A generic JSON document store with sharing and synchronisation capabilities.

Kinto

Last update: Dec 26, 2022

Comments: 17

Kinto

Kinto is a minimalist JSON storage service with synchronisation and sharing abilities.

Requirements

Python: 3.6+
Backends: In-memory (development), PostgreSQL 9.5+ (production)

Owner

Kinto

A generic JSON document store with sharing and synchronisation capabilities.

https://github.com/Kinto/kinto http://docs.kinto-storage.org/

Comments

Add account validation capability to the accounts plugin
Fixes #1973

Try it here: https://kinto.github.io/kinto-account-demo/

[x] Register a new account

[x] Send an email on account creation with a link to the activation form with the activation key

[x] Validate (activate) an account

[x] Reset a password

[x] Add documentation.

[x] Add tests.

[x] Add a changelog entry.

[x] If you changed the HTTP API, update the API_VERSION constant and add an API changelog entry in the docs

[x] If you added a new configuration setting, update the kinto.tpl file with it.

[x] Only load validate and reset-password endpoints if the email_validation feature is activated More info

[x] Update the capabilities to add a boolean info in the accounts feature rather than having multiple capabilities More info

[ ] Add a heartbeat that would try to connect to the SMTP service to validate that we can send emails, it would default to true in debug mode. See pyramld_mailer related discussion

[x] Move the mail sending to a listener/dedicated functions

This is a work in progress, may I have some feedback on the current work before pushing forward with the reset password functionality and the documentation?

Thanks!
Openid connect support (fixes #939)
Fixes #939

[x] Add docs

[x] Move to plugins folder

[x] Choose appropriate settings name

[x] Add tests

[x] Publish demo somewhere?

[x] Create issue for kinto-admin support

[ ] Add mention in Github tutorial ? ref #508

[x] Polish OpenAPI spec

[x] Reject scope that does not contain email if the configured userid_field is email

[ ] Implement the scope filtering as we did for kinto-fxa

We could make this piece of code work with both Auth0 and Firefox Accounts \o/

@rfk f?
[WIP] Optimize postgresql storage get all fixes 1507
Fixes #1507

[ ] Add documentation.

[x] Add tests.

[x] Add a changelog entry.

[x] Add your name in the contributors file.

[ ] If you changed the HTTP API, update the API_VERSION constant and add an API changelog entry in the docs

[ ] If you added a new configuration setting, update the kinto.tpl file with it.
Add OpenAPI/Swagger spec (fixes #631)
Fixes #631

Features:

OpenAPI documentation resource at /v1/swagger.json

Works with Swagger codegen and Bravado automated client generators.

It's compatible with Swagger UI and Apiary interactive documentation generators. You can try them on Swagger Hub or Apiary.io (although working with basicAuth there is tricky).

Tests for semantic and logic using bravado_core.

Limitations:

No support for schema free fields.

Treated like extensions for code generators (may raise warnings on other utilities)

No filtering

No field selection

No validation on collection schema

No validation on OR required clauses (ex: provide data or permissions)

No validation for fields that are required on response, but not on request (ex: id doesn't show as a required field), doing so would result in two different object definitions for each object, which would add unnecessary complexity to the clients IMO)

Backoff headers

Pending:

[x] Investigate memory usage on py27-raw TOX environment.

[x] Allow setting the spec on configuration.

[x] Allow plugins to register themselves to the spec.

[x] Use YAML instead of JSON.

[x] Allow other authentication methods. (may be defined as regular plugins)

[x] Add Custom Headers (If-Match/If-None-Match/Etag)

[x] Add utility tests

[x] Investigate ways to test for coverage (we test all operations with test_resources)

[x] Add more descriptions to the spec.

[x] Add batch validation tests

[x] Upgrade documentation.

[x] Add a changelog entry.

[x] Update the API changelog.

r? @glasserc @Natim @leplatrem
Thoughts about a "register to newsletter" plugin
The idea is that sometimes a new record has to be created from a front-end, with the "admin" rights, but we obviously don't want the admin credentials to be available on the front-end.

Such a case is when you want to allow a user to register to a newsletter on your website: if you create all the records with the same user, that same user can view the list of all the registered emails for the newsletter (even if the permissions don't include read : system.Everyone, as an owner it has the read permission).

So this plugin would add an endpoint that would allow an anonymous POST to create a record as a different registered user, transferring the ownership.

Example configuration:

kinto.newsletter.bucket = myproject kinto.newsletter.collection = newsletter kinto.newsletter.owner = account:admin

Example usage:

echo '{"data": {"email": "[email protected]", "name": "test name"}}' | http POST https://kinto.server/v1/newsletter

Propositions:

instead of adding a /newsletter root endpoint it could be a "leaf" endpoint like the kinto-attachment plugin does: http POST https://..../v1/buckets/foo/collections/bar/newsletter

this plugin could be more generic and be "create-for-owner" or "create-as-account", and you could be able to create a record and pass in the owner as metadata: echo '{"data": {...}, "owner": "account:admin"} | http POST .... In this case, we might want to discuss the security and configuration implications (provide a list of allowed owners? A list of allowed resources to create with a different owner?)

As a heads up: the same "newsletter" use case could be fixed by having finer grained permissions (eg a "read-only" permission that would not give read access to the owner/creator).
Do we need to support get_all with a wildcard parent_id?

While investigating #1507, @peterbe discovered that the DISTINCT doesn't really make sense unless you have a wildcard parent_id. He proved this to his own satisfaction by removing DISTINCT and observing that no tests break.

Under what circumstances do we even have a wildcard parent_id? Unlike delete, where you might want to delete a thing and all its children, I couldn't think of a way to invoke this mechanism using the HTTP API. Indeed, there's a subtle bug in the current query and the fact that nobody has reported it makes me suspect that nobody ever actually uses it. Can we get rid of it?
record:create permissions needs to access the schema.
I had a quick chat with @enguerran who is planning to use Kinto with a similar use case than the formbuilder:

People can create collection with an associate schema in a bucket:

bucket_permissions: collection_create: Authenticated

collection_permissions: record:create: Authenticated

The problem if you do that is that people that needs to create record in the collection cannot actually access the schema.

However if you add the read permission on the collection, they can read the schema as well as all records in the collection (their and other's people onces.)

The use case there is to have the admin to be able to read all records and users to be able to see only their own records for a given collection.

We also want to be able to list the collection the user can administrate. It makes it impossible if we give the read permission on the collection.

A quick fix would be to allow to read the schema or the collection data if we give the record:create permission.
Consistency on PUT with mandatory schema fields
While working on #790 I realize that there is something not clear in our specifications.

Currently, if a resource has a mandatory field (eg. groups members), then we cannot do a PUT with just the permissions values. This is because a PUT can lead to a creation, and the members fields has to be provided.

On other resources, which have no mandatory field, it is perfectly possible to only provide permissions.

But, I believe we should make every resources behave the same way.

For example, when we'll implement the edition of permissions in Kinto-admin, we don't want to have to pass the data if it was not changed.

Two solutions:

Add a default value ([]) for the groups members attribute (my prefered one, trivial and not absurd)

Allow data to be omitted only when the PUT replaces an existing object (more complex to implement, but would work for any resource with mandatory fields)
Move up to fstrings
Fixes #1659

For when it's necessary to drop support for older Python Versions.

[x] kinto/config/__init__.py

[x] kinto/schema_validation.py

[x] kinto/core/scripts.py

[x] kinto/core/openapi.py

[x] kinto/core/__init__.py

[x] kinto/core/utils.py

[x] kinto/core/cache/postgresql/__init__.py

[x] kinto/core/storage/memory.py

[x] kinto/core/storage/exceptions.py

[x] kinto/core/storage/postgresql/client.py

[x] kinto/core/storage/testing.py

[x] kinto/core/statsd.py

[x] kinto/core/initialization.py

[x] kinto/core/resource/model.py

[x] kinto/core/resource/schema.py

[x] kinto/core/permission/memory.py

[x] kinto/core/views/heartbeat.py

[x] kinto/core/views/errors.py

[x] kinto/core/views/batch.py

[x] kinto/core/testing.py

[x] kinto/plugins/quotas/scripts.py

[x] kinto/plugins/quotas/listener.py

[x] kinto/plugins/openid/__init__.py

[x] kinto/plugins/openid/views.py

[x] kinto/plugins/default_bucket/__init__.py

[x] kinto/plugins/history/listener.py

[x] kinto/authorization.py

[x] kinto/views/records.py

[x] kinto/core/authentication.py

[x] kinto/core/events.py

[x] kinto/core/storage/postgresql/__init__.py

[x] kinto/core/storage/postgresql/migrator.py

[x] kinto/core/errors.py

[x] kinto/core/resource/__init__.py

[x] kinto/core/resource/viewset.py

[x] kinto/core/permission/postgresql/__init__.py

[x] kinto/core/authorization.py

[x] kinto/plugins/accounts/scripts.py

[x] kinto/plugins/accounts/__init__.py

[x] kinto/plugins/accounts/views.py

[x] kinto/plugins/accounts/authentication.py

[x] kinto/views/permissions.py

[x] kinto/views/groups.py

[x] kinto/__main__.py

Cleanup

[x] Add documentation.

[x] Add tests.

[x] Add a changelog entry.
Performance of plural endpoint with millions of records
Reaching a plural endpoint with a million record should be super fast when using pagination (?_limit=10) or filtering. Apparently, it's not the case.

I suspect https://github.com/Kinto/kinto/pull/1267 to be responsible for the regression.

See https://github.com/mozilla-services/buildhub/issues/350 (840K records)

For anyone interested in tackling this, here is a quick way to fill up a collection with fake records:

$ psql -h localhost -U postgres -w DO $$ BEGIN FOR i IN 1..100000 LOOP INSERT INTO records (id, parent_id, collection_id) VALUES ('id-' || i, '/buckets/a/collections/b', 'record'); END LOOP; END; $$;
Thoughts about an "accounts registration" plugin

Following some discussions, here's my rough thoughts on creating an "accounts registration" plugin. The use case is having a flow for users to 1/ register an account 2/ receive a "registration code" via email 2/ validate their email using this "registration code" 3/ reset their password if needed

Register an account

1/ anonymous POST on /accountsmgmt/register/<email> 2/ this creates a record {"id": email, "password": hash, "registration-code": uuid} 3/ an email is sent with a link to /accountsmgmt/register/validate/<registration-code> 4/ GETing /accountsmgmt/register/validate/<registration-code> returns the ID which is the username (the email) 5/ POSTing to /accountsmgmt/register/validate/<registration-code> creates a kinto account with the same id and password, and updates the current "register" record to mark it as used (or deletes it)

Resetting a password

1/ anonymous POST on acountsmgmt/resetpassword/<email> 2/ this creates a record {"id": email, "reset-code": uuid} 3/ an email is sent with a link to /accountsmgmt/resetpassword/reset/<reset-code> 4/ GETing /accountsmgmt/resetpassword/<reset-code> returns the ID which is the username (the email) 5/ POSTing the new password to /accountsmgmt/resetpassword/reset/<reset-code> updates the kinto account with the same ID, and updates the current "register" record to mark it as used (or deletes it)

Using the email (username) as the ID as the advantage of not having several registration or password reset codes laying around for the same user. The drawback is that we're not benefiting from the "kinto resource" management as we're GET/POST-ing on endpoints that are the registration or password reset codes, and not the IDs.

Not sure if that makes sense? Do you have any feedback, ideas or tips?
Bump tox from 3.27.1 to 4.0.18
Bumps tox from 3.27.1 to 4.0.18.

Release notes

Sourced from tox's releases.

4.0.18

What's Changed

Handle whitespace around requirements by @gaborbernat in tox-dev/tox#2779

Full Changelog: https://github.com/tox-dev/tox/compare/4.0.17...4.0.18

4.0.17

What's Changed

Suppress a report output when verbosity = 0. by @q0w in tox-dev/tox#2774

Fix --sdistonly behaviour by @q0w in tox-dev/tox#2775

Override toxworkdir with --workdir. by @q0w in tox-dev/tox#2776

New Contributors

@q0w made their first contribution in tox-dev/tox#2774

Full Changelog: https://github.com/tox-dev/tox/compare/4.0.16...4.0.17

4.0.16

What's Changed

Fix change_dir is not always relative to tox_root by @gaborbernat in tox-dev/tox#2761

Full Changelog: https://github.com/tox-dev/tox/compare/4.0.15...4.0.16

4.0.15

What's Changed

test_sequential: resolve() the system_executable by @masenf in tox-dev/tox#2751

Fix provisioning by @gaborbernat in tox-dev/tox#2750

Fix complex negative factor filters not working by @gaborbernat in tox-dev/tox#2757

Full Changelog: https://github.com/tox-dev/tox/compare/4.0.14...4.0.15

4.0.14

What's Changed

Ignore non-test section names and invalid factor filters by @gaborbernat in tox-dev/tox#2748

Full Changelog: https://github.com/tox-dev/tox/compare/4.0.13...4.0.14

4.0.13

What's Changed

Fix plain section shadows env config by @gaborbernat in tox-dev/tox#2742

Fix space not accepted in factor filter expression by @gaborbernat in tox-dev/tox#2744

Full Changelog: https://github.com/tox-dev/tox/compare/4.0.12...4.0.13

4.0.12

... (truncated)

Changelog

Sourced from tox's changelog.

v4.0.18 (2022-12-26)

Bugfixes - 4.0.18

- Strip leading and trailing whitespace when parsing elements in requirement files - by :user:`gaborbernat`. (:issue:`2773`) v4.0.17 (2022-12-25)
Features - 4.0.17

Suppress a report output when verbosity = 0. (:issue:2697)

Bugfixes - 4.0.17

- Fix ``--sdistonly`` behaviour. (:issue:`2653`) - Override toxworkdir with --workdir. (:issue:`2654`) v4.0.16 (2022-12-20)
Bugfixes - 4.0.16

Fix :ref:change_dir is relative to current working directory rather than to the :ref:tox_root when using the -c argument to locate the tox.ini file - by :user:gaborbernat. (:issue:2619)

v4.0.15 (2022-12-19)

Bugfixes - 4.0.15

- Fix tox auto-provisioning not working and relax :ref:`min_version` default from ``4.0`` to no version constraint - by user:`gaborbernat`. (:issue:`2634`) - Fix assertion in ``test_result_json_sequential`` when interpreter ``_base_executable`` is a hardlink (macOS homebrew) - by user:`masenf`. (:issue:`2720`) - Complex negative factor filters not working - by user:`gaborbernat`. (:issue:`2747`) v4.0.14 (2022-12-18)
Bugfixes - 4.0.14

Do not include non test environment sections or factor filters in INI configuration to factor discovery - by :user:gaborbernat. (:issue:2746)

... (truncated)

Commits

2ec5879 release 4.0.18

acac244 Handle whitespace around requirements (#2779)

d970c76 release 4.0.17

bf87bea Override toxworkdir with --workdir. (#2776)

a36ff9d Fix --sdistonly behaviour (#2775)

b0c3cf6 Suppress a report output when verbosity = 0. (#2774)

d8e86dd Update README.md

463cd12 Update README.md

f460c84 release 4.0.16

47052d4 Fix change_dir is not always relative to tox_root (#2761)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bump isort from 5.10.1 to 5.11.4
Bumps isort from 5.10.1 to 5.11.4.

Release notes

Sourced from isort's releases.

5.11.4

Changes

Remove obsolete toml import from the test suite (#1978) @mgorny

Stop installing documentation files to top-level site-packages (#2057) @mgorny

Only run release workflows for upstream (#2052) @hugovk

:package: Dependencies

Bump Poetry 1.3.1 (#2058) @staticdev

5.11.3

Changes

Renable portray (#2043) @timothycrosley

chore(ci): add minimum GitHub token permissions for workflows (#1969) @varunsh-coder

:beetle: Fixes

Fix packaging pypoetry (#2042) @staticdev

Fix settings for py3.11 (#2040) @staticdev

:construction_worker: Continuous Integration

General CI improvements (#2041) @staticdev

Add release workflow (#2026) @staticdev

v5.11.3

Changes

Renable portray (#2043) @timothycrosley

chore(ci): add minimum GitHub token permissions for workflows (#1969) @varunsh-coder

:beetle: Fixes

Fix packaging pypoetry (#2042) @staticdev

Fix settings for py3.11 (#2040) @staticdev

:construction_worker: Continuous Integration

General CI improvements (#2041) @staticdev

Add release workflow (#2026) @staticdev

5.11.2

Changes

Hotfix for --version. (#2035) @felixxm

5.11.1

Changes December 12 2022

... (truncated)

Changelog

Sourced from isort's changelog.

5.11.4 December 21 2022

Fixed #2038 (again): stop installing documentation files to top-level site-packages (#2057) @mgorny

CI: only run release workflows for upstream (#2052) @hugovk

Tests: remove obsolete toml import from the test suite (#1978) @mgorny

CI: bump Poetry 1.3.1 (#2058) @staticdev

5.11.3 December 16 2022

Fixed #2007: settings for py3.11 (#2040) @staticdev

Fixed #2038: packaging pypoetry (#2042) @staticdev

Docs: renable portray (#2043) @timothycrosley

Ci: add minimum GitHub token permissions for workflows (#1969) @varunsh-coder

Ci: general CI improvements (#2041) @staticdev

Ci: add release workflow (#2026) @staticdev

5.11.2 December 12 2022

Hotfix #2034: isort --version is not accurate on 5.11.x releases (#2034) @gschaffner

5.11.1 December 12 2022

Hotfix #2031: only call colorama.init if colorama is available (#2032) @tomaarsen

5.11.0 December 12 2022

Added official support for Python 3.11 (#1996, #2008, #2011) @staticdev

Dropped support for Python 3.6 (#2019) @barrelful

Fixed problematic tests (#2021, #2022) @staticdev

Fixed #1960: Rich compatibility (#1961) @ofek

Fixed #1945, #1986: Python 4.0 upper bound dependency resolving issues @staticdev

Fixed Pyodide CDN URL (#1991) @andersk

Docs: clarify description of use_parentheses (#1941) @mgedmin

Fixed #1976: black compatibility for .pyi files @XuehaiPan

Implemented #1683: magic trailing comma option (#1876) @legau

Add missing space in unrecoverable exception message (#1933) @andersk

Fixed #1895: skip-gitignore: use allow list, not deny list @bmalehorn

Fixed #1917: infinite loop for unmatched parenthesis (#1919) @anirudnits

Docs: shared profiles (#1896) @matthewhughes934

Fixed build-backend values in the example plugins (#1892) @mgorny

Remove reference to jamescurtin/isort-action (#1885) @AndrewLane

Split long cython import lines (#1931) @davidcollins001

Update plone profile: copy of black, plus three settings. (#1926) @mauritsvanrees

Fixed #1815, #1862: Add a command-line flag to sort all re-exports (#1863) @parafoxia

Fixed #1854: lines_before_imports appending lines after comments (#1861) @legau

Remove redundant multi_line_output = 3 from "Compatibility with black" (#1858) @jdufresne

Add tox config example (#1856) @umonaca

Docs: add examples for frozenset and tuple settings (#1822) @sgaist

Docs: add multiple config documentation (#1850) @anirudnits

Commits

98390f5 Merge pull request #2059 from PyCQA/version/5.11.4

df69a05 Bump version 5.11.4

f9add58 Merge pull request #2058 from PyCQA/deps/poetry-1.3.1

36caa91 Bump Poetry 1.3.1

3c2e2d0 Merge pull request #1978 from mgorny/toml-test

45d6abd Remove obsolete toml import from the test suite

3020e0b Merge pull request #2057 from mgorny/poetry-install

a6fdbfd Stop installing documentation files to top-level site-packages

ff306f8 Fix tag template to match old standard

227c4ae Merge pull request #2052 from hugovk/main

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bump sentry-sdk from 1.11.1 to 1.12.1
Bumps sentry-sdk from 1.11.1 to 1.12.1.

Release notes

Sourced from sentry-sdk's releases.

1.12.1

Various fixes & improvements

Link errors to OTel spans (#1787) by @antonpirker

1.12.0

Basic OTel support

This adds support to automatically integrate OpenTelemetry performance tracing with Sentry.

See the documentation on how to set it up: https://docs.sentry.io/platforms/python/performance/instrumentation/opentelemetry/

Give it a try and let us know if you have any feedback or problems with using it.

By: @antonpirker (#1772, #1766, #1765)

Various fixes & improvements

Tox Cleanup (#1749) by @antonpirker

CI: Fix Github action checks (#1780) by @Zylphrex

Profiling: Introduce active thread id on scope (#1764) by @Zylphrex

Profiling: Eagerly hash stack for profiles (#1755) by @Zylphrex

Profiling: Resolve inherited method class names (#1756) by @Zylphrex

Changelog

Sourced from sentry-sdk's changelog.

1.12.1

Various fixes & improvements

Link errors to OTel spans (#1787) by @antonpirker

1.12.0

Basic OTel support

This adds support to automatically integrate OpenTelemetry performance tracing with Sentry.

See the documentation on how to set it up: https://docs.sentry.io/platforms/python/performance/instrumentation/opentelemetry/

Give it a try and let us know if you have any feedback or problems with using it.

By: @antonpirker (#1772, #1766, #1765)

Various fixes & improvements

Tox Cleanup (#1749) by @antonpirker

CI: Fix Github action checks (#1780) by @Zylphrex

Profiling: Introduce active thread id on scope (#1764) by @Zylphrex

Profiling: Eagerly hash stack for profiles (#1755) by @Zylphrex

Profiling: Resolve inherited method class names (#1756) by @Zylphrex

Commits

ab1496f release: 1.12.1

6959941 Link errors to OTel spans (#1787)

561cd4b Merge branch 'release/1.12.0'

abfdce8 Updated changelog

0a02915 release: 1.12.0

d0eed0e Basic OTel support (#1772)

eb0db0a Tox Cleanup (#1749)

dd26fbe fix(ci): Fix Github action checks (#1780)

b1290c6 feat(profiling): Introduce active thread id on scope (#1764)

46697dd Add instrumenter config to switch between Otel and Sentry instrumentation. (#...

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bump black from 22.10.0 to 22.12.0
Bumps black from 22.10.0 to 22.12.0.

Release notes

Sourced from black's releases.

22.12.0

Preview style

Enforce empty lines before classes and functions with sticky leading comments (#3302)

Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)

Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)

Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

Configuration

Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)

Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

Parser

Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

Integrations

Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

Changelog

Sourced from black's changelog.

22.12.0

Preview style

Enforce empty lines before classes and functions with sticky leading comments (#3302)

Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)

Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)

Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

Configuration

Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)

Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

Parser

Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

Integrations

Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

Commits

2ddea29 Prepare release 22.12.0 (#3413)

5b1443a release: skip bad macos wheels for now (#3411)

9ace064 Bump peter-evans/find-comment from 2.0.1 to 2.1.0 (#3404)

19c5fe4 Fix CI with latest flake8-bugbear (#3412)

d4a8564 Bump sphinx-copybutton from 0.5.0 to 0.5.1 in /docs (#3390)

2793249 Wordsmith current_style.md (#3383)

d97b789 Remove whitespaces of whitespace-only files (#3348)

c23a5c1 Clarify that Black runs with --safe by default (#3378)

8091b25 Correctly handle trailing commas that are inside a line's leading non-nested ...

ffaaf48 Compare each .gitignore found with an appropiate relative path (#3338)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bump sqlalchemy from 1.4.44 to 1.4.45
Bumps sqlalchemy from 1.4.44 to 1.4.45.

Release notes

Sourced from sqlalchemy's releases.

1.4.45

Released: December 10, 2022

orm

[orm] [bug] Fixed bug where _orm.Session.merge() would fail to preserve the current loaded contents of relationship attributes that were indicated with the _orm.relationship.viewonly parameter, thus defeating strategies that use _orm.Session.merge() to pull fully loaded objects from caches and other similar techniques. In a related change, fixed issue where an object that contains a loaded relationship that was nonetheless configured as lazy='raise' on the mapping would fail when passed to _orm.Session.merge(); checks for "raise" are now suspended within the merge process assuming the _orm.Session.merge.load parameter remains at its default of True.

Overall, this is a behavioral adjustment to a change introduced in the 1.4 series as of #4994, which took "merge" out of the set of cascades applied by default to "viewonly" relationships. As "viewonly" relationships aren't persisted under any circumstances, allowing their contents to transfer during "merge" does not impact the persistence behavior of the target object. This allows _orm.Session.merge() to correctly suit one of its use cases, that of adding objects to a Session that were loaded elsewhere, often for the purposes of restoring from a cache.

References: #8862

[orm] [bug] Fixed issues in _orm.with_expression() where expressions that were composed of columns that were referenced from the enclosing SELECT would not render correct SQL in some contexts, in the case where the expression had a label name that matched the attribute which used _orm.query_expression(), even when _orm.query_expression() had no default expression. For the moment, if the _orm.query_expression() does have a default expression, that label name is still used for that default, and an additional label with the same name will continue to be ignored. Overall, this case is pretty thorny so further adjustments might be warranted.

References: #8881

engine

[engine] [bug] Fixed issue where _engine.Result.freeze() method would not work for textual SQL using either _sql.text() or _engine.Connection.exec_driver_sql().

References: #8963

... (truncated)

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bump newrelic from 8.4.0 to 8.5.0
Bumps newrelic from 8.4.0 to 8.5.0.

Release notes

Sourced from newrelic's releases.

v8.5.0

https://docs.newrelic.com/docs/release-notes/agent-release-notes/python-release-notes/python-agent-80500/

Commits

fd0fd01 Fix Type Constructor Classes in Code Level Metrics (#708)

f977ba6 Add TraceCache Guarded Iteration (#704)

a63e33f Update instrumented methods in redis. (#707)

b849010 Reverts removal of flask_restful hooks. (#705)

864f086 Fix bug in celery where works don't report data (#696)

87b649f Validator transfer from fixtures.py to validators directory, Part 2 (#690)

67feaa7 Remove pylint codes from flake8 config (#701)

60a5d68 Fix tornado master tests & instrument redis 4.3.5 (#695)

eead7a7 Fix Confluent Kafka Producer Arguments (#699)

eb28b52 Pin Github Actions Runner to Ubuntu 20 for Py27 (#698)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Nerd-Storage is a simple web server for sharing files on the local network.

Nerd-Storage is a simple web server for sharing files on the local network. It supports the download of files and directories, the upload of multiple files at once, making a directory, updates and deletions.

Jun 7, 2022

Barman - Backup and Recovery Manager for PostgreSQL

Barman, Backup and Recovery Manager for PostgreSQL Barman (Backup and Recovery Manager) is an open-source administration tool for disaster recovery of

Dec 30, 2022

An open source multi-tool for exploring and publishing data

Datasette An open source multi-tool for exploring and publishing data Datasette is a tool for exploring and publishing data. It helps people take data

Jan 1, 2023

A Terminal Client for MySQL with AutoCompletion and Syntax Highlighting.

mycli A command line client for MySQL that can do auto-completion and syntax highlighting. HomePage: http://mycli.net Documentation: http://mycli.net/

Jan 7, 2023

Postgres CLI with autocompletion and syntax highlighting

A REPL for Postgres This is a postgres client that does auto-completion and syntax highlighting. Home Page: http://pgcli.com MySQL Equivalent: http://

Dec 30, 2022

Automatic SQL injection and database takeover tool

sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of

Jan 2, 2023

Fully Automated YouTube Channel ▶️with Added Extra Features.

Fully Automated Youtube Channel ▒█▀▀█ █▀▀█ ▀▀█▀▀ ▀▀█▀▀ █░░█ █▀▀▄ █▀▀ █▀▀█ ▒█▀▀▄ █░░█ ░░█░░ ░▒█░░ █░░█ █▀▀▄ █▀▀ █▄▄▀ ▒█▄▄█ ▀▀▀▀ ░░▀░░ ░▒█░░ ░▀▀▀ ▀▀▀░

Jan 2, 2023

CaterApp is a cross platform, remotely data sharing tool created for sharing files in a quick and secured manner.

CaterApp is a cross platform, remotely data sharing tool created for sharing files in a quick and secured manner. It is aimed to integrate this tool with several more features including providing a User Interface.

Jun 27, 2021

Delta Sharing: An Open Protocol for Secure Data Sharing

Delta Sharing: An Open Protocol for Secure Data Sharing Delta Sharing is an open protocol for secure real-time exchange of large datasets, which enabl

Jan 2, 2023

The-Secret-Sharing-Schemes - This interactive script demonstrates the Secret Sharing Schemes algorithm

The-Secret-Sharing-Schemes This interactive script demonstrates the Secret Shari

Jan 2, 2022

File-sharing-Bot: Telegram Bot to store Posts and Documents and it can Access by Special Links.

File-sharing-Bot Telegram Bot to store Posts and Documents and it can Access by Special Links. I Guess This Will Be Usefull For Many People..... ?? .

Dec 17, 2021

Genalog is an open source, cross-platform python package allowing generation of synthetic document images with custom degradations and text alignment capabilities.

Dec 22, 2022

Generic framework for historical document processing

dhSegment dhSegment is a tool for Historical Document Processing. Its generic approach allows to segment regions and extract content from different ty

Dec 24, 2022

Open Source research tool to search, browse, analyze and explore large document collections by Semantic Search Engine and Open Source Text Mining & Text Analytics platform (Integrates ETL for document processing, OCR for images & PDF, named entity recognition for persons, organizations & locations, metadata management by thesaurus & ontologies, search user interface & search apps for fulltext search, faceted search & knowledge graph)

Open Semantic Search https://opensemanticsearch.org Integrated search server, ETL framework for document processing (crawling, text extraction, text a

Jan 6, 2023

Python library for serializing any arbitrary object graph into JSON. It can take almost any Python object and turn the object into JSON. Additionally, it can reconstitute the object back into Python.

jsonpickle jsonpickle is a library for the two-way conversion of complex Python objects and JSON. jsonpickle builds upon the existing JSON encoders, s

Jan 2, 2023

Same as json.dumps or json.loads, feapson support feapson.dumps and feapson.loads

Dec 1, 2021

A generic JSON document store with sharing and synchronisation capabilities.

Kinto

Requirements

Owner

Kinto

Comments

Add account validation capability to the accounts plugin

Openid connect support (fixes #939)

[WIP] Optimize postgresql storage get all fixes 1507

Add OpenAPI/Swagger spec (fixes #631)

Thoughts about a "register to newsletter" plugin

Do we need to support get_all with a wildcard parent_id?

record:create permissions needs to access the schema.

Consistency on PUT with mandatory schema fields

Move up to fstrings

Cleanup

Performance of plural endpoint with millions of records

Thoughts about an "accounts registration" plugin

Register an account

Resetting a password

Bump tox from 3.27.1 to 4.0.18

4.0.18

What's Changed

4.0.17

What's Changed

New Contributors

4.0.16

What's Changed

4.0.15

What's Changed

4.0.14

What's Changed

4.0.13

What's Changed

4.0.12

v4.0.18 (2022-12-26)

v4.0.17 (2022-12-25)

v4.0.16 (2022-12-20)

v4.0.15 (2022-12-19)

v4.0.14 (2022-12-18)

Bump isort from 5.10.1 to 5.11.4

5.11.4

Changes

:package: Dependencies

5.11.3

Changes

:beetle: Fixes

:construction_worker: Continuous Integration

v5.11.3

Changes

:beetle: Fixes

:construction_worker: Continuous Integration

5.11.2

Changes

5.11.1

Changes December 12 2022

5.11.4 December 21 2022

5.11.3 December 16 2022

5.11.2 December 12 2022

5.11.1 December 12 2022

5.11.0 December 12 2022

Bump sentry-sdk from 1.11.1 to 1.12.1

1.12.1

Various fixes & improvements

1.12.0

Basic OTel support

Various fixes & improvements

1.12.1

Various fixes & improvements

1.12.0

Basic OTel support

Various fixes & improvements

Bump black from 22.10.0 to 22.12.0

22.12.0

Preview style

Configuration

Parser

Integrations

22.12.0

Preview style