From 311a0474c7f08c19abe8e32393d69ddd10b92747 Mon Sep 17 00:00:00 2001 From: robert-bryson Date: Fri, 28 Jun 2024 10:56:48 -0700 Subject: [PATCH 01/39] bump to 29 --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 56b4b660..18a67c58 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -13,7 +13,7 @@ charset-normalizer==3.3.2 ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee492 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 -ckanext-datagovtheme==0.2.28 +ckanext-datagovtheme==0.2.29 ckanext-datajson==0.1.25 ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 ckanext-envvars==0.0.3 From 72343c2a50a67b0a0612eff23b51cd5ac53e5cad Mon Sep 17 00:00:00 2001 From: Jin-Sun-tts Date: Tue, 2 Jul 2024 17:47:25 +0000 Subject: [PATCH 02/39] extended the snyk exception date --- ckan/.snyk | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ckan/.snyk b/ckan/.snyk index 58781bdd..b6a5d01b 100644 --- a/ckan/.snyk +++ b/ckan/.snyk @@ -67,17 +67,17 @@ ignore: - '*': reason: >- Not affecting us since no debugger is enabled in cloud.gov apps - expires: 2024-06-31T16:20:58.017Z + expires: 2024-09-30T16:20:58.017Z SNYK-PYTHON-CRYPTOGRAPHY-7161587: - '*': reason: >- No remediation available yet. Issue tracked in github: https://github.com/GSA/data.gov/issues/4781 - expires: 2024-06-31T16:20:58.017Z + expires: 2024-09-30T16:20:58.017Z SNYK-PYTHON-PYOPENSSL-7161590: - '*': reason: >- No remediation available yet. Issue tracked in github: https://github.com/GSA/data.gov/issues/4782 - expires: 2024-06-31T16:20:58.017Z + expires: 2024-09-30T16:20:58.017Z patch: {} From 75e30ad99591c53824c06e763e36e8ef2208f177 Mon Sep 17 00:00:00 2001 From: nickumia-reisys Date: Sun, 7 Jul 2024 12:11:02 +0000 Subject: [PATCH 03/39] Update Pip Requirements --- ckan/requirements.in | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ckan/requirements.in b/ckan/requirements.in index 7c7a4e6b..8c5435b6 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -112,7 +112,6 @@ gunicorn # New Relic newrelic -certifi>=2022.12.7 redis>=4.5.4 requests~=2.32.2 @@ -131,4 +130,4 @@ lxml==5.1.0 Werkzeug==2.0.3 # pin numpy as 2.x causes array import issues w/ shapely -numpy==1.26.4 \ No newline at end of file +numpy==1.26.4certifi>=2024.7.4 From cf2a687a7a6609bd1e0284581e1b2d9537f1eec8 Mon Sep 17 00:00:00 2001 From: rshewitt Date: Mon, 8 Jul 2024 15:10:54 +0000 Subject: [PATCH 04/39] Update Pip Requirements --- ckan/requirements.in | 1 + 1 file changed, 1 insertion(+) diff --git a/ckan/requirements.in b/ckan/requirements.in index 8c5435b6..77a49ccc 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -131,3 +131,4 @@ Werkzeug==2.0.3 # pin numpy as 2.x causes array import issues w/ shapely numpy==1.26.4certifi>=2024.7.4 +certifi>=2024.7.4 From d7afedb8154b19cb2efb72826d888a76fb7e0ede Mon Sep 17 00:00:00 2001 From: Reid Hewitt Date: Mon, 8 Jul 2024 10:39:11 -0500 Subject: [PATCH 05/39] bump --- ckan/requirements.in | 2 +- ckan/requirements.txt | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/ckan/requirements.in b/ckan/requirements.in index 77a49ccc..382f8f53 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -130,5 +130,5 @@ lxml==5.1.0 Werkzeug==2.0.3 # pin numpy as 2.x causes array import issues w/ shapely -numpy==1.26.4certifi>=2024.7.4 +numpy==1.26.4 certifi>=2024.7.4 diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 18a67c58..147d8737 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -4,18 +4,18 @@ Babel==2.10.3 Beaker==1.11.0 bleach==5.0.1 blinker==1.5 -boto3==1.34.128 -botocore==1.34.128 -certifi==2024.6.2 +boto3==1.34.140 +botocore==1.34.140 +certifi==2024.7.4 cffi==1.16.0 chardet==5.2.0 charset-normalizer==3.3.2 ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee492 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 -ckanext-datagovtheme==0.2.29 +ckanext-datagovtheme==0.2.30 ckanext-datajson==0.1.25 -ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 +ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@1ef40546ce8656cb2b7b8d5a23f26bf64523acfa ckanext-envvars==0.0.3 ckanext-geodatagov==0.2.8 -e git+https://github.com/GSA/ckanext-harvest.git@9039e7a5d563a40177d62487758b366ab77434b6#egg=ckanext_harvest @@ -56,7 +56,7 @@ Mako==1.3.5 Markdown==3.4.1 MarkupSafe==2.1.5 messytables==0.15.2 -mypy==1.10.0 +mypy==1.10.1 mypy-extensions==1.0.0 newrelic==9.11.0 nose==1.3.7 @@ -65,7 +65,7 @@ OWSLib==0.31.0 packaging==24.1 passlib==1.7.4 pika==1.2.1 -pip==24.0 +pip==24.1 ply==3.11 polib==1.1.1 progressbar==2.5 @@ -87,11 +87,11 @@ PyUtilib==6.0.0 PyYAML==6.0.1 PyZ3950 @ git+https://github.com/danizen/PyZ3950@6d44a4ab85c8bda3a7542c2c9efdfad46c830219 rdflib==6.1.1 -redis==5.0.6 +redis==5.0.7 requests==2.32.3 rfc3987==1.3.8 rq==1.11.0 -s3transfer==0.10.1 +s3transfer==0.10.2 sansjson==0.3.0 setuptools==67.1.0 shapely==2.0.1 From ed079083d121dc7118c09a3a7a1c103d2bc2c9b0 Mon Sep 17 00:00:00 2001 From: Tim Lowden Date: Mon, 8 Jul 2024 11:59:25 -0400 Subject: [PATCH 06/39] Bump datagov theme to 0.2.30 --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 18a67c58..03f64b97 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -13,7 +13,7 @@ charset-normalizer==3.3.2 ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee492 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 -ckanext-datagovtheme==0.2.29 +ckanext-datagovtheme==0.2.30 ckanext-datajson==0.1.25 ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 ckanext-envvars==0.0.3 From e79153171205ff3368a6babc208b2fbf95dcfea3 Mon Sep 17 00:00:00 2001 From: Reid Hewitt Date: Mon, 8 Jul 2024 12:21:02 -0500 Subject: [PATCH 07/39] downgrade to previous --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 147d8737..52fba887 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -15,7 +15,7 @@ ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee ckanext-datagovcatalog==0.1.0 ckanext-datagovtheme==0.2.30 ckanext-datajson==0.1.25 -ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@1ef40546ce8656cb2b7b8d5a23f26bf64523acfa +ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 ckanext-envvars==0.0.3 ckanext-geodatagov==0.2.8 -e git+https://github.com/GSA/ckanext-harvest.git@9039e7a5d563a40177d62487758b366ab77434b6#egg=ckanext_harvest From 912809fa0a275a903120b4625e9f8f5bb2ed81c6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 10 Jul 2024 07:01:40 +0000 Subject: [PATCH 08/39] fix: tools/harvest_source_import/dev-requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- tools/harvest_source_import/dev-requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/harvest_source_import/dev-requirements.txt b/tools/harvest_source_import/dev-requirements.txt index e84a6c8d..b778a182 100644 --- a/tools/harvest_source_import/dev-requirements.txt +++ b/tools/harvest_source_import/dev-requirements.txt @@ -2,3 +2,4 @@ pytest>=5.4.2 pytest-vcr>=1.0.2 flake8>=3.8.1 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability From 0e6d8606fc0b63bd4ad24296d1ee39a9c7a5c692 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 10 Jul 2024 07:08:37 +0000 Subject: [PATCH 09/39] fix: tools/harvest_source_import/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- tools/harvest_source_import/requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/harvest_source_import/requirements.txt b/tools/harvest_source_import/requirements.txt index 7967a512..9fb26a94 100644 --- a/tools/harvest_source_import/requirements.txt +++ b/tools/harvest_source_import/requirements.txt @@ -1,3 +1,4 @@ requests>=2.32.0 pytest>=5.4.2 pytest-vcr>=1.0.2 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability From f6e665e2e42098ea8b6ab1e388af70e8893a97a7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 10 Jul 2024 14:17:20 +0000 Subject: [PATCH 10/39] fix: tools/harvest_source_import/dev-requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 From 9357ba1d23bb1d477e8dc6889098a347f93c34c2 Mon Sep 17 00:00:00 2001 From: James Brown Date: Mon, 15 Jul 2024 10:19:26 -0700 Subject: [PATCH 11/39] Update requirements.txt Related to https://github.com/GSA/data.gov/issues/4743 --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 52fba887..8f297ac1 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -13,7 +13,7 @@ charset-normalizer==3.3.2 ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee492 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 -ckanext-datagovtheme==0.2.30 +ckanext-datagovtheme==0.2.31 ckanext-datajson==0.1.25 ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 ckanext-envvars==0.0.3 From 5946fa63d6628b3a034603ecbde73563a8f1d99b Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Tue, 16 Jul 2024 12:49:51 -0400 Subject: [PATCH 12/39] setuptools>=70.0.0 --- ckan/requirements.in | 3 +++ ckan/requirements.txt | 10 +++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/ckan/requirements.in b/ckan/requirements.in index 382f8f53..ec00f0fd 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -132,3 +132,6 @@ Werkzeug==2.0.3 # pin numpy as 2.x causes array import issues w/ shapely numpy==1.26.4 certifi>=2024.7.4 + +# snyk finding +setuptools>=70.0.0 diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 8f297ac1..94744dea 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -4,8 +4,8 @@ Babel==2.10.3 Beaker==1.11.0 bleach==5.0.1 blinker==1.5 -boto3==1.34.140 -botocore==1.34.140 +boto3==1.34.144 +botocore==1.34.144 certifi==2024.7.4 cffi==1.16.0 chardet==5.2.0 @@ -15,7 +15,7 @@ ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee ckanext-datagovcatalog==0.1.0 ckanext-datagovtheme==0.2.31 ckanext-datajson==0.1.25 -ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 +ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@51d651315ff2ff594ebd6eb1d658bc7e9553310c ckanext-envvars==0.0.3 ckanext-geodatagov==0.2.8 -e git+https://github.com/GSA/ckanext-harvest.git@9039e7a5d563a40177d62487758b366ab77434b6#egg=ckanext_harvest @@ -58,7 +58,7 @@ MarkupSafe==2.1.5 messytables==0.15.2 mypy==1.10.1 mypy-extensions==1.0.0 -newrelic==9.11.0 +newrelic==9.12.0 nose==1.3.7 numpy==1.26.4 OWSLib==0.31.0 @@ -93,7 +93,7 @@ rfc3987==1.3.8 rq==1.11.0 s3transfer==0.10.2 sansjson==0.3.0 -setuptools==67.1.0 +setuptools==70.3.0 shapely==2.0.1 simplejson==3.18.0 six==1.16.0 From 4779017570b767852bdd9d93818b34e3cd250383 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Thu, 18 Jul 2024 09:30:38 -0400 Subject: [PATCH 13/39] snyk test in PR --- .github/workflows/snyk.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 3b9ec11e..74c74688 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -2,6 +2,9 @@ name: Check for Snyk Vulnerabilities on: + pull_request: + branches: + - main workflow_dispatch: schedule: - cron: '0 12 * * *' # every day at 12pm UTC @@ -56,7 +59,7 @@ jobs: # Fail so that PR is created exit 1 - name: Create Pull Request - if: ${{ failure() }} + if: ${{ failure() && github.event_name == 'schedule' }} id: scpr uses: peter-evans/create-pull-request@v5 with: From 2497112c810d04825c5b508fd9afd4f1adb5630e Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Thu, 18 Jul 2024 11:24:23 -0400 Subject: [PATCH 14/39] Trigger Build From 93a349dbc5b7376754c03db1684565cfdffc8e93 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Thu, 18 Jul 2024 15:05:07 -0400 Subject: [PATCH 15/39] try dcat --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 94744dea..e96b4f61 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -15,7 +15,7 @@ ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee ckanext-datagovcatalog==0.1.0 ckanext-datagovtheme==0.2.31 ckanext-datajson==0.1.25 -ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@51d651315ff2ff594ebd6eb1d658bc7e9553310c +ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 ckanext-envvars==0.0.3 ckanext-geodatagov==0.2.8 -e git+https://github.com/GSA/ckanext-harvest.git@9039e7a5d563a40177d62487758b366ab77434b6#egg=ckanext_harvest From bacbbac2f578c2af2c9b49e1dd0cbcb7497677ed Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Thu, 18 Jul 2024 17:05:52 -0400 Subject: [PATCH 16/39] ping ckanext-dcat to v1.7.0 --- ckan/requirements.in | 2 +- ckan/requirements.txt | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ckan/requirements.in b/ckan/requirements.in index ec00f0fd..56d8bb04 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -1,6 +1,6 @@ # CKAN requirements and extensions git+https://github.com/GSA/ckan.git@ckan-2-10-4-fork#egg=ckan -git+https://github.com/ckan/ckanext-dcat@master#egg=ckanext-dcat +git+https://github.com/ckan/ckanext-dcat@v1.7.0#egg=ckanext-dcat -e git+https://github.com/GSA/ckanext-harvest.git@release-v1-5-6#egg=ckanext-harvest -e git+https://github.com/ckan/ckanext-spatial.git@v2.1.1#egg=ckanext-spatial git+https://github.com/GSA/ckanext-saml2auth.git@datagov#egg=ckanext-saml2auth diff --git a/ckan/requirements.txt b/ckan/requirements.txt index e96b4f61..00fe9489 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -4,8 +4,8 @@ Babel==2.10.3 Beaker==1.11.0 bleach==5.0.1 blinker==1.5 -boto3==1.34.144 -botocore==1.34.144 +boto3==1.34.145 +botocore==1.34.145 certifi==2024.7.4 cffi==1.16.0 chardet==5.2.0 @@ -15,7 +15,7 @@ ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee ckanext-datagovcatalog==0.1.0 ckanext-datagovtheme==0.2.31 ckanext-datajson==0.1.25 -ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@83495ba99cba17398ba8feb1bc0da486f3798584 +ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@b8ebf24004cd3f3edb7f9d01c87c20259c102093 ckanext-envvars==0.0.3 ckanext-geodatagov==0.2.8 -e git+https://github.com/GSA/ckanext-harvest.git@9039e7a5d563a40177d62487758b366ab77434b6#egg=ckanext_harvest @@ -93,7 +93,7 @@ rfc3987==1.3.8 rq==1.11.0 s3transfer==0.10.2 sansjson==0.3.0 -setuptools==70.3.0 +setuptools==71.0.3 shapely==2.0.1 simplejson==3.18.0 six==1.16.0 From e0f6f316f5374164047a853743ed619412cf45db Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 20 Jul 2024 07:07:30 +0000 Subject: [PATCH 17/39] fix: tools/harvest_source_import/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 From 8db0f8d95991695f8b9d0635b4c317cbd2848296 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Wed, 24 Jul 2024 09:13:32 -0400 Subject: [PATCH 18/39] bump ckanext-datagovtheme --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 00fe9489..4a33894e 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -13,7 +13,7 @@ charset-normalizer==3.3.2 ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee492 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 -ckanext-datagovtheme==0.2.31 +ckanext-datagovtheme==0.2.32 ckanext-datajson==0.1.25 ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@b8ebf24004cd3f3edb7f9d01c87c20259c102093 ckanext-envvars==0.0.3 From 6c3791eb46438184d1da1a17347abcb9ad7160da Mon Sep 17 00:00:00 2001 From: James Brown Date: Tue, 30 Jul 2024 10:28:31 -0700 Subject: [PATCH 19/39] Update ckan.ini Add necessary config items from ckan2.10 changelog: https://docs.ckan.org/en/2.10/changelog.html#migration-notes-2-10 --- ckan/setup/ckan.ini | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ckan/setup/ckan.ini b/ckan/setup/ckan.ini index c19f2e3c..c95f84c8 100644 --- a/ckan/setup/ckan.ini +++ b/ckan/setup/ckan.ini @@ -42,6 +42,8 @@ beaker.session.secret = TShFJxS41xNdVJAxQsoIEm5zu beaker.session.type=ext:database #beaker.session.url=postgresql://ckan:ckan@db/ckan beaker.session.cookie_expires=true +beaker.session.secure = True +beaker.session.samesite = Strict beaker.session.url = $CKAN___BEAKER__SESSION__URL beaker.session.timeout=900 From 250d0041211fc419710098e3a1649da987c1b5f4 Mon Sep 17 00:00:00 2001 From: Reid Hewitt Date: Tue, 30 Jul 2024 15:14:57 -0700 Subject: [PATCH 20/39] update element query --- e2e/cypress/integration/dataset.cy.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/e2e/cypress/integration/dataset.cy.js b/e2e/cypress/integration/dataset.cy.js index 219dd11e..3952def1 100644 --- a/e2e/cypress/integration/dataset.cy.js +++ b/e2e/cypress/integration/dataset.cy.js @@ -63,10 +63,10 @@ describe('Dataset', () => { // the button is visible cy.get('#contact-btn').should('be.visible').click(); // the modal is invisible - cy.get('#fba-modal-dialog').should('be.visible'); + cy.get('#touchpoints-form-fd986495').should('be.visible'); cy.get('#fba_location_code').should('have.value', 'ek500-water-column-sonar-data-collected-during-al0001'); // can hide the modal cy.get('a[class="fba-modal-close"]').click(); - cy.get('#fba-modal-dialog').should('not.be.visible'); + cy.get('#touchpoints-form-fd986495').should('not.be.visible'); }); }); From 4edc9f938b5ef20f2210bbe0d2272a5a54e71d17 Mon Sep 17 00:00:00 2001 From: Tyler Burton Date: Tue, 30 Jul 2024 22:59:16 +0000 Subject: [PATCH 21/39] Revert "update element query" This reverts commit 250d0041211fc419710098e3a1649da987c1b5f4. --- e2e/cypress/integration/dataset.cy.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/e2e/cypress/integration/dataset.cy.js b/e2e/cypress/integration/dataset.cy.js index 3952def1..219dd11e 100644 --- a/e2e/cypress/integration/dataset.cy.js +++ b/e2e/cypress/integration/dataset.cy.js @@ -63,10 +63,10 @@ describe('Dataset', () => { // the button is visible cy.get('#contact-btn').should('be.visible').click(); // the modal is invisible - cy.get('#touchpoints-form-fd986495').should('be.visible'); + cy.get('#fba-modal-dialog').should('be.visible'); cy.get('#fba_location_code').should('have.value', 'ek500-water-column-sonar-data-collected-during-al0001'); // can hide the modal cy.get('a[class="fba-modal-close"]').click(); - cy.get('#touchpoints-form-fd986495').should('not.be.visible'); + cy.get('#fba-modal-dialog').should('not.be.visible'); }); }); From ae9eb294d58a163dcbba932a4c172f08e79644f9 Mon Sep 17 00:00:00 2001 From: Tyler Burton Date: Tue, 30 Jul 2024 23:00:12 +0000 Subject: [PATCH 22/39] find modal by class --- e2e/cypress/integration/dataset.cy.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/e2e/cypress/integration/dataset.cy.js b/e2e/cypress/integration/dataset.cy.js index 219dd11e..20085bbe 100644 --- a/e2e/cypress/integration/dataset.cy.js +++ b/e2e/cypress/integration/dataset.cy.js @@ -63,10 +63,10 @@ describe('Dataset', () => { // the button is visible cy.get('#contact-btn').should('be.visible').click(); // the modal is invisible - cy.get('#fba-modal-dialog').should('be.visible'); + cy.get('.fba-modal-dialog').should('be.visible'); cy.get('#fba_location_code').should('have.value', 'ek500-water-column-sonar-data-collected-during-al0001'); // can hide the modal - cy.get('a[class="fba-modal-close"]').click(); - cy.get('#fba-modal-dialog').should('not.be.visible'); + cy.get('a.fba-modal-close').click(); + cy.get('.fba-modal-dialog').should('not.be.visible'); }); }); From ca48f806f8e6c83d2660ab182f7cd491770e6281 Mon Sep 17 00:00:00 2001 From: James Brown Date: Wed, 31 Jul 2024 09:38:20 -0700 Subject: [PATCH 23/39] Change cookie to lax Possibly due to redirects --- ckan/setup/ckan.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/setup/ckan.ini b/ckan/setup/ckan.ini index c95f84c8..f4d2d94b 100644 --- a/ckan/setup/ckan.ini +++ b/ckan/setup/ckan.ini @@ -43,7 +43,7 @@ beaker.session.type=ext:database #beaker.session.url=postgresql://ckan:ckan@db/ckan beaker.session.cookie_expires=true beaker.session.secure = True -beaker.session.samesite = Strict +beaker.session.samesite = Lax beaker.session.url = $CKAN___BEAKER__SESSION__URL beaker.session.timeout=900 From 7485cf9186489a55ef10925f9b524f4c3b690aeb Mon Sep 17 00:00:00 2001 From: Jin-Sun-tts Date: Mon, 5 Aug 2024 15:29:38 +0000 Subject: [PATCH 24/39] extended the date for some ignored issues --- ckan/.snyk | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ckan/.snyk b/ckan/.snyk index b6a5d01b..e7c694d7 100644 --- a/ckan/.snyk +++ b/ckan/.snyk @@ -7,49 +7,49 @@ ignore: reason: >- No remediation available yet; Not affecting us since the storage is not accessible to any other client - expires: 2024-07-31T19:29:54.032Z + expires: 2024-10-31T19:29:54.032Z created: 2022-12-08T16:20:58.023Z SNYK-PYTHON-WERKZEUG-6035177: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4217 - expires: 2024-07-31T19:29:54.032Z + expires: 2024-10-31T19:29:54.032Z created: 2023-10-30T16:50:58.023Z SNYK-PYTHON-WERKZEUG-3319936: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4217 - expires: 2024-07-31T19:29:54.032Z + expires: 2024-10-31T19:29:54.032Z created: 2023-02-15T16:20:58.023Z SNYK-PYTHON-WERKZEUG-3319935: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4217 - expires: 2024-07-31T19:29:54.032Z + expires: 2024-10-31T19:29:54.032Z created: 2023-02-15T16:20:58.023Z SNYK-PYTHON-FLASK-5490129: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4303 - expires: 2024-07-31T19:29:54.032Z + expires: 2024-10-31T19:29:54.032Z created: 2023-05-08T16:20:58.023Z SNYK-PYTHON-PYOPENSSL-6149520: - '*': reason: >- No remediation available yet; Issue tracked in github: https://github.com/GSA/data.gov/issues/4532 - expires: 2024-07-31T19:29:54.032Z + expires: 2024-10-31T19:29:54.032Z created: 2024-01-08T00:00:00.000Z SNYK-PYTHON-PYOPENSSL-6157250: - '*': reason: >- No remediation available yet; Issue tracked in github: https://github.com/GSA/data.gov/issues/4591 - expires: 2024-07-31T19:29:54.032Z + expires: 2024-10-31T19:29:54.032Z created: 2024-01-14T00:00:00.000Z SNYK-PYTHON-CRYPTOGRAPHY-6592767: - '*': From 239754c442ce84e7acf9f7c2541781db629e3f31 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Fri, 9 Aug 2024 12:35:50 -0400 Subject: [PATCH 25/39] use spatial fork for iis folder fix --- ckan/requirements.in | 2 +- ckan/requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ckan/requirements.in b/ckan/requirements.in index 56d8bb04..31131ab0 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -2,7 +2,7 @@ git+https://github.com/GSA/ckan.git@ckan-2-10-4-fork#egg=ckan git+https://github.com/ckan/ckanext-dcat@v1.7.0#egg=ckanext-dcat -e git+https://github.com/GSA/ckanext-harvest.git@release-v1-5-6#egg=ckanext-harvest --e git+https://github.com/ckan/ckanext-spatial.git@v2.1.1#egg=ckanext-spatial +-e git+https://github.com/GSA/ckanext-spatial.git@iis-dir#egg=ckanext-spatial git+https://github.com/GSA/ckanext-saml2auth.git@datagov#egg=ckanext-saml2auth # -e git+https://github.com/ckan/ckanext-qa.git@master#egg=ckanext-qa -e git+https://github.com/ckan/ckanext-archiver.git@master#egg=ckanext-archiver diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 4a33894e..cd42655e 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -22,7 +22,7 @@ ckanext-geodatagov==0.2.8 ckanext-metrics-dashboard==0.1.6 -e git+https://github.com/ckan/ckanext-report.git@3588577f46d17e5f6ef163bb984d0e7016daef71#egg=ckanext_report ckanext-saml2auth @ git+https://github.com/GSA/ckanext-saml2auth.git@387cfc1c6a7619f670bf387384f2634516de5844 --e git+https://github.com/ckan/ckanext-spatial.git@938308469892e4bcf7389cb4adee5ccdd5a0ccca#egg=ckanext_spatial +-e git+https://github.com/GSA/ckanext-spatial.git@c600db59fdd18c7e5cb89df2a39d91956b85874f#egg=ckanext_spatial ckantoolkit==0.0.7 click==8.1.3 cryptography==42.0.8 From 31c9c0d999b5642af33b2f698ab194261c083ab9 Mon Sep 17 00:00:00 2001 From: Tyler Burton Date: Mon, 12 Aug 2024 14:31:09 +0000 Subject: [PATCH 26/39] bump version of datagovtheme --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index cd42655e..8f95524d 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -13,7 +13,7 @@ charset-normalizer==3.3.2 ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee492 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 -ckanext-datagovtheme==0.2.32 +ckanext-datagovtheme==0.2.33 ckanext-datajson==0.1.25 ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@b8ebf24004cd3f3edb7f9d01c87c20259c102093 ckanext-envvars==0.0.3 From 2b876e6ae984f5f5898bc3ce0416905fd47c71c8 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Tue, 13 Aug 2024 07:18:00 -0400 Subject: [PATCH 27/39] bump ckanext-spatial --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 8f95524d..b031719f 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -22,7 +22,7 @@ ckanext-geodatagov==0.2.8 ckanext-metrics-dashboard==0.1.6 -e git+https://github.com/ckan/ckanext-report.git@3588577f46d17e5f6ef163bb984d0e7016daef71#egg=ckanext_report ckanext-saml2auth @ git+https://github.com/GSA/ckanext-saml2auth.git@387cfc1c6a7619f670bf387384f2634516de5844 --e git+https://github.com/GSA/ckanext-spatial.git@c600db59fdd18c7e5cb89df2a39d91956b85874f#egg=ckanext_spatial +-e git+https://github.com/GSA/ckanext-spatial.git@3d0a375fe98edc70a0d12efd2f4ac54f0e05b597#egg=ckanext_spatial ckantoolkit==0.0.7 click==8.1.3 cryptography==42.0.8 From e39a801e84aee1c25e409f6dc5d249105cf30614 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Mon, 26 Aug 2024 11:21:05 -0400 Subject: [PATCH 28/39] add snyk exceptions for ckan 2.10.5 --- ckan/.snyk | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/ckan/.snyk b/ckan/.snyk index e7c694d7..055bb297 100644 --- a/ckan/.snyk +++ b/ckan/.snyk @@ -80,4 +80,22 @@ ignore: No remediation available yet. Issue tracked in github: https://github.com/GSA/data.gov/issues/4782 expires: 2024-09-30T16:20:58.017Z + SNYK-PYTHON-CKAN-7786366: + - '*': + reason: >- + Remediation in progress. Issue tracked in github: + https://github.com/GSA/data.gov/issues/4854 + expires: 2024-09-30T16:20:58.017Z + SNYK-PYTHON-CKAN-7786367: + - '*': + reason: >- + Remediation in progress. Issue tracked in github: + https://github.com/GSA/data.gov/issues/4854 + expires: 2024-09-30T16:20:58.017Z + SNYK-PYTHON-CKAN-7786369: + - '*': + reason: >- + Remediation in progress. Issue tracked in github: + https://github.com/GSA/data.gov/issues/4854 + expires: 2024-09-30T16:20:58.017Z patch: {} From a11518f6ccbb1fffe0aaaca9ba5d2027eda8d5b1 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Mon, 26 Aug 2024 16:42:48 -0400 Subject: [PATCH 29/39] fix cypress test --- e2e/cypress/integration/dataset.cy.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e2e/cypress/integration/dataset.cy.js b/e2e/cypress/integration/dataset.cy.js index 20085bbe..0b85e3f7 100644 --- a/e2e/cypress/integration/dataset.cy.js +++ b/e2e/cypress/integration/dataset.cy.js @@ -66,7 +66,7 @@ describe('Dataset', () => { cy.get('.fba-modal-dialog').should('be.visible'); cy.get('#fba_location_code').should('have.value', 'ek500-water-column-sonar-data-collected-during-al0001'); // can hide the modal - cy.get('a.fba-modal-close').click(); + cy.get('button.fba-modal-close').click(); cy.get('.fba-modal-dialog').should('not.be.visible'); }); }); From 7020bff4eb65f742df1e355fbf245f8342d8c23b Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Tue, 27 Aug 2024 11:28:24 -0400 Subject: [PATCH 30/39] temporarily disable staging restart for debugging --- .github/workflows/restart.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/restart.yml b/.github/workflows/restart.yml index 64cee9c2..3a923496 100644 --- a/.github/workflows/restart.yml +++ b/.github/workflows/restart.yml @@ -7,14 +7,6 @@ on: - cron: '11/30 * * * *' jobs: - restart-staging: - name: restart (staging) - uses: gsa/data.gov/.github/workflows/app-restart-template.yml@main - with: - environ: staging - app_names: "{\"include\":[{\"app\":\"catalog-proxy\"},{\"app\":\"catalog-gather\"},{\"app\":\"catalog-fetch\"},{\"app\":\"catalog-web\"},{\"app\":\"catalog-admin\"},]}" - secrets: inherit - restart-prod: name: restart (prod) uses: gsa/data.gov/.github/workflows/app-restart-template.yml@main From e63530afb59f1e689d7a8f5fd867edb71c3dff10 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Tue, 27 Aug 2024 16:41:40 -0400 Subject: [PATCH 31/39] instance 1 for gather and fetch staging --- vars.staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars.staging.yml b/vars.staging.yml index ae9091f1..a42dc319 100644 --- a/vars.staging.yml +++ b/vars.staging.yml @@ -7,8 +7,8 @@ ckanext__saml2auth__idp_metadata__local_path: ckan/setup/login.production.idp.xm web-instances: 2 admin-instances: 1 -gather-instances: 0 -fetch-instances: 0 +gather-instances: 1 +fetch-instances: 1 proxy-instances: 1 memory_quota: 750M gather_memory_quota: 3G From a89e1f8ebe23eedc97ad7ba972e5a77808f90676 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Wed, 28 Aug 2024 10:11:03 -0400 Subject: [PATCH 32/39] Revert "temporarily disable staging restart for debugging" This reverts commit 7020bff4eb65f742df1e355fbf245f8342d8c23b. --- .github/workflows/restart.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/restart.yml b/.github/workflows/restart.yml index 3a923496..64cee9c2 100644 --- a/.github/workflows/restart.yml +++ b/.github/workflows/restart.yml @@ -7,6 +7,14 @@ on: - cron: '11/30 * * * *' jobs: + restart-staging: + name: restart (staging) + uses: gsa/data.gov/.github/workflows/app-restart-template.yml@main + with: + environ: staging + app_names: "{\"include\":[{\"app\":\"catalog-proxy\"},{\"app\":\"catalog-gather\"},{\"app\":\"catalog-fetch\"},{\"app\":\"catalog-web\"},{\"app\":\"catalog-admin\"},]}" + secrets: inherit + restart-prod: name: restart (prod) uses: gsa/data.gov/.github/workflows/app-restart-template.yml@main From c24efa972186370755544616f7ec8585443ba8a1 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Wed, 28 Aug 2024 16:11:04 -0400 Subject: [PATCH 33/39] use ckan core with solr fix --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index b031719f..03ce4c79 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -10,7 +10,7 @@ certifi==2024.7.4 cffi==1.16.0 chardet==5.2.0 charset-normalizer==3.3.2 -ckan @ git+https://github.com/GSA/ckan.git@7159a872ba740069b768fcd2a43cde81a57ee492 +ckan @ git+https://github.com/GSA/ckan.git@374f566de9a68bb9f7dc696d8d60debda5af0d8c -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 ckanext-datagovtheme==0.2.33 From d6e250b171d2acf065dd5a57712d24bc975239dd Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Fri, 30 Aug 2024 12:35:45 -0400 Subject: [PATCH 34/39] update ckan core for solr 200 fix --- ckan/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 03ce4c79..4c222fb9 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -10,7 +10,7 @@ certifi==2024.7.4 cffi==1.16.0 chardet==5.2.0 charset-normalizer==3.3.2 -ckan @ git+https://github.com/GSA/ckan.git@374f566de9a68bb9f7dc696d8d60debda5af0d8c +ckan @ git+https://github.com/GSA/ckan.git@453dd7f8ecdcf678e5d068d2c838c73b7ecac448 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 ckanext-datagovtheme==0.2.33 From 7786ee9b3ad1cf4f031ef7d65162f42c2332c816 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Fri, 30 Aug 2024 13:31:29 -0400 Subject: [PATCH 35/39] anchor to button, now back to anchor --- e2e/cypress/integration/dataset.cy.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e2e/cypress/integration/dataset.cy.js b/e2e/cypress/integration/dataset.cy.js index 0b85e3f7..466ff12c 100644 --- a/e2e/cypress/integration/dataset.cy.js +++ b/e2e/cypress/integration/dataset.cy.js @@ -66,7 +66,7 @@ describe('Dataset', () => { cy.get('.fba-modal-dialog').should('be.visible'); cy.get('#fba_location_code').should('have.value', 'ek500-water-column-sonar-data-collected-during-al0001'); // can hide the modal - cy.get('button.fba-modal-close').click(); + cy.get('.fba-modal-close').click(); cy.get('.fba-modal-dialog').should('not.be.visible'); }); }); From d62649994e636257be515ab835349d33b6c45d1b Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Tue, 3 Sep 2024 15:37:44 -0400 Subject: [PATCH 36/39] ckan 2.10.5 --- ckan/requirements.in | 9 +++++---- e2e/cypress/integration/ckan_extensions.cy.js | 2 +- proxy/public/500.html | 2 +- proxy/public/maintenance.html | 2 +- proxy/public/sitedown.html | 2 +- proxy/public/template.html | 2 +- 6 files changed, 10 insertions(+), 9 deletions(-) diff --git a/ckan/requirements.in b/ckan/requirements.in index 31131ab0..fa008a90 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -1,5 +1,5 @@ # CKAN requirements and extensions -git+https://github.com/GSA/ckan.git@ckan-2-10-4-fork#egg=ckan +git+https://github.com/GSA/ckan.git@ckan-2-10-5-fork#egg=ckan git+https://github.com/ckan/ckanext-dcat@v1.7.0#egg=ckanext-dcat -e git+https://github.com/GSA/ckanext-harvest.git@release-v1-5-6#egg=ckanext-harvest -e git+https://github.com/GSA/ckanext-spatial.git@iis-dir#egg=ckanext-spatial @@ -77,11 +77,12 @@ Flask-WTF==1.0.1 flask-multistatic==1.0 greenlet==2.0.2 #Jinja2==3.1.2 -PyJWT==2.4.0 Markdown==3.4.1 +packaging==24.1 passlib==1.7.4 polib==1.1.1 psycopg2==2.9.3 +PyJWT==2.4.0 python-magic==0.4.27 pysolr==3.9.0 python-dateutil==2.8.2 @@ -113,12 +114,12 @@ gunicorn # New Relic newrelic redis>=4.5.4 -requests~=2.32.2 +requests~=2.32.3 # avoid ImportError error https://github.com/GSA/data.gov/issues/4396 importlib-resources<6.0 gevent>=23.9.0 -jinja2>=3.1.3 +jinja2>=3.1.4 cryptography>=42.0.4 # lxml beyond 5.1.0 show error module 'lxml.etree' has no attribute '_ElementStringResult' diff --git a/e2e/cypress/integration/ckan_extensions.cy.js b/e2e/cypress/integration/ckan_extensions.cy.js index 33a2c1f1..e72d3f32 100644 --- a/e2e/cypress/integration/ckan_extensions.cy.js +++ b/e2e/cypress/integration/ckan_extensions.cy.js @@ -2,7 +2,7 @@ describe('CKAN Extensions', () => { it('Uses CKAN 2.10', () => { cy.request('/api/action/status_show').should((response) => { expect(response.body).to.have.property('success', true); - expect(response.body.result).to.have.property('ckan_version', '2.10.4'); + expect(response.body.result).to.have.property('ckan_version', '2.10.5'); }); }); diff --git a/proxy/public/500.html b/proxy/public/500.html index 32ac3c34..923d3353 100644 --- a/proxy/public/500.html +++ b/proxy/public/500.html @@ -3,7 +3,7 @@ - + 500 Web server unavailable diff --git a/proxy/public/maintenance.html b/proxy/public/maintenance.html index ac45b066..e56a0edd 100644 --- a/proxy/public/maintenance.html +++ b/proxy/public/maintenance.html @@ -3,7 +3,7 @@ - + 503 Site under maintenance diff --git a/proxy/public/sitedown.html b/proxy/public/sitedown.html index 28019d4c..d397ea11 100644 --- a/proxy/public/sitedown.html +++ b/proxy/public/sitedown.html @@ -3,7 +3,7 @@ - + 503 Site Temporarily Down diff --git a/proxy/public/template.html b/proxy/public/template.html index b2794b72..a0863c8a 100644 --- a/proxy/public/template.html +++ b/proxy/public/template.html @@ -3,7 +3,7 @@ - + Error 404 - Catalog From 61dafe00620048ecad7a1f32bc67e1b7e98f0a2a Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Tue, 3 Sep 2024 15:37:56 -0400 Subject: [PATCH 37/39] update requirements --- ckan/requirements.txt | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 4c222fb9..7e52d228 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -4,20 +4,20 @@ Babel==2.10.3 Beaker==1.11.0 bleach==5.0.1 blinker==1.5 -boto3==1.34.145 -botocore==1.34.145 -certifi==2024.7.4 -cffi==1.16.0 +boto3==1.35.11 +botocore==1.35.11 +certifi==2024.8.30 +cffi==1.17.0 chardet==5.2.0 charset-normalizer==3.3.2 -ckan @ git+https://github.com/GSA/ckan.git@453dd7f8ecdcf678e5d068d2c838c73b7ecac448 +ckan @ git+https://github.com/GSA/ckan.git@8c4a517efeac80db098cc6ba144cb742bbeca194 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver ckanext-datagovcatalog==0.1.0 ckanext-datagovtheme==0.2.33 ckanext-datajson==0.1.25 ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@b8ebf24004cd3f3edb7f9d01c87c20259c102093 ckanext-envvars==0.0.3 -ckanext-geodatagov==0.2.8 +ckanext-geodatagov==0.2.9 -e git+https://github.com/GSA/ckanext-harvest.git@9039e7a5d563a40177d62487758b366ab77434b6#egg=ckanext_harvest ckanext-metrics-dashboard==0.1.6 -e git+https://github.com/ckan/ckanext-report.git@3588577f46d17e5f6ef163bb984d0e7016daef71#egg=ckanext_report @@ -25,7 +25,7 @@ ckanext-saml2auth @ git+https://github.com/GSA/ckanext-saml2auth.git@387cfc1c6a7 -e git+https://github.com/GSA/ckanext-spatial.git@3d0a375fe98edc70a0d12efd2f4ac54f0e05b597#egg=ckanext_spatial ckantoolkit==0.0.7 click==8.1.3 -cryptography==42.0.8 +cryptography==43.0.0 defusedxml==0.7.1 dominate==2.7.0 elementpath==4.4.0 @@ -41,9 +41,9 @@ geojson==3.0.1 geomet==1.1.0 gevent==24.2.1 greenlet==2.0.2 -gunicorn==22.0.0 +gunicorn==23.0.0 html5lib==1.1 -idna==3.7 +idna==3.8 importlib-resources==5.13.0 isodate==0.6.1 itsdangerous==2.2.0 @@ -58,7 +58,7 @@ MarkupSafe==2.1.5 messytables==0.15.2 mypy==1.10.1 mypy-extensions==1.0.0 -newrelic==9.12.0 +newrelic==9.13.0 nose==1.3.7 numpy==1.26.4 OWSLib==0.31.0 @@ -73,8 +73,8 @@ progressbar2==3.53.3 psycopg2==2.9.3 pycparser==2.22 PyJWT==2.4.0 -pyOpenSSL==24.1.0 -pyparsing==3.1.2 +pyOpenSSL==24.2.1 +pyparsing==3.1.4 pyproj==3.4.1 pysaml2==7.0.1 pysolr==3.9.0 @@ -87,13 +87,13 @@ PyUtilib==6.0.0 PyYAML==6.0.1 PyZ3950 @ git+https://github.com/danizen/PyZ3950@6d44a4ab85c8bda3a7542c2c9efdfad46c830219 rdflib==6.1.1 -redis==5.0.7 +redis==5.0.8 requests==2.32.3 rfc3987==1.3.8 rq==1.11.0 s3transfer==0.10.2 sansjson==0.3.0 -setuptools==71.0.3 +setuptools==74.1.1 shapely==2.0.1 simplejson==3.18.0 six==1.16.0 @@ -105,13 +105,13 @@ typing_extensions==4.3.0 tzdata==2024.1 tzlocal==4.2 urllib3==2.2.2 -watchdog==4.0.1 +watchdog==5.0.1 webassets==2.0 webencodings==0.5.1 Werkzeug==2.0.3 wheel==0.42.0 WTForms==3.1.2 xlrd==2.0.1 -xmlschema==3.3.1 +xmlschema==3.3.2 zope.event==5.0 zope.interface==5.4.0 From 2a7a3c894e011f70b245c5ef215bad7ec44d8074 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Tue, 3 Sep 2024 20:11:53 +0000 Subject: [PATCH 38/39] snyk cleanup --- ckan/.snyk | 54 +++++++++--------------------------------------------- 1 file changed, 9 insertions(+), 45 deletions(-) diff --git a/ckan/.snyk b/ckan/.snyk index 055bb297..83015824 100644 --- a/ckan/.snyk +++ b/ckan/.snyk @@ -7,95 +7,59 @@ ignore: reason: >- No remediation available yet; Not affecting us since the storage is not accessible to any other client - expires: 2024-10-31T19:29:54.032Z + expires: 2024-11-30T19:29:54.032Z created: 2022-12-08T16:20:58.023Z SNYK-PYTHON-WERKZEUG-6035177: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4217 - expires: 2024-10-31T19:29:54.032Z + expires: 2024-11-30T19:29:54.032Z created: 2023-10-30T16:50:58.023Z SNYK-PYTHON-WERKZEUG-3319936: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4217 - expires: 2024-10-31T19:29:54.032Z + expires: 2024-11-30T19:29:54.032Z created: 2023-02-15T16:20:58.023Z SNYK-PYTHON-WERKZEUG-3319935: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4217 - expires: 2024-10-31T19:29:54.032Z + expires: 2024-11-30T19:29:54.032Z created: 2023-02-15T16:20:58.023Z SNYK-PYTHON-FLASK-5490129: - '*': reason: >- Upgrade path is complex, Issue tracked in github: https://github.com/GSA/data.gov/issues/4303 - expires: 2024-10-31T19:29:54.032Z + expires: 2024-11-30T19:29:54.032Z created: 2023-05-08T16:20:58.023Z SNYK-PYTHON-PYOPENSSL-6149520: - '*': reason: >- No remediation available yet; Issue tracked in github: https://github.com/GSA/data.gov/issues/4532 - expires: 2024-10-31T19:29:54.032Z + expires: 2024-11-30T19:29:54.032Z created: 2024-01-08T00:00:00.000Z SNYK-PYTHON-PYOPENSSL-6157250: - '*': reason: >- No remediation available yet; Issue tracked in github: https://github.com/GSA/data.gov/issues/4591 - expires: 2024-10-31T19:29:54.032Z + expires: 2024-11-30T19:29:54.032Z created: 2024-01-14T00:00:00.000Z - SNYK-PYTHON-CRYPTOGRAPHY-6592767: - - '*': - reason: >- - No remediation available yet; Low severity. - expires: 2024-10-24T17:21:30.083Z - created: 2024-04-24T17:21:30.089Z SNYK-PYTHON-PYOPENSSL-6592766: - '*': reason: >- No remediation available yet; Low severity. - expires: 2024-10-24T17:24:47.251Z + expires: 2024-11-30T17:24:47.251Z created: 2024-04-24T17:24:47.257Z SNYK-PYTHON-WERKZEUG-6808933: - '*': reason: >- Not affecting us since no debugger is enabled in cloud.gov apps - expires: 2024-09-30T16:20:58.017Z - SNYK-PYTHON-CRYPTOGRAPHY-7161587: - - '*': - reason: >- - No remediation available yet. Issue tracked in github: - https://github.com/GSA/data.gov/issues/4781 - expires: 2024-09-30T16:20:58.017Z - SNYK-PYTHON-PYOPENSSL-7161590: - - '*': - reason: >- - No remediation available yet. Issue tracked in github: - https://github.com/GSA/data.gov/issues/4782 - expires: 2024-09-30T16:20:58.017Z - SNYK-PYTHON-CKAN-7786366: - - '*': - reason: >- - Remediation in progress. Issue tracked in github: - https://github.com/GSA/data.gov/issues/4854 - expires: 2024-09-30T16:20:58.017Z - SNYK-PYTHON-CKAN-7786367: - - '*': - reason: >- - Remediation in progress. Issue tracked in github: - https://github.com/GSA/data.gov/issues/4854 - expires: 2024-09-30T16:20:58.017Z - SNYK-PYTHON-CKAN-7786369: - - '*': - reason: >- - Remediation in progress. Issue tracked in github: - https://github.com/GSA/data.gov/issues/4854 - expires: 2024-09-30T16:20:58.017Z + expires: 2024-11-30T16:20:58.017Z patch: {} From 04abf6647343235910e7e22622561dfe9c8115b1 Mon Sep 17 00:00:00 2001 From: Fuhu Xia Date: Wed, 4 Sep 2024 16:35:55 -0400 Subject: [PATCH 39/39] freeze setuptools to 71 --- ckan/requirements.in | 2 +- ckan/requirements.txt | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ckan/requirements.in b/ckan/requirements.in index fa008a90..f685cb0b 100644 --- a/ckan/requirements.in +++ b/ckan/requirements.in @@ -135,4 +135,4 @@ numpy==1.26.4 certifi>=2024.7.4 # snyk finding -setuptools>=70.0.0 +setuptools~=71.0.3 diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 7e52d228..682bc28f 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -4,8 +4,8 @@ Babel==2.10.3 Beaker==1.11.0 bleach==5.0.1 blinker==1.5 -boto3==1.35.11 -botocore==1.35.11 +boto3==1.35.12 +botocore==1.35.12 certifi==2024.8.30 cffi==1.17.0 chardet==5.2.0 @@ -25,7 +25,7 @@ ckanext-saml2auth @ git+https://github.com/GSA/ckanext-saml2auth.git@387cfc1c6a7 -e git+https://github.com/GSA/ckanext-spatial.git@3d0a375fe98edc70a0d12efd2f4ac54f0e05b597#egg=ckanext_spatial ckantoolkit==0.0.7 click==8.1.3 -cryptography==43.0.0 +cryptography==43.0.1 defusedxml==0.7.1 dominate==2.7.0 elementpath==4.4.0 @@ -93,7 +93,7 @@ rfc3987==1.3.8 rq==1.11.0 s3transfer==0.10.2 sansjson==0.3.0 -setuptools==74.1.1 +setuptools==71.0.4 shapely==2.0.1 simplejson==3.18.0 six==1.16.0 @@ -105,7 +105,7 @@ typing_extensions==4.3.0 tzdata==2024.1 tzlocal==4.2 urllib3==2.2.2 -watchdog==5.0.1 +watchdog==5.0.2 webassets==2.0 webencodings==0.5.1 Werkzeug==2.0.3