    2. Global invocation context object is replaced with request context variable.

      The variable is accessible to intent handlers and is a copy of currently running invoke request: InvokeSkillRequestDto.

    3. Localization became internationalization.

      skill_sdk.l10n is renamed to skill_sdk.i18n and python-babel is used as translation module.

    4. Tracing and Prometheus middleware has become optional.

      To make use of tracings/metrics, skill SDK must be installed with all extra: python -m pip install skill-sdk[all]. With this extra installed, tracing helpers are importable from skill_sdk.middleware.tracing, and Prometheus helpers - from skill_sdk.middleware.prometheus.

    5. Responses are immutable:

      You can create a response (or any related object like Card, Kit, Task, Command) in a constructor. After constructing the object, the only way to mutate it is by using the factory methods.

    Minor and non-breaking changes

    1. Skill configuration changes.

      Skill configuration is available as attributes of skill_sdk.config.settings object. For backward compatibility, skill.conf file in ConfigParser format is still supported. Section names are joined with config keys and converted to upper-case, so that a value url in [service] section is available as settings.SERVICE_URL

      from skill_sdk.config import settings
      
      settings.SKILL_NAME     # skill name - corresponds to **name** attribute in **[skill]** section
      settings.VALUE_FOR_TESTING = "test"  # config values are mutable 
      

      It is suggested migrating the skill config to BaseSetting format.

    2. Test helpers have been moved to skill_sdk.util module.

    3. Python requests are replaced with HTTPX client.

      requests_mock doesn't work any more and is replaced with respx module.

    4. requests.CircuitBreakerSession is deprecated.

      There are now two similar adapters in skill_sdk.requests.

      One is skill_sdk.requests.Client - an HTTPX synchronous client (requests.CircuitBreakerSession is simply an alias for this adapter).

      The other is skill_sdk.requests.AsyncClient - an asynchronous client compatible with await/async with statements.

      good_codes/bad_codes are replaced with exclude parameter. Good codes are the HTTP status codes between 200 and 399. To suppress an exception if HTTP 404 is returned as status code, use exclude:

      from skill_sdk.requests import AsyncClient, codes
      
      with AsyncClient() as client:
          r = await client.request("GET", "my_url", exclude=(codes.NOT_FOUND,))
      
    Source code(tar.gz)
    Source code(zip)
  • 0.14.0(Mar 22, 2021)

    [v0.14.0] - 2021-03-22

    Miscellaneous

    • Skill SPI has been bumped to version 1.4.1.

      You can now attach client tasks to the response, for example, tell the client to execute another intent:

      from skill_sdk.responses import ClientTask, Response
      
      response = Response("Weather forecast follows.").with_task(
          ClientTask.invoke("WEATHER__INTENT")
      )
      
    Source code(tar.gz)
    Source code(zip)
  • 0.12.2(Mar 12, 2021)

  • 0.12.1(Mar 12, 2021)

    • X-Testing/Testing headers forwarding: these headers are used to distinguish test traffic. To propagate the headers, set internal flag when creating a circuit breaker for HTTP requests session:

      from skill_sdk.requests import CircuitBreakerSession
      
      with CircuitBreakerSession(internal=True) as session:
          result = session.get("https://internal-service.local")
      
    Source code(tar.gz)
    Source code(zip)
Owner
Telekom Open Source Software
published by Deutsche Telekom AG and partner companies
Telekom Open Source Software
Graviti-python-sdk - Graviti Data Platform Python SDK

Graviti Python SDK Graviti Python SDK is a python library to access Graviti Data

Graviti 13 Dec 15, 2022
MONAI Deploy App SDK offers a framework and associated tools to design, develop and verify AI-driven applications in the healthcare imaging domain.

MONAI Deploy App SDK offers a framework and associated tools to design, develop and verify AI-driven applications in the healthcare imaging domain.

Project MONAI 49 Dec 23, 2022
Develop and deploy applications with the Ionburst Cloud Python SDK.

Ionburst SDK for Python The Ionburst SDK for Python enables developers to easily integrate with Ionburst Cloud, building in ultra-secure and private o

Ionburst Cloud 3 Mar 6, 2022
The python SDK for Eto, the AI focused data platform for teams bringing AI models to production

Eto Labs Python SDK This is the python SDK for Eto, the AI focused data platform for teams bringing AI models to production. The python SDK makes it e

null 5 Apr 21, 2022
Python SDK for LUSID by FINBOURNE, a bi-temporal investment management data platform with portfolio accounting capabilities.

LUSID® Python SDK This is the Python SDK for LUSID by FINBOURNE, a bi-temporal investment management data platform with portfolio accounting capabilit

FINBOURNE 6 Dec 24, 2022
💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline!

LocalStack - A fully functional local AWS cloud stack LocalStack provides an easy-to-use test/mocking framework for developing Cloud applications. Cur

LocalStack 45.3k Jan 2, 2023
MVP monorepo to rapidly develop scalable, reliable, high-quality components for Amazon Linux instance configuration management

Ansible Amazon Base Repository Ansible Amazon Base Repository About Setting Up Ansible Environment Configuring Python VENV and Ansible Editor Configur

Artem Veremey 1 Aug 6, 2022
The Official Dropbox API V2 SDK for Python

The offical Dropbox SDK for Python. Documentation can be found on Read The Docs. Installation Create an app via the Developer Console. Install via pip

Dropbox 828 Jan 5, 2023
The official Pushy SDK for Python apps.

pushy-python The official Pushy SDK for Python apps. Pushy is the most reliable push notification gateway, perfect for real-time, mission-critical app

Pushy 1 Dec 21, 2021
A Python 2.7/3.x module for Amcrest Cameras using the SDK HTTP API.

A Python 2.7/3.x module for Amcrest Cameras using the SDK HTTP API. Amcrest and Dahua devices share similar firmwares. Dahua Cameras and NVRs also work with this module.

Marcelo Moreira de Mello 176 Dec 21, 2022
This very basic script can be used to automate COVID-19 vaccination slot booking on India's Co-WIN Platform.

COVID-19 Vaccination Slot Booking Script This very basic CLI based script can be used to automate covid vaccination slot booking on Co-WIN Platform. I

null 605 Dec 14, 2022
AWS SDK for Python

Boto3 - The AWS SDK for Python Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK) for Python, which allows Python developers to wri

the boto project 7.8k Jan 8, 2023
Python SDK for Facebook's Graph API

Facebook Python SDK This client library is designed to support the Facebook Graph API and the official Facebook JavaScript SDK, which is the canonical

Mobolic 2.7k Jan 7, 2023
Box SDK for Python

Box Python SDK Installing Getting Started Authorization Server-to-Server Auth with JWT Traditional 3-legged OAuth2 Other Auth Options Usage Documentat

Box 371 Dec 29, 2022
Evernote SDK for Python

Evernote SDK for Python Evernote API version 1.28 This SDK is intended for use with Python 2.X For Evernote's beta Python 3 SDK see https://github.com

Evernote 612 Dec 30, 2022
Python SDK for IEX Cloud

iexfinance Python SDK for IEX Cloud. Architecture mirrors that of the IEX Cloud API (and its documentation). An easy-to-use toolkit to obtain data for

Addison Lynch 640 Jan 7, 2023
Unofficial Medium Python Flask API and SDK

PyMedium - Unofficial Medium API PyMedium is an unofficial Medium API written in python flask. It provides developers to access to user, post list and

Engine Bai 157 Nov 11, 2022
The Python SDK for the Rackspace Cloud

pyrax Python SDK for OpenStack/Rackspace APIs DEPRECATED: Pyrax is no longer being developed or supported. See openstacksdk and the rackspacesdk plugi

PyContribs 238 Sep 21, 2022