github2
`<https://github.com/Disfactory/DisfactoryMonthlyReport/commit/2c4c61f9dad6fc185dd5cf4ba6d02197d77edd8f|2c4c61f9>` - chore: autopublish 2024-10-01T01:17:23Z
disfactory-notification
Month: 2024-10
- 2020-09 (51)
- 2020-10 (92)
- 2020-11 (209)
- 2020-12 (97)
- 2021-01 (87)
- 2021-02 (160)
- 2021-03 (231)
- 2021-04 (149)
- 2021-05 (142)
- 2021-06 (115)
- 2021-07 (70)
- 2021-08 (62)
- 2021-09 (103)
- 2021-10 (148)
- 2021-11 (159)
- 2021-12 (134)
- 2022-01 (128)
- 2022-02 (214)
- 2022-03 (264)
- 2022-04 (531)
- 2022-05 (198)
- 2022-06 (108)
- 2022-07 (130)
- 2022-08 (243)
- 2022-09 (248)
- 2022-10 (120)
- 2022-11 (126)
- 2022-12 (130)
- 2023-01 (89)
- 2023-02 (103)
- 2023-03 (169)
- 2023-04 (84)
- 2023-05 (166)
- 2023-06 (143)
- 2023-07 (149)
- 2023-08 (107)
- 2023-09 (136)
- 2023-10 (100)
- 2023-11 (118)
- 2023-12 (102)
- 2024-01 (72)
- 2024-02 (70)
- 2024-03 (100)
- 2024-04 (88)
- 2024-05 (2)
- 2024-06 (31)
- 2024-07 (4)
- 2024-08 (6)
- 2024-09 (6)
- 2024-10 (40)
- 2024-11 (21)
2024-10-01
2024-10-16
github2
<https://github.com/Disfactory/frontend/pull/178|#178 chore: upgrade packages>
*TODOs* • fix npm run build • Upgrade github action nodejs version • `npm run test` failed
:white_check_mark: 2 other checks have passed
@null
github2
<https://github.com/Disfactory/frontend/pull/178|#178 chore: upgrade packages>
also bump vue@2 version to match vue-template-compiler version
@null
github2
<https://github.com/Disfactory/Disfactory/issues/641|#641 公文後台無法儲存變更>
*Describe the bug* 審完案件、勾選完那些factory status選項後,無法儲存 *To Reproduce* Steps to reproduce the behavior: 1. Go to '<https://staging.disfactory.tw/admin/api/document/|staging.>' 2. Click on 'Factorys' category 3. Select any random case 4. Modify the factory status of the case 5. see error *Expected behavior* 更改完工廠狀態不會出現網頁錯誤訊息 *Screenshots* <https://private-user-images.githubusercontent.com/81308197/272793915-1487d140-934d-48cd-9e4a-ca7e649f9746.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjkwODM5NDgsIm5iZiI6MTcyOTA4MzY0OCwicGF0aCI6Ii84MTMwODE5Ny8yNzI3OTM5MTUtMTQ4N2QxNDAtOTM0ZC00OGNkLTllNGEtY2E3ZTY0OWY5NzQ2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDEwMTYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQxMDE2VDEzMDA0OFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWM5NzQ2ZTZlMTkyNDY0MWY1YTM4NWUwYmJhMzlhMjE5YzNjMjNkYTg3ODJiNGZmNTc4ZWNiMjRlMGJiOWNkNTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.9_MUEeLGhu6bueqoI0Q3sGhUDPekPgcIxTTXlGn3xio|無法操作> <https://private-user-images.githubusercontent.com/81308197/272793920-895a2702-dfb0-481b-81e8-f004eee1cf5d.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjkwODM5NDgsIm5iZiI6MTcyOTA4MzY0OCwicGF0aCI6Ii84MTMwODE5Ny8yNzI3OTM5MjAtODk1YTI3MDItZGZiMC00ODFiLTgxZTgtZjAwNGVlZTFjZjVkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDEwMTYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQxMDE2VDEzMDA0OFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWFmYjVmZDUyNzhmMjA2MzMzMzAyN2M3MzM4MGNhZWE1ZDZjMWUyZjIyMDI1MDAzOGUwM2ZmYWE2NDU5Y2RmYjQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.d9tz67KlMkcc0UKpvXzo5zNzZn9ITWZx2Uc8CpcvJeU|螢幕擷取畫面 2023-10-05 120055> *Desktop (please complete the following information):* • OS: windows10 • Browser : brave
github2
@null
github2
<https://github.com/Disfactory/Disfactory/issues/641|#641 公文後台無法儲存變更>
*Describe the bug* 審完案件、勾選完那些factory status選項後,無法儲存 *To Reproduce* Steps to reproduce the behavior: 1. Go to '<https://staging.disfactory.tw/admin/api/document/|staging.>' 2. Click on 'Factorys' category 3. Select any random case 4. Modify the factory status of the case 5. see error *Expected behavior* 更改完工廠狀態不會出現網頁錯誤訊息 *Screenshots* <https://private-user-images.githubusercontent.com/81308197/272793915-1487d140-934d-48cd-9e4a-ca7e649f9746.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjkwODM5NDgsIm5iZiI6MTcyOTA4MzY0OCwicGF0aCI6Ii84MTMwODE5Ny8yNzI3OTM5MTUtMTQ4N2QxNDAtOTM0ZC00OGNkLTllNGEtY2E3ZTY0OWY5NzQ2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDEwMTYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQxMDE2VDEzMDA0OFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWM5NzQ2ZTZlMTkyNDY0MWY1YTM4NWUwYmJhMzlhMjE5YzNjMjNkYTg3ODJiNGZmNTc4ZWNiMjRlMGJiOWNkNTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.9_MUEeLGhu6bueqoI0Q3sGhUDPekPgcIxTTXlGn3xio|無法操作> <https://private-user-images.githubusercontent.com/81308197/272793920-895a2702-dfb0-481b-81e8-f004eee1cf5d.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjkwODM5NDgsIm5iZiI6MTcyOTA4MzY0OCwicGF0aCI6Ii84MTMwODE5Ny8yNzI3OTM5MjAtODk1YTI3MDItZGZiMC00ODFiLTgxZTgtZjAwNGVlZTFjZjVkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDEwMTYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQxMDE2VDEzMDA0OFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWFmYjVmZDUyNzhmMjA2MzMzMzAyN2M3MzM4MGNhZWE1ZDZjMWUyZjIyMDI1MDAzOGUwM2ZmYWE2NDU5Y2RmYjQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.d9tz67KlMkcc0UKpvXzo5zNzZn9ITWZx2Uc8CpcvJeU|螢幕擷取畫面 2023-10-05 120055> *Desktop (please complete the following information):* • OS: windows10 • Browser : brave
github2
@null
github2
<https://github.com/Disfactory/Disfactory/issues/626|#626 審查後確定不檢舉的案子也需要顯示為「無法處理」>
*Is your feature request related to a problem? Please describe.* 經審查後確定不檢舉,也標示為「已審查-不檢舉」的案子,現在在前台的顯示是*未處理*,希望能改為顯示為*無法處理* <https://user-images.githubusercontent.com/81308197/199933074-042a78e8-e2c3-4872-91bd-e434acb19e40.png|螢幕截圖 2022-11-04 16 55 31> <https://user-images.githubusercontent.com/81308197/199933085-565b0211-1d5b-4c5d-97b8-3516c251b45a.png|螢幕截圖 2022-11-04 16 56 54>
github2
@null
github2
<https://github.com/Disfactory/Disfactory/issues/626|#626 審查後確定不檢舉的案子也需要顯示為「無法處理」>
*Is your feature request related to a problem? Please describe.* 經審查後確定不檢舉,也標示為「已審查-不檢舉」的案子,現在在前台的顯示是*未處理*,希望能改為顯示為*無法處理* <https://user-images.githubusercontent.com/81308197/199933074-042a78e8-e2c3-4872-91bd-e434acb19e40.png|螢幕截圖 2022-11-04 16 55 31> <https://user-images.githubusercontent.com/81308197/199933085-565b0211-1d5b-4c5d-97b8-3516c251b45a.png|螢幕截圖 2022-11-04 16 56 54>
github2
@null
github2
<https://github.com/Disfactory/Disfactory/issues/558|#558 將A案件回報資料轉移到B案件>
*Is your feature request related to a problem? Please describe.* 有回報者會把照片上傳到錯誤的地方 之前的做法是直接改位置經緯度 但現在問題是有回報者把新增工廠的照片傳到「既有工廠」(來源為G)的上面,這樣直接改會把既有工廠的點位直接改掉 另外,也會有回報者會不斷新增點位,而不是補充照片到同一個點上 *Describe the solution you'd like* 有個可以直接轉移reportrecord和image到其他案件的方法 *Describe alternatives you've considered* 一張一張自己下載,再丟到想整合位置上面 但很多張的時候會很想死:) *Additional context* 見案件: <https://api.disfactory.tw/admin/api/factory/62ba8a7c-9c4d-41ed-a0f8-70bfba99f3c0/change/?_changelist_filters=o%3D4%26p%3D3%26source__exact%3DG|https://api.disfactory.tw/admin/api/factory/62ba8a7c-9c4d-41ed-a0f8-70bfba99f3c0/change/?_changelist_filters=o%3D4%26p%3D3%26source__exact%3DG> 這個人要檢舉的其實是下方「雜貨店」那邊,但那邊沒有點位,他就上傳在上方這個既有上面了 <https://user-images.githubusercontent.com/60970217/130429262-95ff5621-6463-473a-8b7d-9b637c954d19.png|截圖 2021-08-23 下午6 03 10>
github2
@null
github2
<https://github.com/Disfactory/Disfactory/issues/558|#558 將A案件回報資料轉移到B案件>
*Is your feature request related to a problem? Please describe.* 有回報者會把照片上傳到錯誤的地方 之前的做法是直接改位置經緯度 但現在問題是有回報者把新增工廠的照片傳到「既有工廠」(來源為G)的上面,這樣直接改會把既有工廠的點位直接改掉 另外,也會有回報者會不斷新增點位,而不是補充照片到同一個點上 *Describe the solution you'd like* 有個可以直接轉移reportrecord和image到其他案件的方法 *Describe alternatives you've considered* 一張一張自己下載,再丟到想整合位置上面 但很多張的時候會很想死:) *Additional context* 見案件: <https://api.disfactory.tw/admin/api/factory/62ba8a7c-9c4d-41ed-a0f8-70bfba99f3c0/change/?_changelist_filters=o%3D4%26p%3D3%26source__exact%3DG|https://api.disfactory.tw/admin/api/factory/62ba8a7c-9c4d-41ed-a0f8-70bfba99f3c0/change/?_changelist_filters=o%3D4%26p%3D3%26source__exact%3DG> 這個人要檢舉的其實是下方「雜貨店」那邊,但那邊沒有點位,他就上傳在上方這個既有上面了 <https://user-images.githubusercontent.com/60970217/130429262-95ff5621-6463-473a-8b7d-9b637c954d19.png|截圖 2021-08-23 下午6 03 10>
github2
@null
github2
<https://github.com/Disfactory/Disfactory/issues/503|#503 document table:「輸出docx」出現502>
*Describe the bug* 目前在document table無法「輸出docx」,會出現「Bad Gateway 502」的圖樣 *To Reproduce* 1. 勾選110004 ~ 110041的document 2. 選擇「輸出成docx」的action 3. 點「Go 」 *Desktop (please complete the following information):* • OS: macOS Catalina • Browser: chrome • Version: 88.0.4324.150 *Additional context* 已測試跳過沒有townname、cet_staff的document,依舊無法輸出
github2
@null
github2
<https://github.com/Disfactory/Disfactory/issues/503|#503 document table:「輸出docx」出現502>
*Describe the bug* 目前在document table無法「輸出docx」,會出現「Bad Gateway 502」的圖樣 *To Reproduce* 1. 勾選110004 ~ 110041的document 2. 選擇「輸出成docx」的action 3. 點「Go 」 *Desktop (please complete the following information):* • OS: macOS Catalina • Browser: chrome • Version: 88.0.4324.150 *Additional context* 已測試跳過沒有townname、cet_staff的document,依舊無法輸出
github2
@null
github2
<https://github.com/Disfactory/about.disfactory.tw/issues/93|#93 改版about page中的新聞連結>
about page改版後,下面「了解更多」的部分,要放入與違章工廠相關的新聞
@null
github2
<https://github.com/Disfactory/about.disfactory.tw/issues/93|#93 改版about page中的新聞連結>
about page改版後,下面「了解更多」的部分,要放入與違章工廠相關的新聞
@null
github2
<https://github.com/Disfactory/SpotDiffFrontend/issues/61|#61 使用者測試:辨識頁面沒有正確答案>
*Is your feature request related to a problem? Please describe.* 測試者辨識完題組,不知道沒有正確答案 *Describe the solution you'd like* 從文案/設計引導使用者,他們是在幫忙協助辨識,答案是要由他們來產生,並不會出現正確答案
@null
github2
<https://github.com/Disfactory/SpotDiffFrontend/issues/61|#61 使用者測試:辨識頁面沒有正確答案>
*Is your feature request related to a problem? Please describe.* 測試者辨識完題組,不知道沒有正確答案 *Describe the solution you'd like* 從文案/設計引導使用者,他們是在幫忙協助辨識,答案是要由他們來產生,並不會出現正確答案
@null
2024-10-23
github2
Bumps <https://github.com/django/django|django> from 2.2.27 to 2.2.28. Commits • <https://github.com/django/django/commit/5c3300027b30c1b498d99010f7d618316f685045|`5c33000`> [2.2.x] Bumped version for 2.2.28 release. • <https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5|`29a6c98`> [2.2.x] Fixed <https://github.com/advisories/GHSA-w24h-v9qh-8gxj "CVE-2022-28347"|CVE-2022-28347> -- Protected QuerySet.explain(**options) against... • <https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d|`2c09e68`> [2.2.x] Fixed <https://github.com/advisories/GHSA-2gwj-7jmv-h26r "CVE-2022-28346"|CVE-2022-28346> -- Protected QuerySet.annotate(), aggregate(), a... • <https://github.com/django/django/commit/8352b98e460f1b5349cd8a9a4ce35a573664c7c3|`8352b98`> [2.2.x] Added stub release notes for 2.2.28. • <https://github.com/django/django/commit/2801f29dadbf890206b4cac59a4831f334418bc7|`2801f29`> [2.2.x] Reverted "Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+." • <https://github.com/django/django/commit/e03648f09c9c6be34d977141e33419f5cf72c0d3|`e03648f`> [2.2.x] Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+. • <https://github.com/django/django/commit/9d13d8c10b18da9f8a9a7ea9325c1e2a23279c72|`9d13d8c`> [2.2.x] Fixed typo in release notes. • <https://github.com/django/django/commit/047ece3014f688d64e190f0d0c9845e9a7dd11fa|`047ece3`> [2.2.x] Added <https://github.com/advisories/GHSA-95rw-fx8r-36v6 "CVE-2022-22818"|CVE-2022-22818> and <https://github.com/advisories/GHSA-6cw3-g6wv-c2xv "CVE-2022-23833"|CVE-2022-23833> to security archive. • <https://github.com/django/django/commit/2427b2fee381e17cd8c72e7c404ec149022fecf1|`2427b2f`> [2.2.x] Post-release version bump. • See full diff in <https://github.com/django/django/compare/2.2.27...2.2.28|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
github2
@null
github2
Bumps <https://github.com/django/django|django> from 2.2.27 to 2.2.28. Commits • <https://github.com/django/django/commit/5c3300027b30c1b498d99010f7d618316f685045|`5c33000`> [2.2.x] Bumped version for 2.2.28 release. • <https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5|`29a6c98`> [2.2.x] Fixed <https://github.com/advisories/GHSA-w24h-v9qh-8gxj "CVE-2022-28347"|CVE-2022-28347> -- Protected QuerySet.explain(**options) against... • <https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d|`2c09e68`> [2.2.x] Fixed <https://github.com/advisories/GHSA-2gwj-7jmv-h26r "CVE-2022-28346"|CVE-2022-28346> -- Protected QuerySet.annotate(), aggregate(), a... • <https://github.com/django/django/commit/8352b98e460f1b5349cd8a9a4ce35a573664c7c3|`8352b98`> [2.2.x] Added stub release notes for 2.2.28. • <https://github.com/django/django/commit/2801f29dadbf890206b4cac59a4831f334418bc7|`2801f29`> [2.2.x] Reverted "Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+." • <https://github.com/django/django/commit/e03648f09c9c6be34d977141e33419f5cf72c0d3|`e03648f`> [2.2.x] Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+. • <https://github.com/django/django/commit/9d13d8c10b18da9f8a9a7ea9325c1e2a23279c72|`9d13d8c`> [2.2.x] Fixed typo in release notes. • <https://github.com/django/django/commit/047ece3014f688d64e190f0d0c9845e9a7dd11fa|`047ece3`> [2.2.x] Added <https://github.com/advisories/GHSA-95rw-fx8r-36v6 "CVE-2022-22818"|CVE-2022-22818> and <https://github.com/advisories/GHSA-6cw3-g6wv-c2xv "CVE-2022-23833"|CVE-2022-23833> to security archive. • <https://github.com/django/django/commit/2427b2fee381e17cd8c72e7c404ec149022fecf1|`2427b2f`> [2.2.x] Post-release version bump. • See full diff in <https://github.com/django/django/compare/2.2.27...2.2.28|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
github2
@null
github2
<https://github.com/Disfactory/Disfactory/pull/605|#605 Bump lxml from 4.6.5 to 4.9.1 in /backend>
Bumps <https://github.com/lxml/lxml|lxml> from 4.6.5 to 4.9.1. Changelog _Sourced from <https://github.com/lxml/lxml/blob/master/CHANGES.txt|lxml's changelog>._ > *4.9.1 (2022-07-01)* > > *Bugs fixed* > > • A crash was resolved when using `iterwalk()` (or `canonicalize()`) after parsing certain incorrect input. Note that `iterwalk()` can crash on _valid_ input parsed with the same parser _after_ failing to parse the incorrect input. > > *4.9.0 (2022-06-01)* > > *Bugs fixed* > > • GH#341: The mixin inheritance order in `lxml.html` was corrected. Patch by xmo-odoo. > > *Other changes* > > • Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12. > • Wheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35 (libxml2 2.9.12+ and libxslt 1.1.34 on Windows). > • GH#343: Windows-AArch64 build support in Visual Studio. Patch by Steve Dower. > > *4.8.0 (2022-02-17)* > > *Features added* > > • GH#337: Path-like objects are now supported throughout the API instead of just strings. Patch by Henning Janssen. > • The `ElementMaker` now supports `QName` values as tags, which always override the default namespace of the factory. > > *Bugs fixed* > > • GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively. ... (truncated) Commits • <https://github.com/lxml/lxml/commit/d01872ccdf7e1e5e825b6c6292b43e7d27ae5fc4|`d01872c`> Prevent parse failure in new test from leaking into later test runs. • <https://github.com/lxml/lxml/commit/d65e63229e8958bc08344a85cd3f09ceeef933c3|`d65e632`> Prepare release of lxml 4.9.1. • <https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f|`86368e9`> Fix a crash when incorrect parser input occurs together with usages of iterwa... • <https://github.com/lxml/lxml/commit/50c276412880c1a3dde8a6d6c909e3ed8ef47e43|`50c2764`> Delete unused Travis CI config and reference in docs (<https://github-redirect.dependabot.com/lxml/lxml/issues/345|GH-345>) • <https://github.com/lxml/lxml/commit/8f0bf2d158f2dd3f98d410c8a38fcd536fd11b53|`8f0bf2d`> Try to speed up the musllinux AArch64 build by splitting the different CPytho... • <https://github.com/lxml/lxml/commit/b9f7074430594b95824059eef931dfbb27a7645e|`b9f7074`> Remove debug print from test. • <https://github.com/lxml/lxml/commit/b224e0f69dde58425d1077e07d193d19d3f803a9|`b224e0f`> Try to install 'xz' in wheel builds, if available, since it's now needed to e... • <https://github.com/lxml/lxml/commit/897ebfa002fe5ec773ffe8851721047fedcc6928|`897ebfa`> Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts... • <https://github.com/lxml/lxml/commit/853c9e9cbf1c82d1ad3c096362372a048108905e|`853c9e9`> Prepare release of 4.9.0. • <https://github.com/lxml/lxml/commit/d3f77e678a8394559331d27257714e8aa4b082f2|`d3f77e6`> Add a test for <https://bugs.launchpad.net/lxml/+bug/1965070|https://bugs.launchpad.net/lxml/+bug/1965070> leaving out the a... • Additional commits viewable in <https://github.com/lxml/lxml/compare/lxml-4.6.5...lxml-4.9.1|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
github2
@null
github2
<https://github.com/Disfactory/Disfactory/pull/605|#605 Bump lxml from 4.6.5 to 4.9.1 in /backend>
Bumps <https://github.com/lxml/lxml|lxml> from 4.6.5 to 4.9.1. Changelog _Sourced from <https://github.com/lxml/lxml/blob/master/CHANGES.txt|lxml's changelog>._ > *4.9.1 (2022-07-01)* > > *Bugs fixed* > > • A crash was resolved when using `iterwalk()` (or `canonicalize()`) after parsing certain incorrect input. Note that `iterwalk()` can crash on _valid_ input parsed with the same parser _after_ failing to parse the incorrect input. > > *4.9.0 (2022-06-01)* > > *Bugs fixed* > > • GH#341: The mixin inheritance order in `lxml.html` was corrected. Patch by xmo-odoo. > > *Other changes* > > • Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12. > • Wheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35 (libxml2 2.9.12+ and libxslt 1.1.34 on Windows). > • GH#343: Windows-AArch64 build support in Visual Studio. Patch by Steve Dower. > > *4.8.0 (2022-02-17)* > > *Features added* > > • GH#337: Path-like objects are now supported throughout the API instead of just strings. Patch by Henning Janssen. > • The `ElementMaker` now supports `QName` values as tags, which always override the default namespace of the factory. > > *Bugs fixed* > > • GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively. ... (truncated) Commits • <https://github.com/lxml/lxml/commit/d01872ccdf7e1e5e825b6c6292b43e7d27ae5fc4|`d01872c`> Prevent parse failure in new test from leaking into later test runs. • <https://github.com/lxml/lxml/commit/d65e63229e8958bc08344a85cd3f09ceeef933c3|`d65e632`> Prepare release of lxml 4.9.1. • <https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f|`86368e9`> Fix a crash when incorrect parser input occurs together with usages of iterwa... • <https://github.com/lxml/lxml/commit/50c276412880c1a3dde8a6d6c909e3ed8ef47e43|`50c2764`> Delete unused Travis CI config and reference in docs (<https://github-redirect.dependabot.com/lxml/lxml/issues/345|GH-345>) • <https://github.com/lxml/lxml/commit/8f0bf2d158f2dd3f98d410c8a38fcd536fd11b53|`8f0bf2d`> Try to speed up the musllinux AArch64 build by splitting the different CPytho... • <https://github.com/lxml/lxml/commit/b9f7074430594b95824059eef931dfbb27a7645e|`b9f7074`> Remove debug print from test. • <https://github.com/lxml/lxml/commit/b224e0f69dde58425d1077e07d193d19d3f803a9|`b224e0f`> Try to install 'xz' in wheel builds, if available, since it's now needed to e... • <https://github.com/lxml/lxml/commit/897ebfa002fe5ec773ffe8851721047fedcc6928|`897ebfa`> Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts... • <https://github.com/lxml/lxml/commit/853c9e9cbf1c82d1ad3c096362372a048108905e|`853c9e9`> Prepare release of 4.9.0. • <https://github.com/lxml/lxml/commit/d3f77e678a8394559331d27257714e8aa4b082f2|`d3f77e6`> Add a test for <https://bugs.launchpad.net/lxml/+bug/1965070|https://bugs.launchpad.net/lxml/+bug/1965070> leaving out the a... • Additional commits viewable in <https://github.com/lxml/lxml/compare/lxml-4.6.5...lxml-4.9.1|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
github2
@null
github2
<https://github.com/Disfactory/Disfactory/pull/627|#627 Bump pillow from 9.0.1 to 9.3.0 in /backend>
Bumps <https://github.com/python-pillow/Pillow|pillow> from 9.0.1 to 9.3.0. Release notes _Sourced from <https://github.com/python-pillow/Pillow/releases|pillow's releases>._ > *9.3.0* > > <https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html|https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html> > > *Changes* > > • Initialize libtiff buffer when saving <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6699|#6699> [<https://github.com/radarhere|`@radarhere`>] > • Limit SAMPLESPERPIXEL to avoid runtime DOS <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6700|#6700> [<https://github.com/wiredfool|`@wiredfool`>] > • Inline fname2char to fix memory leak <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6329|#6329> [<https://github.com/nulano|`@nulano`>] > • Fix memory leaks related to text features <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6330|#6330> [<https://github.com/nulano|`@nulano`>] > • Use double quotes for version check on old CPython on Windows <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6695|#6695> [<https://github.com/hugovk|`@hugovk`>] > • GHA: replace deprecated set-output command with GITHUB_OUTPUT file <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6697|#6697> [<https://github.com/nulano|`@nulano`>] > • Remove backup implementation of Round for Windows platforms <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6693|#6693> [<https://github.com/cgohlke|`@cgohlke`>] > • Upload fribidi.dll to GitHub Actions <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6532|#6532> [<https://github.com/nulano|`@nulano`>] > • Fixed set_variation_by_name offset <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6445|#6445> [<https://github.com/radarhere|`@radarhere`>] > • Windows build improvements <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6562|#6562> [<https://github.com/nulano|`@nulano`>] > • Fix malloc in _imagingft.c:font_setvaraxes <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6690|#6690> [<https://github.com/cgohlke|`@cgohlke`>] > • Only use ASCII characters in C source file <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6691|#6691> [<https://github.com/cgohlke|`@cgohlke`>] > • Release Python GIL when converting images using matrix operations <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6418|#6418> [<https://github.com/hmaarrfk|`@hmaarrfk`>] > • Added ExifTags enums <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6630|#6630> [<https://github.com/radarhere|`@radarhere`>] > • Do not modify previous frame when calculating delta in PNG <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6683|#6683> [<https://github.com/radarhere|`@radarhere`>] > • Added support for reading BMP images with RLE4 compression <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6674|#6674> [<https://github.com/npjg|`@npjg`>] > • Decode JPEG compressed BLP1 data in original mode <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6678|#6678> [<https://github.com/radarhere|`@radarhere`>] > • pylint warnings <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6659|#6659> [<https://github.com/marksmayo|`@marksmayo`>] > • Added GPS TIFF tag info <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6661|#6661> [<https://github.com/radarhere|`@radarhere`>] > • Added conversion between RGB/RGBA/RGBX and LAB <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6647|#6647> [<https://github.com/radarhere|`@radarhere`>] > • Do not attempt normalization if mode is already normal <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6644|#6644> [<https://github.com/radarhere|`@radarhere`>] > • Fixed seeking to an L frame in a GIF <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6576|#6576> [<https://github.com/radarhere|`@radarhere`>] > • Consider all frames when selecting mode for PNG save_all <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6610|#6610> [<https://github.com/radarhere|`@radarhere`>] > • Don't reassign crc on ChunkStream close <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6627|#6627> [<https://github.com/radarhere|`@radarhere`>] > • Raise a warning if NumPy failed to raise an error during conversion <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6594|#6594> [<https://github.com/radarhere|`@radarhere`>] > • Only read a maximum of 100 bytes at a time in IMT header <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6623|#6623> [<https://github.com/radarhere|`@radarhere`>] > • Show all frames in ImageShow <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6611|#6611> [<https://github.com/radarhere|`@radarhere`>] > • Allow FLI palette chunk to not be first <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6626|#6626> [<https://github.com/radarhere|`@radarhere`>] > • If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6592|#6592> [<https://github.com/radarhere|`@radarhere`>] > • Round box position to integer when pasting embedded color <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6517|#6517> [<https://github.com/radarhere|`@radarhere`>] > • Removed EXIF prefix when saving WebP <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6582|#6582> [<https://github.com/radarhere|`@radarhere`>] > • Pad IM palette to 768 bytes when saving <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6579|#6579> [<https://github.com/radarhere|`@radarhere`>] > • Added DDS BC6H reading <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6449|#6449> [<https://github.com/ShadelessFox|`@ShadelessFox`>] > • Added support for opening WhiteIsZero 16-bit integer TIFF images <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6642|#6642> [<https://github.com/JayWiz|`@JayWiz`>] > • Raise an error when allocating translucent color to RGB palette <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6654|#6654> [<https://github.com/jsbueno|`@jsbueno`>] > • Moved mode check outside of loops <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6650|#6650> [<https://github.com/radarhere|`@radarhere`>] > • Added reading of TIFF child images <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6569|#6569> [<https://github.com/radarhere|`@radarhere`>] > • Improved ImageOps palette handling <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6596|#6596> [<https://github.com/PososikTeam|`@PososikTeam`>] > • Defer parsing of palette into colors <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6567|#6567> [<https://github.com/radarhere|`@radarhere`>] > • Apply transparency to P images in ImageTk.PhotoImage <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6559|#6559> [<https://github.com/radarhere|`@radarhere`>] > • Use rounding in ImageOps contain() and pad() <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6522|#6522> [<https://github.com/bibinhashley|`@bibinhashley`>] > • Fixed GIF remapping to palette with duplicate entries <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6548|#6548> [<https://github.com/radarhere|`@radarhere`>] > • Allow remap_palette() to return an image with less than 256 palette entries <https://github-redirect.dependabot.com/python-pillow/Pillow/…
github2
@null
github2
<https://github.com/Disfactory/Disfactory/pull/627|#627 Bump pillow from 9.0.1 to 9.3.0 in /backend>
Bumps <https://github.com/python-pillow/Pillow|pillow> from 9.0.1 to 9.3.0. Release notes _Sourced from <https://github.com/python-pillow/Pillow/releases|pillow's releases>._ > *9.3.0* > > <https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html|https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html> > > *Changes* > > • Initialize libtiff buffer when saving <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6699|#6699> [<https://github.com/radarhere|`@radarhere`>] > • Limit SAMPLESPERPIXEL to avoid runtime DOS <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6700|#6700> [<https://github.com/wiredfool|`@wiredfool`>] > • Inline fname2char to fix memory leak <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6329|#6329> [<https://github.com/nulano|`@nulano`>] > • Fix memory leaks related to text features <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6330|#6330> [<https://github.com/nulano|`@nulano`>] > • Use double quotes for version check on old CPython on Windows <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6695|#6695> [<https://github.com/hugovk|`@hugovk`>] > • GHA: replace deprecated set-output command with GITHUB_OUTPUT file <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6697|#6697> [<https://github.com/nulano|`@nulano`>] > • Remove backup implementation of Round for Windows platforms <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6693|#6693> [<https://github.com/cgohlke|`@cgohlke`>] > • Upload fribidi.dll to GitHub Actions <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6532|#6532> [<https://github.com/nulano|`@nulano`>] > • Fixed set_variation_by_name offset <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6445|#6445> [<https://github.com/radarhere|`@radarhere`>] > • Windows build improvements <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6562|#6562> [<https://github.com/nulano|`@nulano`>] > • Fix malloc in _imagingft.c:font_setvaraxes <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6690|#6690> [<https://github.com/cgohlke|`@cgohlke`>] > • Only use ASCII characters in C source file <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6691|#6691> [<https://github.com/cgohlke|`@cgohlke`>] > • Release Python GIL when converting images using matrix operations <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6418|#6418> [<https://github.com/hmaarrfk|`@hmaarrfk`>] > • Added ExifTags enums <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6630|#6630> [<https://github.com/radarhere|`@radarhere`>] > • Do not modify previous frame when calculating delta in PNG <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6683|#6683> [<https://github.com/radarhere|`@radarhere`>] > • Added support for reading BMP images with RLE4 compression <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6674|#6674> [<https://github.com/npjg|`@npjg`>] > • Decode JPEG compressed BLP1 data in original mode <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6678|#6678> [<https://github.com/radarhere|`@radarhere`>] > • pylint warnings <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6659|#6659> [<https://github.com/marksmayo|`@marksmayo`>] > • Added GPS TIFF tag info <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6661|#6661> [<https://github.com/radarhere|`@radarhere`>] > • Added conversion between RGB/RGBA/RGBX and LAB <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6647|#6647> [<https://github.com/radarhere|`@radarhere`>] > • Do not attempt normalization if mode is already normal <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6644|#6644> [<https://github.com/radarhere|`@radarhere`>] > • Fixed seeking to an L frame in a GIF <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6576|#6576> [<https://github.com/radarhere|`@radarhere`>] > • Consider all frames when selecting mode for PNG save_all <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6610|#6610> [<https://github.com/radarhere|`@radarhere`>] > • Don't reassign crc on ChunkStream close <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6627|#6627> [<https://github.com/radarhere|`@radarhere`>] > • Raise a warning if NumPy failed to raise an error during conversion <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6594|#6594> [<https://github.com/radarhere|`@radarhere`>] > • Only read a maximum of 100 bytes at a time in IMT header <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6623|#6623> [<https://github.com/radarhere|`@radarhere`>] > • Show all frames in ImageShow <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6611|#6611> [<https://github.com/radarhere|`@radarhere`>] > • Allow FLI palette chunk to not be first <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6626|#6626> [<https://github.com/radarhere|`@radarhere`>] > • If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6592|#6592> [<https://github.com/radarhere|`@radarhere`>] > • Round box position to integer when pasting embedded color <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6517|#6517> [<https://github.com/radarhere|`@radarhere`>] > • Removed EXIF prefix when saving WebP <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6582|#6582> [<https://github.com/radarhere|`@radarhere`>] > • Pad IM palette to 768 bytes when saving <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6579|#6579> [<https://github.com/radarhere|`@radarhere`>] > • Added DDS BC6H reading <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6449|#6449> [<https://github.com/ShadelessFox|`@ShadelessFox`>] > • Added support for opening WhiteIsZero 16-bit integer TIFF images <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6642|#6642> [<https://github.com/JayWiz|`@JayWiz`>] > • Raise an error when allocating translucent color to RGB palette <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6654|#6654> [<https://github.com/jsbueno|`@jsbueno`>] > • Moved mode check outside of loops <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6650|#6650> [<https://github.com/radarhere|`@radarhere`>] > • Added reading of TIFF child images <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6569|#6569> [<https://github.com/radarhere|`@radarhere`>] > • Improved ImageOps palette handling <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6596|#6596> [<https://github.com/PososikTeam|`@PososikTeam`>] > • Defer parsing of palette into colors <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6567|#6567> [<https://github.com/radarhere|`@radarhere`>] > • Apply transparency to P images in ImageTk.PhotoImage <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6559|#6559> [<https://github.com/radarhere|`@radarhere`>] > • Use rounding in ImageOps contain() and pad() <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6522|#6522> [<https://github.com/bibinhashley|`@bibinhashley`>] > • Fixed GIF remapping to palette with duplicate entries <https://github-redirect.dependabot.com/python-pillow/Pillow/issues/6548|#6548> [<https://github.com/radarhere|`@radarhere`>] > • Allow remap_palette() to return an image with less than 256 palette entries <https://github-redirect.dependabot.com/python-pillow/Pillow/…
github2
@null
github2
Bumps <https://github.com/certifi/python-certifi|certifi> from 2021.5.30 to 2022.12.7. Commits • <https://github.com/certifi/python-certifi/commit/9e9e840925d7b8e76c76fdac1fab7e6e88c1c3b8|`9e9e840`> 2022.12.07 • <https://github.com/certifi/python-certifi/commit/b81bdb269f1edb791bcd4ec8a9d0c053758f961a|`b81bdb2`> 2022.09.24 • <https://github.com/certifi/python-certifi/commit/939a28ffc57b1613770f572b584745c7b6d43e7d|`939a28f`> 2022.09.14 • <https://github.com/certifi/python-certifi/commit/aca828a78e73235a513dff9ebc181a47ef7dbf7b|`aca828a`> 2022.06.15.2 • <https://github.com/certifi/python-certifi/commit/de0eae12a6d5794a4c1e33052af6717707ce1fcc|`de0eae1`> Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ... • <https://github.com/certifi/python-certifi/commit/b8eb5e9af9143b22b7f651942b393e369ed4c52a|`b8eb5e9`> 2022.06.15.1 • <https://github.com/certifi/python-certifi/commit/47fb7ab715965684e035292d2ad3386aabdc4d25|`47fb7ab`> Fix deprecation warning on Python 3.11 (<https://github-redirect.dependabot.com/certifi/python-certifi/issues/199|#199>) • <https://github.com/certifi/python-certifi/commit/b0b48e059995f455ac1e79b3ad373ad4ef355516|`b0b48e0`> fixes <https://github-redirect.dependabot.com/certifi/python-certifi/issues/198|#198> -- update link in license • <https://github.com/certifi/python-certifi/commit/9d514b4cad79357071c89d7dc4dc1b4df72bb997|`9d514b4`> 2022.06.15 • <https://github.com/certifi/python-certifi/commit/4151e8849481f396537c34812068e89b32731e52|`4151e88`> Add py.typed to <http://MANIFEST.in|MANIFEST.in> to package in sdist (<https://github-redirect.dependabot.com/certifi/python-certifi/issues/196|#196>) • Additional commits viewable in <https://github.com/certifi/python-certifi/compare/2021.05.30...2022.12.07|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
@null
github2
Bumps <https://github.com/certifi/python-certifi|certifi> from 2021.5.30 to 2022.12.7. Commits • <https://github.com/certifi/python-certifi/commit/9e9e840925d7b8e76c76fdac1fab7e6e88c1c3b8|`9e9e840`> 2022.12.07 • <https://github.com/certifi/python-certifi/commit/b81bdb269f1edb791bcd4ec8a9d0c053758f961a|`b81bdb2`> 2022.09.24 • <https://github.com/certifi/python-certifi/commit/939a28ffc57b1613770f572b584745c7b6d43e7d|`939a28f`> 2022.09.14 • <https://github.com/certifi/python-certifi/commit/aca828a78e73235a513dff9ebc181a47ef7dbf7b|`aca828a`> 2022.06.15.2 • <https://github.com/certifi/python-certifi/commit/de0eae12a6d5794a4c1e33052af6717707ce1fcc|`de0eae1`> Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ... • <https://github.com/certifi/python-certifi/commit/b8eb5e9af9143b22b7f651942b393e369ed4c52a|`b8eb5e9`> 2022.06.15.1 • <https://github.com/certifi/python-certifi/commit/47fb7ab715965684e035292d2ad3386aabdc4d25|`47fb7ab`> Fix deprecation warning on Python 3.11 (<https://github-redirect.dependabot.com/certifi/python-certifi/issues/199|#199>) • <https://github.com/certifi/python-certifi/commit/b0b48e059995f455ac1e79b3ad373ad4ef355516|`b0b48e0`> fixes <https://github-redirect.dependabot.com/certifi/python-certifi/issues/198|#198> -- update link in license • <https://github.com/certifi/python-certifi/commit/9d514b4cad79357071c89d7dc4dc1b4df72bb997|`9d514b4`> 2022.06.15 • <https://github.com/certifi/python-certifi/commit/4151e8849481f396537c34812068e89b32731e52|`4151e88`> Add py.typed to <http://MANIFEST.in|MANIFEST.in> to package in sdist (<https://github-redirect.dependabot.com/certifi/python-certifi/issues/196|#196>) • Additional commits viewable in <https://github.com/certifi/python-certifi/compare/2021.05.30...2022.12.07|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
@null
github2
Bumps <https://github.com/pypa/setuptools|setuptools> from 65.3.0 to 65.5.1. Changelog _Sourced from <https://github.com/pypa/setuptools/blob/main/CHANGES.rst|setuptools's changelog>._ > *v65.5.1* > > Misc ^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3638|#3638>: Drop a test dependency on the `mock` package, always use :external+python:py:mod:`unittest.mock` -- by :user:`hroncok` > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>: Fixed REDoS vector in package_index. > > *v65.5.0* > > Changes ^^^^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3624|#3624>: Fixed editable install for multi-module/no-package `src`-layout projects. > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3626|#3626>: Minor refactorings to support distutils using stdlib logging module. > > Documentation changes ^^^^^^^^^^^^^^^^^^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3419|#3419>: Updated the example version numbers to be compliant with PEP-440 on the "Specifying Your Project’s Version" page of the user guide. > > Misc ^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3569|#3569>: Improved information about conflicting entries in the current working directory and editable install (in documentation and as an informational warning). > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3576|#3576>: Updated version of `validate_pyproject`. > > *v65.4.1* > > Misc ^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3613|#3613>: Fixed encoding errors in `expand.StaticModule` when system default encoding doesn't match expectations for source files. > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3617|#3617>: Merge with <https://github.com/pypa/distutils/commit/6852b20|pypa/distutils@6852b20> including fix for <https://github-redirect.dependabot.com/pypa/distutils/issues/181|pypa/distutils#181>. > > *v65.4.0* > > Changes ^^^^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3609|#3609>: Merge with <https://github.com/pypa/distutils/commit/d82d926|pypa/distutils@d82d926> including support for DIST_EXTRA_CONFIG in <https://github-redirect.dependabot.com/pypa/distutils/issues/177|pypa/distutils#177>. Commits • <https://github.com/pypa/setuptools/commit/a462cb5edb324dcc56f903524b742305e4087014|`a462cb5`> Bump version: 65.5.0 → 65.5.1 • <https://github.com/pypa/setuptools/commit/de35d8be997c9f8508b425e33a1b6e52431091fa|`de35d8b`> Merge pull request <https://github-redirect.dependabot.com/pypa/setuptools/issues/3656|#3656> from bmorris3/typos • <https://github.com/pypa/setuptools/commit/58e23de0d4c2ce0f2502d072bb9a2ed1e2ab0ba6|`58e23de`> Update changelog. Ref <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>. • <https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be|`43a9c9b`> Limit the amount of whitespace to search/backtrack. Fixes <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>. • <https://github.com/pypa/setuptools/commit/579134321d4d9397c886a5cb50cc26d0e3fa4279|`5791343`> Add test capturing failed expectation. Ref <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>. • <https://github.com/pypa/setuptools/commit/1f97905bc40310ca454ff1ea3884f233b7dcc88c|`1f97905`> :black_circle: Fade to black. • <https://github.com/pypa/setuptools/commit/6254567c6ae323bb8ce19a6930ae3cc5f7fb25cc|`6254567`> Remove workaround for emacs. • <https://github.com/pypa/setuptools/commit/729b180e926634930c21ccce5558780d42707763|`729b180`> :black_circle: Fade to black. • <https://github.com/pypa/setuptools/commit/c068081a7234a0c5c322a9312654e7d0f4aaa8d1|`c068081`> Typo corrections • <https://github.com/pypa/setuptools/commit/f777a40ed9abf529906c2939f80a184a5ed035fa|`f777a40`> Suppress deprecation warning in --rsyncdir. Workaround for <https://github-redirect.dependabot.com/pypa/setuptools/issues/3655|#3655>. • Additional commits viewable in <https://github.com/pypa/setuptools/compare/v65.3.0...v65.5.1|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
github2
@null
github2
Bumps <https://github.com/pypa/setuptools|setuptools> from 65.3.0 to 65.5.1. Changelog _Sourced from <https://github.com/pypa/setuptools/blob/main/CHANGES.rst|setuptools's changelog>._ > *v65.5.1* > > Misc ^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3638|#3638>: Drop a test dependency on the `mock` package, always use :external+python:py:mod:`unittest.mock` -- by :user:`hroncok` > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>: Fixed REDoS vector in package_index. > > *v65.5.0* > > Changes ^^^^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3624|#3624>: Fixed editable install for multi-module/no-package `src`-layout projects. > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3626|#3626>: Minor refactorings to support distutils using stdlib logging module. > > Documentation changes ^^^^^^^^^^^^^^^^^^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3419|#3419>: Updated the example version numbers to be compliant with PEP-440 on the "Specifying Your Project’s Version" page of the user guide. > > Misc ^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3569|#3569>: Improved information about conflicting entries in the current working directory and editable install (in documentation and as an informational warning). > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3576|#3576>: Updated version of `validate_pyproject`. > > *v65.4.1* > > Misc ^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3613|#3613>: Fixed encoding errors in `expand.StaticModule` when system default encoding doesn't match expectations for source files. > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3617|#3617>: Merge with <https://github.com/pypa/distutils/commit/6852b20|pypa/distutils@6852b20> including fix for <https://github-redirect.dependabot.com/pypa/distutils/issues/181|pypa/distutils#181>. > > *v65.4.0* > > Changes ^^^^^^^ > > • <https://github-redirect.dependabot.com/pypa/setuptools/issues/3609|#3609>: Merge with <https://github.com/pypa/distutils/commit/d82d926|pypa/distutils@d82d926> including support for DIST_EXTRA_CONFIG in <https://github-redirect.dependabot.com/pypa/distutils/issues/177|pypa/distutils#177>. Commits • <https://github.com/pypa/setuptools/commit/a462cb5edb324dcc56f903524b742305e4087014|`a462cb5`> Bump version: 65.5.0 → 65.5.1 • <https://github.com/pypa/setuptools/commit/de35d8be997c9f8508b425e33a1b6e52431091fa|`de35d8b`> Merge pull request <https://github-redirect.dependabot.com/pypa/setuptools/issues/3656|#3656> from bmorris3/typos • <https://github.com/pypa/setuptools/commit/58e23de0d4c2ce0f2502d072bb9a2ed1e2ab0ba6|`58e23de`> Update changelog. Ref <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>. • <https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be|`43a9c9b`> Limit the amount of whitespace to search/backtrack. Fixes <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>. • <https://github.com/pypa/setuptools/commit/579134321d4d9397c886a5cb50cc26d0e3fa4279|`5791343`> Add test capturing failed expectation. Ref <https://github-redirect.dependabot.com/pypa/setuptools/issues/3659|#3659>. • <https://github.com/pypa/setuptools/commit/1f97905bc40310ca454ff1ea3884f233b7dcc88c|`1f97905`> :black_circle: Fade to black. • <https://github.com/pypa/setuptools/commit/6254567c6ae323bb8ce19a6930ae3cc5f7fb25cc|`6254567`> Remove workaround for emacs. • <https://github.com/pypa/setuptools/commit/729b180e926634930c21ccce5558780d42707763|`729b180`> :black_circle: Fade to black. • <https://github.com/pypa/setuptools/commit/c068081a7234a0c5c322a9312654e7d0f4aaa8d1|`c068081`> Typo corrections • <https://github.com/pypa/setuptools/commit/f777a40ed9abf529906c2939f80a184a5ed035fa|`f777a40`> Suppress deprecation warning in --rsyncdir. Workaround for <https://github-redirect.dependabot.com/pypa/setuptools/issues/3655|#3655>. • Additional commits viewable in <https://github.com/pypa/setuptools/compare/v65.3.0...v65.5.1|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/Disfactory/Disfactory/network/alerts|Security Alerts page>.
github2
@null