From 0de385bacd70abbca7411751f2ee62b4dea8ee89 Mon Sep 17 00:00:00 2001 From: phillybroadbent Date: Fri, 9 Feb 2024 15:02:30 +0000 Subject: [PATCH 1/6] Update django and pillow --- requirements.txt | 111 ++++++++--------------------------------------- 1 file changed, 18 insertions(+), 93 deletions(-) diff --git a/requirements.txt b/requirements.txt index e4e320f4..e2054f95 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,135 +1,60 @@ -# -# This file is autogenerated by pip-compile with python 3.9 -# To update, run: -# -# pip-compile requirements.in -# -asgiref==3.5.2 - # via django +asgiref==3.7.2 certifi==2022.12.7 - # via requests cffi==1.15.1 - # via cryptography charset-normalizer==2.1.1 - # via requests crispy-bootstrap5==0.7 cryptography==38.0.3 - # via social-auth-core defusedxml==0.7.1 - # via - # python3-openid - # social-auth-core +diff-match-patch==20230430 dj-database-url==1.0.0 - # via -r requirements.in -django==3.2.16 - # via - # -r requirements.in - # dj-database-url - # django-appconf - # django-bootstrap-datepicker-plus - # django-datetime-widget - # django-dbbackup - # django-extensions - # django-picklefield - # django-settings-export - # django-tagulous +Django==4.2 django-appconf==1.0.5 - # via django-imagekit django-bootstrap-datepicker-plus==4.0.0 - # via -r requirements.in -django-constance[database]==2.9.1 - # via -r requirements.in +django-constance==2.9.1 django-countries==7.3.2 - # via -r requirements.in django-crispy-forms==1.14.0 - # via -r requirements.in django-datetime-widget==0.9.3 - # via -r requirements.in django-dbbackup==4.0.1 - # via -r requirements.in django-extensions==3.2.0 - # via -r requirements.in django-imagekit==4.1.0 - # via -r requirements.in django-import-export==3.0.1 django-pandas==0.6.6 - # via -r requirements.in django-picklefield==3.1 - # via - # -r requirements.in - # django-constance django-settings-export==1.2.1 - # via -r requirements.in django-simple-history==3.1.1 - # via -r requirements.in django-tagulous==1.3.3 - # via -r requirements.in +et-xmlfile==1.1.0 geographiclib==1.52 - # via geopy geopy==2.2.0 - # via -r requirements.in html2text==2020.1.16 - # via -r requirements.in idna==3.3 - # via requests -markdown==3.4.1 - # via -r requirements.in +Markdown==3.4.1 +MarkupPy==1.14 numpy==1.23.2 - # via pandas oauthlib==3.2.1 - # via - # requests-oauthlib - # social-auth-core +odfpy==1.4.1 +openpyxl==3.1.2 pandas==1.4.3 - # via - # -r requirements.in - # django-pandas pilkit==2.0 - # via django-imagekit -pillow==9.3.0 - # via -r requirements.in +pillow==10.2.0 pycparser==2.21 - # via cffi -pyjwt==2.4.0 - # via social-auth-core -pypdf2==2.10.3 - # via -r requirements.in +PyJWT==2.4.0 +PyPDF2==2.10.3 python-dateutil==2.8.2 - # via pandas python-decouple==3.6 - # via -r requirements.in python-gnupg==0.5.0 - # via -r requirements.in python-magic==0.4.27 - # via -r requirements.in python3-openid==3.2.0 - # via social-auth-core pytz==2022.2.1 - # via - # django - # django-datetime-widget - # django-dbbackup - # pandas +PyYAML==6.0.1 requests==2.28.1 - # via - # requests-oauthlib - # social-auth-core requests-oauthlib==1.3.1 - # via social-auth-core six==1.16.0 - # via - # django-imagekit - # django-pandas - # python-dateutil social-auth-app-django==5.0.0 - # via -r requirements.in social-auth-core==4.3.0 - # via - # -r requirements.in - # social-auth-app-django -sqlparse==0.4.2 - # via django -typing-extensions==4.3.0 - # via django-countries +sqlparse==0.4.4 +tablib==3.5.0 +typing_extensions==4.3.0 urllib3==1.26.12 - # via requests +xlrd==2.0.1 +xlwt==1.3.0 From f14294a87698ae4e6837cfa80bbe9318eb9ab02c Mon Sep 17 00:00:00 2001 From: phillybroadbent Date: Fri, 9 Feb 2024 15:17:04 +0000 Subject: [PATCH 2/6] Update verisons of python and django in workflow and tox --- .github/workflows/django.yml | 2 +- tox.ini | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/django.yml b/.github/workflows/django.yml index ce2b9d07..a867bf0f 100644 --- a/.github/workflows/django.yml +++ b/.github/workflows/django.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: ["3.8", "3.9", "3.10"] + python-version: ["3.10", "3.11", "3.12"] fail-fast: false steps: diff --git a/tox.ini b/tox.ini index 75a4f048..99100d07 100644 --- a/tox.ini +++ b/tox.ini @@ -1,7 +1,7 @@ [tox] envlist = lint - py3-django{32,40,41} + py3-django{40,41,42} skipsdist = True [base] @@ -22,9 +22,10 @@ setenv = SECRET_KEY=test_secret_key commands = # Reinstall Django here to override version in requirements.txt - django32: pip install django~=3.2.0 + ; django32: pip install django~=3.2.0 django40: pip install django~=4.0.0 django41: pip install django~=4.1.0 + django42: pip install django~=4.2.0 coverage run --source=lowfat/ manage.py test coverage report --skip-covered From c52f45c4d9d31ce4ef9926420a5f33bbc6167625 Mon Sep 17 00:00:00 2001 From: phillybroadbent Date: Fri, 9 Feb 2024 16:08:53 +0000 Subject: [PATCH 3/6] Added workaround to enable use of pillow 10.2 necessary for security fix --- lowfat/test_urls.py | 3 +++ requirements.txt | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/lowfat/test_urls.py b/lowfat/test_urls.py index 032723d3..01f96cf0 100644 --- a/lowfat/test_urls.py +++ b/lowfat/test_urls.py @@ -12,6 +12,9 @@ testwrapper, ) +import PIL +PIL.Image.ANTIALIAS = PIL.Image.LANCZOS + class URLTest(TestCase): def setUp(self): diff --git a/requirements.txt b/requirements.txt index e2054f95..8bba1778 100644 --- a/requirements.txt +++ b/requirements.txt @@ -36,7 +36,7 @@ odfpy==1.4.1 openpyxl==3.1.2 pandas==1.4.3 pilkit==2.0 -pillow==10.2.0 +Pillow==10.2.0 pycparser==2.21 PyJWT==2.4.0 PyPDF2==2.10.3 From f311616de77b14f0936f12cba4cff17d326aca57 Mon Sep 17 00:00:00 2001 From: phillybroadbent Date: Fri, 9 Feb 2024 16:20:42 +0000 Subject: [PATCH 4/6] Edited versions of python in workflow file --- .github/workflows/django.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/django.yml b/.github/workflows/django.yml index a867bf0f..324ecf4e 100644 --- a/.github/workflows/django.yml +++ b/.github/workflows/django.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: ["3.10", "3.11", "3.12"] + python-version: ["3.9","3.10", "3.11"] fail-fast: false steps: From 560da4c2e230fdc6f0976bd7d5474bdfff2c181f Mon Sep 17 00:00:00 2001 From: phillybroadbent Date: Thu, 4 Apr 2024 14:04:33 +0100 Subject: [PATCH 5/6] Updated link to expenses form #765 --- lowfat/forms.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lowfat/forms.py b/lowfat/forms.py index 57ed8f4a..fabbf879 100644 --- a/lowfat/forms.py +++ b/lowfat/forms.py @@ -878,7 +878,7 @@ def __init__(self, *args, **kwargs): -
  • You MUST fill out the University of Edinburgh Payment of Non-Staff Expenses form. +
  • You MUST fill out the University of Edinburgh Payment of Non-Staff Expenses form which can be downloaded from this page of the SSI website.
    • Fill out Sections 1-4 (pages 1-2) and page 6.
    • Leave the visitor/student number blank.
      • From 5ebd47ea7cc7085ec8aab2ed07ca820b37902458 Mon Sep 17 00:00:00 2001 From: phillybroadbent Date: Thu, 4 Apr 2024 14:14:35 +0100 Subject: [PATCH 6/6] Updated maintainer name --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d738195b..858b1b25 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.8-slim -LABEL maintainer="James Graham " +LABEL maintainer="Philippa Broadbent " ENV PYTHONUNBUFFERED=1