一个使用drf写的管理项目,包括工单、sql审核、cmdb
syklinux, updated
🕥
2022-12-08 01:01:25
admin-drf
开源运维平台
drf:
doc:
此版本为开发版,用于研究与学习!
安装python 3.6
1 安装依赖
bash
sudo yum -y install openssl-devel readline-devel
2 下载并安装python
bash
wget https://www.python.org/ftp/python/3.6.6/Python-3.6.6.tgz
tar -xzf Python-3.6.6.tgz
cd Python-3.6.6
./configure --prefix=/usr/local/python36
sudo make
sudo make install
3 配置pip
bash
sudo tee /etc/pip.conf <<EOF
[global]
index-url = http://pypi.douban.com/simple
trusted-host = pypi.douban.com
[list]
format=columns
EOF
4 安装与初始化virtualenv
bash
sudo /usr/local/python36/bin/pip3 install virtualenv
/usr/local/python36/bin/virtualenv ~/python36env
安装数据库
安装mariadb
bash
sudo yum -y install mariadb mariadb-server mariadb-devel
配置mariadb
修改/etc/my.cnf,在[mysqld]下面增加如下几行配置
ini
[mysqld]
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
起动服务
bash
sudo systemctl start mariadb
sudo systemctl enable mariadb
初始化mariadb
这里设置root密码为 123456
bash
mysql_secure_installation
创建数据库
bash
mysql -uroot -p123456 -e "create database ops CHARACTER SET utf8;"
部署
下载源码
bash
cd ~
git clone https://github.com/syklinux/admin-drf.git
安装依赖包
cd admin-drf/
pip install -r requirements.txt
修改配置文件
配置文件路径在 admin-drf/ops/settings.py
配置mysql
python
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': "ops",
'USER': 'root',
'PASSWORD': "123456",
'HOST': "127.0.0.1",
'PORT': "3306",
'OPTIONS': {
'init_command': "SET storage_engine=INNODB;SET sql_mode='STRICT_TRANS_TABLES'"
}
}
}
同步表结果
在操作之前需要在目录下创建一个logs的目录用于存放日志
mkdir logs
先生成user的迁移文件,然后同步
bash
source ~/python36env/bin/activate
python manage.py makemigrations users
python manage.py migrate
接下来同步其它app的表结构
bash
python manage.py makemigrations cabinet idcs manufacturers menu products servers sqlmng workorder
python manage.py migrate idcs
python manage.py migrate cabinet
python manage.py migrate manufacturers
python manage.py migrate products
python manage.py migrate menu
python manage.py migrate servers
python manage.py migrate sqlmng
python manage.py migrate workorder
创建管理员用户
bash
python manage.py createsuperuser --username admin --email [email protected]
同步菜单
bash
python scripts/import_menu.py
起动服务
python manage.py runserver 0.0.0.0:8000
接下来就可以访问啦:
http://your-ip:8000/ api root
http://your-ip:8000/docs/ api 文档
sql上线
需要安装inception
https://github.com/mysql-inception/inception
注意bison版本,centos7如果yum安装bison,会因为版本过高导致编译报错
一、安装依赖
yum -y install cmake libncurses5-dev libssl-dev g++ bison gcc gcc-c++ openssl-devel ncurses-devel mysql MySQL-python
wget http://ftp.gnu.org/gnu/bison/bison-2.5.1.tar.gz
tar -zxvf bison-2.5.1.tar.gz
cd bison-2.5.1
./configure
make
make install
安装 inception
cd /usr/local/
wget https://github.com/mysql-inception/inception/archive/master.zip
unzip master.zip
cd inception-master/
sh inception_build.sh builddir linux
三、修改配置
``` vi /etc/inc.cnf
[inception]
general_log=1
general_log_file=inc.log
port=6669
socket=/tmp/inc.socket
character-set-client-handshake=0
character-set-server=utf8
inception_remote_system_password=123456
inception_remote_system_user=root
inception_remote_backup_port=3306
inception_remote_backup_host=127.0.0.1
inception_support_charset=utf8
inception_enable_nullable=0
inception_check_primary_key=1
inception_check_column_comment=1
inception_check_table_comment=1
inception_osc_min_table_size=1
inception_osc_bin_dir=/usr/bin
inception_osc_chunk_time=0.1
inception_ddl_support=1
inception_enable_blob_type=1
inception_check_column_default_value=1
```
四、启动
$ nohup inception/debug/mysql/bin/Inception --defaults-file=/etc/inc.cnf &
五、客户端连接
mysql -uroot -h127.0.0.1 -P 6669
MySQL [(none)]> inception get variables;
+------------------------------------------+-------------------------------------------+
| Variable_name | Value |
+------------------------------------------+-------------------------------------------+
| autocommit | OFF |
| bind_address | * |
| character_set_system | utf8 |
。。。 。。。
pymysql包改造
修改pymysql/cursors.py 352行,改为:
if not self._defer_warnings:
# self._show_warnings()
pass
修改pymysql/connections.py 781行:改为:
def _request_authentication(self):
if self.server_version.split('.', 1)[0] == 'Inception2':
self.client_flag |= CLIENT.MULTI_RESULTS
elif int(self.server_version.split('.', 1)[0]) >= 5:
self.client_flag |= CLIENT.MULTI_RESULTS
备份库需要设置如下:
线上mysql需要配置如下:
bin-log=mysql-bin
binlog_format = MIXED
server-id =1
zabbix
zabbix是直接关联到数据库操作数据库的,该版本只适用于zabbix3.4。不需要migrate zabbix这个app。
服务器数据格式化
json
{
"hostname": "vm-mengdian-api-01",
"os": "centos6.5",
"manufacturer": "kvm",
"model_name": "kvm",
"uuid": "ASYDIA7SD89ASDASDHO",
"server_cpu": "4",
"server_mem": "128",
"disk": "500G",
"device": [
{
"name":"eth0",
"ips":[
{"ip_addr":"10.10.10.10","netmask":"255.255.255.0"}
],
"mac":"00:00:00:00:00:01"
}
],
"sn": "ASUDIOASD",
"manage_ip": "10.10.10.10"
}
Issues
Bump certifi from 2018.1.18 to 2022.12.7
opened on 2022-12-08 01:01:25 by dependabot[bot]Bumps certifi from 2018.1.18 to 2022.12.7.
Commits
9e9e8402022.12.07b81bdb22022.09.24939a28f2022.09.14aca828a2022.06.15.2de0eae1Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...b8eb5e92022.06.15.147fb7abFix deprecation warning on Python 3.11 (#199)b0b48e0fixes #198 -- update link in license9d514b42022.06.154151e88Add py.typed to MANIFEST.in to package in sdist (#196)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/syklinux/admin-drf/network/alerts).
Bump pyjwt from 1.6.1 to 2.4.0
opened on 2022-05-25 00:12:00 by dependabot[bot]Bumps pyjwt from 1.6.1 to 2.4.0.
Release notes
Sourced from pyjwt's releases.
2.4.0
Security
- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
What's Changed
- Add support for Python 3.10 by
@hugovkin jpadilla/pyjwt#699- Don't use implicit optionals by
@rekyungminin jpadilla/pyjwt#705- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#708- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#710- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#711- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#712- documentation fix: show correct scope for decode_complete() by
@sseeringin jpadilla/pyjwt#661- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#716- Explicit check the key for ECAlgorithm by
@estinin jpadilla/pyjwt#713- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#720- api_jwk: Add PyJWKSet.getitem by
@woodruffwin jpadilla/pyjwt#725- Update usage.rst by
@guneybilenin jpadilla/pyjwt#727- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#728- fix: Update copyright information by
@kkirschein jpadilla/pyjwt#729- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by
@dmahr1in jpadilla/pyjwt#734- Fixed typo in usage.rst by
@israelabrahamin jpadilla/pyjwt#738- Add detached payload support for JWS encoding and decoding by
@fviardin jpadilla/pyjwt#723- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#740- Raise DeprecationWarning for jwt.decode(verify=...) by
@akxin jpadilla/pyjwt#742- Don't mutate options dictionary in .decode_complete() by
@akxin jpadilla/pyjwt#743- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#748- Replace various string interpolations with f-strings by
@akxin jpadilla/pyjwt#744- Update CHANGELOG.rst by
@hipertrackerin jpadilla/pyjwt#751New Contributors
@hugovkmade their first contribution in jpadilla/pyjwt#699@rekyungminmade their first contribution in jpadilla/pyjwt#705@sseeringmade their first contribution in jpadilla/pyjwt#661@estinmade their first contribution in jpadilla/pyjwt#713@woodruffwmade their first contribution in jpadilla/pyjwt#725@guneybilenmade their first contribution in jpadilla/pyjwt#727@dmahr1made their first contribution in jpadilla/pyjwt#734@israelabrahammade their first contribution in jpadilla/pyjwt#738@fviardmade their first contribution in jpadilla/pyjwt#723@akxmade their first contribution in jpadilla/pyjwt#742@hipertrackermade their first contribution in jpadilla/pyjwt#751Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0
2.3.0
What's Changed
- [pre-commit.ci] pre-commit autoupdate by
@pre-commit-ciin jpadilla/pyjwt#700- Add exception chaining by
@ehdgua01in jpadilla/pyjwt#702- Revert "Remove arbitrary kwargs." by
@auvipyin jpadilla/pyjwt#701
... (truncated)
Changelog
Sourced from pyjwt's changelog.
v2.4.0 <https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0>__Security
- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24Changed
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713 - Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742 Fixed ~~~~~ - Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705 - documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661 - fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729 - Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743 Added ~~~~~ - Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699 - api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725 - Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727 - Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734 - Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738 - Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723 - Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744 - Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751 `v2.3.0 <https://github.com/jpadilla/pyjwt/compare/2.2.0...2.3.0>`__ ----------------------------------------------------------------------- Fixed ~~~~~ - Revert "Remove arbitrary kwargs." `[#701](https://github.com/jpadilla/pyjwt/issues/701) <https://github.com/jpadilla/pyjwt/pull/701>`__ Added ~~~~~ - Add exception chaining `[#702](https://github.com/jpadilla/pyjwt/issues/702) <https://github.com/jpadilla/pyjwt/pull/702>`__ `v2.2.0 <https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0>`__ ----------------------------------------------------------------------- </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jpadilla/pyjwt/commit/83ff831a4d11190e3a0bed781da43f8d84352653"><code>83ff831</code></a> chore: update changelog</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/4c1ce8fd9019dd312ff257b5141cdb6d897379d9"><code>4c1ce8f</code></a> chore: update changelog</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/96f3f0275745c5a455c019a0d3476a054980e8ea"><code>96f3f02</code></a> fix: failing advisory test</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc"><code>9c52867</code></a> Merge pull request from GHSA-ffqj-6fqr-9h24</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/24b29adfebcb4f057a3cef5aaf35653bc0c1c8cc"><code>24b29ad</code></a> Update CHANGELOG.rst (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/751">#751</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/31f5acb8fb3ec6cdfe2b1b0a4a8f329b5f3ca67f"><code>31f5acb</code></a> Replace various string interpolations with f-strings (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/744">#744</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/5581a31c21de70444c1162bcfa29f7e0fc86edda"><code>5581a31</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/748">#748</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/3d4d82248f1120c87f1f4e0e8793eaa1d54843a6"><code>3d4d822</code></a> Don't mutate options dictionary in .decode_complete() (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/743">#743</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/1f1fe15bb41846c602b3e106176b2c692b93a613"><code>1f1fe15</code></a> Add a deprecation warning when jwt.decode() is called with the legacy verify=...</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/35fa28e59d99b99c6a780d2a029a74d6bbba8b1e"><code>35fa28e</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/jpadilla/pyjwt/issues/740">#740</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/1.6.1...2.4.0">compare view</a></li> </ul> </details> <br />Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/syklinux/admin-drf/network/alerts).Bump paramiko from 2.4.1 to 2.10.1
opened on 2022-03-29 21:55:32 by dependabot[bot]Bumps paramiko from 2.4.1 to 2.10.1.
Commits
286bd9fCut 2.10.14c491e2Fix CVE re: PKey.write_private_key chmod raceaa3cc6fCut 2.10.0e50e19fFix up changelog entry with real links02ad67eHelps to actually leverage your mocked system calls29d7bf4Clearly our agent stuff is not fully tested yet...5fcb8daOpenSSH docs state %C should also work in IdentityFile and Match exec1bf3dceChangelog enhancementf6342fcPrettify, add %C as acceptable controlpath token, mock gethostname3f3451fAdd to changelog- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/syklinux/admin-drf/network/alerts).Bump ipython from 6.2.1 to 7.16.3
opened on 2022-01-21 19:28:56 by dependabot[bot]Bumps ipython from 6.2.1 to 7.16.3.
Commits
d43c7c7release 7.16.35fa1e40Merge pull request from GHSA-pq7m-3gw7-gq5x8df8971back to dev9f477b7release 7.16.2138f266bring back release helper from master branch5aa3634Merge pull request #13341 from meeseeksmachine/auto-backport-of-pr-13335-on-7...bcae8e0Backport PR #13335: What's new 7.16.28fcdcd3Pin Jedi to <0.17.2.2486838release 7.16.120bdc6ffix conda build- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/syklinux/admin-drf/network/alerts).Bump django from 1.11.11 to 2.2.24
opened on 2021-06-10 20:47:06 by dependabot[bot]Bumps django from 1.11.11 to 2.2.24.
Commits
2da029d[2.2.x] Bumped version for 2.2.24 release.f27c38a[2.2.x] Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.053cc95[2.2.x] Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs'...6229d87[2.2.x] Confirmed release date for Django 2.2.24.f163ad5[2.2.x] Added stub release notes and date for Django 2.2.24.bed1755[2.2.x] Changed IRC references to Libera.Chat.63f0d7a[2.2.x] Refs #32718 -- Fixed file_storage.test_generate_filename and model_fi...5fe4970[2.2.x] Post-release version bump.61f814f[2.2.x] Bumped version for 2.2.23 release.b8ecb06[2.2.x] Fixed #32718 -- Relaxed file name validation in FileField.- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/syklinux/admin-drf/network/alerts).Bump urllib3 from 1.22 to 1.26.5
opened on 2021-06-01 22:32:03 by dependabot[bot]Bumps urllib3 from 1.22 to 1.26.5.
Release notes
Sourced from urllib3's releases.
1.26.5
:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap
- Fixed deprecation warnings emitted in Python 3.10.
- Updated vendored
sixlibrary to 1.16.0.- Improved performance of URL parser when splitting the authority component.
If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors
1.26.4
:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap
- Changed behavior of the default
SSLContextwhen connecting to HTTPS proxy during HTTPS requests. The defaultSSLContextnow setscheck_hostname=True.If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors
1.26.3
:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap
Fixed bytes and string comparison issue with headers (Pull #2141)
Changed
ProxySchemeUnknownerror message to be more actionable if the user supplies a proxy URL without a scheme (Pull #2107)If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors
1.26.2
:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap
- Fixed an issue where
wrap_socketandCERT_REQUIREDwouldn't be imported properly on Python 2.7.8 and earlier (Pull #2052)1.26.1
:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap
- Fixed an issue where two
User-Agentheaders would be sent if aUser-Agentheader key is passed asbytes(Pull #2047)1.26.0
:warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap
Added support for HTTPS proxies contacting HTTPS servers (Pull #1923, Pull #1806)
Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that still wish to use TLS earlier than 1.2 without a deprecation warning should opt-in explicitly by setting
ssl_version=ssl.PROTOCOL_TLSv1_1(Pull #2002) Starting in urllib3 v2.0: Connections that receive aDeprecationWarningwill failDeprecated
RetryoptionsRetry.DEFAULT_METHOD_WHITELIST,Retry.DEFAULT_REDIRECT_HEADERS_BLACKLISTandRetry(method_whitelist=...)in favor ofRetry.DEFAULT_ALLOWED_METHODS,Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT, andRetry(allowed_methods=...)(Pull #2000) Starting in urllib3 v2.0: Deprecated options will be removed... (truncated)
Changelog
Sourced from urllib3's changelog.
1.26.5 (2021-05-26)
- Fixed deprecation warnings emitted in Python 3.10.
- Updated vendored
sixlibrary to 1.16.0.- Improved performance of URL parser when splitting the authority component.
1.26.4 (2021-03-15)
- Changed behavior of the default
SSLContextwhen connecting to HTTPS proxy during HTTPS requests. The defaultSSLContextnow setscheck_hostname=True.1.26.3 (2021-01-26)
Fixed bytes and string comparison issue with headers (Pull #2141)
Changed
ProxySchemeUnknownerror message to be more actionable if the user supplies a proxy URL without a scheme. (Pull #2107)1.26.2 (2020-11-12)
- Fixed an issue where
wrap_socketandCERT_REQUIREDwouldn't be imported properly on Python 2.7.8 and earlier (Pull #2052)1.26.1 (2020-11-11)
- Fixed an issue where two
User-Agentheaders would be sent if aUser-Agentheader key is passed asbytes(Pull #2047)1.26.0 (2020-11-10)
NOTE: urllib3 v2.0 will drop support for Python 2.
Read more in the v2.0 Roadmap <https://urllib3.readthedocs.io/en/latest/v2-roadmap.html>_.Added support for HTTPS proxies contacting HTTPS servers (Pull #1923, Pull #1806)
Deprecated negotiating TLSv1 and TLSv1.1 by default. Users that still wish to use TLS earlier than 1.2 without a deprecation warning
... (truncated)
Commits
d161647Release 1.26.52d4a3feImprove performance of sub-authority splitting in URL2698537Update vendored six to 1.16.007bed79Fix deprecation warnings for Python 3.10 ssl moduled725a9bAdd Python 3.10 to GitHub Actions339ad34Use pytest==6.2.4 on Python 3.10+f271c9cApply latest Black formatting1884878[1.26] Properly proxy EOF on the SSLTransport test suitea891304Release 1.26.48d65ea1Merge pull request from GHSA-5phf-pp7p-vc2r- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/syklinux/admin-drf/network/alerts).