mirror of
https://github.com/infiniflow/ragflow.git
synced 2025-12-08 20:42:30 +08:00
884fd83dc7e7d74f8e31ff45fb67de550b28708d
37 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
| 733219cc3f |
add support for Baidu yiyan (#2049)
### What problem does this PR solve? add support for Baidu yiyan ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Zhedong Cen <cenzhedong2@126.com> |
|||
| 6f438e0a49 |
add support for Tencent Hunyuan (#2015)
### What problem does this PR solve? #1853 ### Type of change - [X] New Feature (non-breaking change which adds functionality) Co-authored-by: Zhedong Cen <cenzhedong2@126.com> |
|||
| 79426fc41f |
add support for Replicate (#1980)
### What problem does this PR solve? #1853 add support for Replicate ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Zhedong Cen <cenzhedong2@126.com> |
|||
| 644f68de97 |
Add component ExeSQL (#1966)
### What problem does this PR solve? #1965 ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> |
|||
| ce587cba56 |
Add GitHub, deepl, baidu-fanyi (#1857)
### What problem does this PR solve? #1739 ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> |
|||
| c7d00c2272 |
remove jina pack in requirement file to fix package conflict (#1867)
### What problem does this PR solve? #1824 #1822 remove jina pack in requirement file to fix package conflict ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) Co-authored-by: Zhedong Cen <cenzhedong2@126.com> |
|||
| e34817c2a9 |
add support for cohere (#1849)
### What problem does this PR solve? _Briefly describe what this PR aims to solve. Include background context that will help reviewers understand the purpose of the PR._ ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Zhedong Cen <cenzhedong2@126.com> |
|||
| 5d55e6a049 |
Add component google scholar (#1790)
### What problem does this PR solve? #1739 ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| 50e9df4c76 |
fix jina module not find bug (#1770)
### What problem does this PR solve? fix jina module not find bug ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) Co-authored-by: Zhedong Cen <cenzhedong2@126.com> |
|||
| 6012f376ca |
Add component google,Bing (#1737)
### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> |
|||
| 100b3165d8 |
pypdf2 to pypdf (#1684)
### What problem does this PR solve? pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character #59 ### Type of change - [x] Refactoring |
|||
| 71f2ba1452 |
build(deps): bump werkzeug from 3.0.1 to 3.0.3 (#1669)
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.1 to 3.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/werkzeug/releases">werkzeug's releases</a>.</em></p> <blockquote> <h2>3.0.3</h2> <p>This is the Werkzeug 3.0.3 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.</p> <p>PyPI: <a href="https://pypi.org/project/Werkzeug/3.0.3/">https://pypi.org/project/Werkzeug/3.0.3/</a> Changes: <a href="https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3">https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3</a> Milestone: <a href="https://github.com/pallets/werkzeug/milestone/35?closed=1">https://github.com/pallets/werkzeug/milestone/35?closed=1</a></p> <ul> <li>Only allow <code>localhost</code>, <code>.localhost</code>, <code>127.0.0.1</code>, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. GHSA-2g68-c3qc-8985</li> <li>Make reloader more robust when <code>""</code> is in <code>sys.path</code>. <a href="https://redirect.github.com/pallets/werkzeug/issues/2823">#2823</a></li> <li>Better TLS cert format with <code>adhoc</code> dev certs. <a href="https://redirect.github.com/pallets/werkzeug/issues/2891">#2891</a></li> <li>Inform Python < 3.12 how to handle <code>itms-services</code> URIs correctly, rather than using an overly-broad workaround in Werkzeug that caused some redirect URIs to be passed on without encoding. <a href="https://redirect.github.com/pallets/werkzeug/issues/2828">#2828</a></li> <li>Type annotation for <code>Rule.endpoint</code> and other uses of <code>endpoint</code> is <code>Any</code>. <a href="https://redirect.github.com/pallets/werkzeug/issues/2836">#2836</a></li> </ul> <h2>3.0.2</h2> <p>This is a fix release for the 3.0.x feature branch.</p> <ul> <li>Changes: <a href="https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-2">https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-2</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/werkzeug/blob/main/CHANGES.rst">werkzeug's changelog</a>.</em></p> <blockquote> <h2>Version 3.0.3</h2> <p>Released 2024-05-05</p> <ul> <li> <p>Only allow <code>localhost</code>, <code>.localhost</code>, <code>127.0.0.1</code>, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. :ghsa:<code>2g68-c3qc-8985</code></p> </li> <li> <p>Make reloader more robust when <code>""</code> is in <code>sys.path</code>. :pr:<code>2823</code></p> </li> <li> <p>Better TLS cert format with <code>adhoc</code> dev certs. :pr:<code>2891</code></p> </li> <li> <p>Inform Python < 3.12 how to handle <code>itms-services</code> URIs correctly, rather than using an overly-broad workaround in Werkzeug that caused some redirect URIs to be passed on without encoding. :issue:<code>2828</code></p> </li> <li> <p>Type annotation for <code>Rule.endpoint</code> and other uses of <code>endpoint</code> is <code>Any</code>. :issue:<code>2836</code></p> </li> <li> <p>Make reloader more robust when <code>""</code> is in <code>sys.path</code>. :pr:<code>2823</code></p> </li> </ul> <h2>Version 3.0.2</h2> <p>Released 2024-04-01</p> <ul> <li>Ensure setting <code>merge_slashes</code> to <code>False</code> results in <code>NotFound</code> for repeated-slash requests against single slash routes. :issue:<code>2834</code></li> <li>Fix handling of <code>TypeError</code> in <code>TypeConversionDict.get()</code> to match <code>ValueError</code>. :issue:<code>2843</code></li> <li>Fix <code>response_wrapper</code> type check in test client. :issue:<code>2831</code></li> <li>Make the return type of <code>MultiPartParser.parse</code> more precise. :issue:<code>2840</code></li> <li>Raise an error if converter arguments cannot be parsed. :issue:<code>2822</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 1ec84a589e |
build(deps): bump aiohttp from 3.9.3 to 3.9.4 (#1670)
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.3 to 3.9.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.9.4</h2> <h2>Bug fixes</h2> <ul> <li> <p>The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:<code>webknjaz</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8089">#8089</a>.</p> </li> <li> <p>Treated values of <code>Accept-Encoding</code> header as case-insensitive when checking for gzip files -- by :user:<code>steverep</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8104">#8104</a>.</p> </li> <li> <p>Improved the DNS resolution performance on cache hit -- by :user:<code>bdraco</code>.</p> <p>This is achieved by avoiding an :mod:<code>asyncio</code> task creation in this case.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8163">#8163</a>.</p> </li> <li> <p>Changed the type annotations to allow <code>dict</code> on :meth:<code>aiohttp.MultipartWriter.append</code>, :meth:<code>aiohttp.MultipartWriter.append_json</code> and :meth:<code>aiohttp.MultipartWriter.append_form</code> -- by :user:<code>cakemanny</code></p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7741">#7741</a>.</p> </li> <li> <p>Ensure websocket transport is closed when client does not close it -- by :user:<code>bdraco</code>.</p> <p>The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.9.4 (2024-04-11)</h1> <h2>Bug fixes</h2> <ul> <li> <p>The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:<code>webknjaz</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8089</code>.</p> </li> <li> <p>Treated values of <code>Accept-Encoding</code> header as case-insensitive when checking for gzip files -- by :user:<code>steverep</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8104</code>.</p> </li> <li> <p>Improved the DNS resolution performance on cache hit -- by :user:<code>bdraco</code>.</p> <p>This is achieved by avoiding an :mod:<code>asyncio</code> task creation in this case.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8163</code>.</p> </li> <li> <p>Changed the type annotations to allow <code>dict</code> on :meth:<code>aiohttp.MultipartWriter.append</code>, :meth:<code>aiohttp.MultipartWriter.append_json</code> and :meth:<code>aiohttp.MultipartWriter.append_form</code> -- by :user:<code>cakemanny</code></p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>7741</code>.</p> </li> <li> <p>Ensure websocket transport is closed when client does not close it -- by :user:<code>bdraco</code>.</p> <p>The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| eb40377700 |
build(deps): bump scikit-learn from 1.4.1.post1 to 1.5.0 (#1671)
Bumps [scikit-learn](https://github.com/scikit-learn/scikit-learn) from 1.4.1.post1 to 1.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/scikit-learn/scikit-learn/releases">scikit-learn's releases</a>.</em></p> <blockquote> <h2>Scikit-learn 1.5.0</h2> <p>We're happy to announce the 1.5.0 release.</p> <p>You can read the release highlights under <a href="https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html">https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html</a> and the long version of the change log under <a href="https://scikit-learn.org/stable/whats_new/v1.5.html">https://scikit-learn.org/stable/whats_new/v1.5.html</a></p> <p>This version supports Python versions 3.9 to 3.12.</p> <p>You can upgrade with pip as usual:</p> <pre><code>pip install -U scikit-learn </code></pre> <p>The conda-forge builds can be installed using:</p> <pre><code>conda install -c conda-forge scikit-learn </code></pre> <h2>Scikit-learn 1.4.2</h2> <p>We're happy to announce the 1.4.2 release.</p> <p>This release only includes support for numpy 2.</p> <p>This version supports Python versions 3.9 to 3.12.</p> <p>You can upgrade with pip as usual:</p> <pre><code>pip install -U scikit-learn </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| bbf9d6d786 |
build(deps): bump urllib3 from 2.2.1 to 2.2.2 (#1672)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.1 to 2.2.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.2.2</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li> <li>Allowed passing negative integers as <code>amt</code> to read methods of <code>http.client.HTTPResponse</code> as an alternative to <code>None</code>. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3122">#3122</a>)</li> <li>Fixed return types representing copying actions to use <code>typing.Self</code>. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3363">#3363</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2">https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.2.2 (2024-06-17)</h1> <ul> <li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li> <li>Allowed passing negative integers as <code>amt</code> to read methods of <code>http.client.HTTPResponse</code> as an alternative to <code>None</code>. (<code>[#3122](https://github.com/urllib3/urllib3/issues/3122) <https://github.com/urllib3/urllib3/issues/3122></code>__)</li> <li>Fixed return types representing copying actions to use <code>typing.Self</code>. (<code>[#3363](https://github.com/urllib3/urllib3/issues/3363) <https://github.com/urllib3/urllib3/issues/3363></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 8c2b91d3db |
build(deps): bump requests from 2.31.0 to 2.32.2 (#1673)
Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.32.2</h2> <h2>2.32.2 (2024-05-21)</h2> <p><strong>Deprecations</strong></p> <ul> <li> <p>To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed <code>_get_connection</code> to a new public API, <code>get_connection_with_tls_context</code>. Existing custom HTTPAdapters will need to migrate their code to use this new API. <code>get_connection</code> is considered deprecated in all versions of Requests>=2.32.0.</p> <p>A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (<a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a>)</p> </li> </ul> <h2>v2.32.1</h2> <h2>2.32.1 (2024-05-20)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Add missing test certs to the sdist distributed on PyPI.</li> </ul> <h2>v2.32.0</h2> <h2>2.32.0 (2024-05-20)</h2> <h2>🐍 PYCON US 2024 EDITION 🐍</h2> <p><strong>Security</strong></p> <ul> <li>Fixed an issue where setting <code>verify=False</code> on the first request from a Session will cause subsequent requests to the <em>same origin</em> to also ignore cert verification, regardless of the value of <code>verify</code>. (<a href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li> </ul> <p><strong>Improvements</strong></p> <ul> <li><code>verify=True</code> now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li>Requests now supports optional use of character detection (<code>chardet</code> or <code>charset_normalizer</code>) when repackaged or vendored. This enables <code>pip</code> and other projects to minimize their vendoring surface area. The <code>Response.text()</code> and <code>apparent_encoding</code> APIs will default to <code>utf-8</code> if neither library is present. (<a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (<a href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li> <li>Fixed deserialization bug in JSONDecodeError. (<a href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li> <li>Fixed bug where an extra leading <code>/</code> (path separator) could lead urllib3 to unnecessarily reparse the request URI. (<a href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.32.2 (2024-05-21)</h2> <p><strong>Deprecations</strong></p> <ul> <li> <p>To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed <code>_get_connection</code> to a new public API, <code>get_connection_with_tls_context</code>. Existing custom HTTPAdapters will need to migrate their code to use this new API. <code>get_connection</code> is considered deprecated in all versions of Requests>=2.32.0.</p> <p>A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (<a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a>)</p> </li> </ul> <h2>2.32.1 (2024-05-20)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Add missing test certs to the sdist distributed on PyPI.</li> </ul> <h2>2.32.0 (2024-05-20)</h2> <p><strong>Security</strong></p> <ul> <li>Fixed an issue where setting <code>verify=False</code> on the first request from a Session will cause subsequent requests to the <em>same origin</em> to also ignore cert verification, regardless of the value of <code>verify</code>. (<a href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li> </ul> <p><strong>Improvements</strong></p> <ul> <li><code>verify=True</code> now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li>Requests now supports optional use of character detection (<code>chardet</code> or <code>charset_normalizer</code>) when repackaged or vendored. This enables <code>pip</code> and other projects to minimize their vendoring surface area. The <code>Response.text()</code> and <code>apparent_encoding</code> APIs will default to <code>utf-8</code> if neither library is present. (<a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (<a href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li> <li>Fixed deserialization bug in JSONDecodeError. (<a href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li> <li>Fixed bug where an extra leading <code>/</code> (path separator) could lead urllib3 to unnecessarily reparse the request URI. (<a href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li> </ul> <p><strong>Deprecations</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 55028b2db7 |
build(deps): bump jinja2 from 3.1.3 to 3.1.4 (#1674)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/releases">jinja2's releases</a>.</em></p> <blockquote> <h2>3.1.4</h2> <p>This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.</p> <p>PyPI: <a href="https://pypi.org/project/Jinja2/3.1.4/">https://pypi.org/project/Jinja2/3.1.4/</a> Changes: <a href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4</a></p> <ul> <li>The <code>xmlattr</code> filter does not allow keys with <code>/</code> solidus, <code>></code> greater-than sign, or <code>=</code> equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/blob/main/CHANGES.rst">jinja2's changelog</a>.</em></p> <blockquote> <h2>Version 3.1.4</h2> <p>Released 2024-05-05</p> <ul> <li>The <code>xmlattr</code> filter does not allow keys with <code>/</code> solidus, <code>></code> greater-than sign, or <code>=</code> equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:<code>h75v-3vvj-5mfj</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| daf86dbf74 |
build(deps): bump flask-cors from 4.0.0 to 4.0.1 (#1675)
Bumps [flask-cors](https://github.com/corydolphin/flask-cors) from 4.0.0 to 4.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/corydolphin/flask-cors/releases">flask-cors's releases</a>.</em></p> <blockquote> <h2>4.0.1</h2> <h2>What's Changed</h2> <ul> <li>Fix Read the Docs builds by <a href="https://github.com/kurtmckee"><code>@kurtmckee</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/345">corydolphin/flask-cors#345</a></li> <li>Update extension.py to clean request.path before logging it by <a href="https://github.com/aneshujevic"><code>@aneshujevic</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/351">corydolphin/flask-cors#351</a></li> <li>Update CI to include Python 3.12 and flask 3.0.3 by <a href="https://github.com/corydolphin"><code>@corydolphin</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/354">corydolphin/flask-cors#354</a></li> <li>Release 4.0.1 by <a href="https://github.com/corydolphin"><code>@corydolphin</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/353">corydolphin/flask-cors#353</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kurtmckee"><code>@kurtmckee</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/345">corydolphin/flask-cors#345</a></li> <li><a href="https://github.com/aneshujevic"><code>@aneshujevic</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/351">corydolphin/flask-cors#351</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corydolphin/flask-cors/compare/4.0.0...4.0.1">https://github.com/corydolphin/flask-cors/compare/4.0.0...4.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md">flask-cors's changelog</a>.</em></p> <blockquote> <h2>4.0.1</h2> <h3>Security</h3> <ul> <li>Address <a href="https://github.com/advisories/GHSA-84pr-m4jr-85g5">CVE-2024-1681</a> which is a log injection vulnerability when the log level is set to debug by <a href="https://github.com/aneshujevic"><code>@aneshujevic</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/351">corydolphin/flask-cors#351</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| b2ef6a05a1 |
build(deps): bump idna from 3.6 to 3.7 (#1676)
Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p> <blockquote> <h2>v3.7</h2> <h2>What's Changed</h2> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p> <blockquote> <p>3.7 (2024-04-11) ++++++++++++++++</p> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 6bc3a2d58a |
build(deps): bump pillow from 10.2.0 to 10.3.0 (#1677)
Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.2.0 to 10.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python-pillow/Pillow/releases">pillow's releases</a>.</em></p> <blockquote> <h2>10.3.0</h2> <p><a href="https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html">https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html</a></p> <h2>Changes</h2> <ul> <li>CVE-2024-28219: Use strncpy to avoid buffer overflow <a href="https://redirect.github.com/python-pillow/Pillow/issues/7928">#7928</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> <li>Use <code>functools.lru_cache</code> for <code>hopper()</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/7912">#7912</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> <li>Raise ValueError if seeking to greater than offset-sized integer in TIFF <a href="https://redirect.github.com/python-pillow/Pillow/issues/7883">#7883</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Improve speed of loading QOI images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7925">#7925</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Added RGB to I;16N conversion <a href="https://redirect.github.com/python-pillow/Pillow/issues/7920">#7920</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Add --report argument to <strong>main</strong>.py to omit supported formats <a href="https://redirect.github.com/python-pillow/Pillow/issues/7818">#7818</a> [<a href="https://github.com/nulano"><code>@nulano</code></a>]</li> <li>Added RGB to I;16, I;16L and I;16B conversion <a href="https://redirect.github.com/python-pillow/Pillow/issues/7918">#7918</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fix editable installation with custom build backend and configuration options <a href="https://redirect.github.com/python-pillow/Pillow/issues/7658">#7658</a> [<a href="https://github.com/nulano"><code>@nulano</code></a>]</li> <li>Fix putdata() for I;16N on big-endian <a href="https://redirect.github.com/python-pillow/Pillow/issues/7209">#7209</a> [<a href="https://github.com/Yay295"><code>@Yay295</code></a>]</li> <li>Determine MPO size from markers, not EXIF data <a href="https://redirect.github.com/python-pillow/Pillow/issues/7884">#7884</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Improved conversion from RGB to RGBa, LA and La <a href="https://redirect.github.com/python-pillow/Pillow/issues/7888">#7888</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Support FITS images with GZIP_1 compression <a href="https://redirect.github.com/python-pillow/Pillow/issues/7894">#7894</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use I;16 mode for 9-bit JPEG 2000 images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7900">#7900</a> [<a href="https://github.com/scaramallion"><code>@scaramallion</code></a>]</li> <li>Raise ValueError if kmeans is negative <a href="https://redirect.github.com/python-pillow/Pillow/issues/7891">#7891</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Remove TIFF tag OSUBFILETYPE when saving using libtiff <a href="https://redirect.github.com/python-pillow/Pillow/issues/7893">#7893</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Raise ValueError for negative values when loading P1-P3 PPM images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7882">#7882</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Added reading of JPEG2000 palettes <a href="https://redirect.github.com/python-pillow/Pillow/issues/7870">#7870</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Added alpha_quality argument when saving WebP images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7872">#7872</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions <a href="https://redirect.github.com/python-pillow/Pillow/issues/7881">#7881</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Removed Python and NumPy pinning on Cygwin <a href="https://redirect.github.com/python-pillow/Pillow/issues/7880">#7880</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Update UnidentifiedImageError and <strong>version</strong> imports <a href="https://redirect.github.com/python-pillow/Pillow/issues/7644">#7644</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Stop reading EPS image at EOF marker <a href="https://redirect.github.com/python-pillow/Pillow/issues/7753">#7753</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>PSD layer co-ordinates may be negative <a href="https://redirect.github.com/python-pillow/Pillow/issues/7706">#7706</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer <a href="https://redirect.github.com/python-pillow/Pillow/issues/7791">#7791</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>When saving GIF frame that restores to background color, do not fill identical pixels <a href="https://redirect.github.com/python-pillow/Pillow/issues/7788">#7788</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fixed reading PNG iCCP compression method <a href="https://redirect.github.com/python-pillow/Pillow/issues/7823">#7823</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Allow writing IFDRational to UNDEFINED tag <a href="https://redirect.github.com/python-pillow/Pillow/issues/7840">#7840</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fix logged tag name when loading Exif data <a href="https://redirect.github.com/python-pillow/Pillow/issues/7842">#7842</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use maximum frame size in IHDR chunk when saving APNG images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7821">#7821</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Prevent opening P TGA images without a palette <a href="https://redirect.github.com/python-pillow/Pillow/issues/7797">#7797</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use palette when loading ICO images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7798">#7798</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use consistent arguments for load_read and load_seek <a href="https://redirect.github.com/python-pillow/Pillow/issues/7713">#7713</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Turn off nullability warnings for macOS SDK <a href="https://redirect.github.com/python-pillow/Pillow/issues/7827">#7827</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fix shift-sign issue in Convert.c <a href="https://redirect.github.com/python-pillow/Pillow/issues/7838">#7838</a> [<a href="https://github.com/r-barnes"><code>@r-barnes</code></a>]</li> <li>winbuild: Refactor dependency versions into constants <a href="https://redirect.github.com/python-pillow/Pillow/issues/7843">#7843</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> <li>Build macOS arm64 wheels natively <a href="https://redirect.github.com/python-pillow/Pillow/issues/7852">#7852</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fixed typo <a href="https://redirect.github.com/python-pillow/Pillow/issues/7855">#7855</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Open 16-bit grayscale PNGs as I;16 <a href="https://redirect.github.com/python-pillow/Pillow/issues/7849">#7849</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Handle truncated chunks at the end of PNG images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7709">#7709</a> [<a href="https://github.com/lajiyuan"><code>@lajiyuan</code></a>]</li> <li>Match mask size to pasted image size in GifImagePlugin <a href="https://redirect.github.com/python-pillow/Pillow/issues/7779">#7779</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Changed SupportsGetMesh protocol to be public <a href="https://redirect.github.com/python-pillow/Pillow/issues/7841">#7841</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Release GIL while calling <code>WebPAnimDecoderGetNext</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/7782">#7782</a> [<a href="https://github.com/evanmiller"><code>@evanmiller</code></a>]</li> <li>Fixed reading FLI/FLC images with a prefix chunk <a href="https://redirect.github.com/python-pillow/Pillow/issues/7804">#7804</a> [<a href="https://github.com/twolife"><code>@twolife</code></a>]</li> <li>Updated package name for Tidelift <a href="https://redirect.github.com/python-pillow/Pillow/issues/7810">#7810</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Removed unused code <a href="https://redirect.github.com/python-pillow/Pillow/issues/7744">#7744</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst">pillow's changelog</a>.</em></p> <blockquote> <h2>10.3.0 (2024-04-01)</h2> <ul> <li> <p>CVE-2024-28219: Use <code>strncpy</code> to avoid buffer overflow <a href="https://redirect.github.com/python-pillow/Pillow/issues/7928">#7928</a> [radarhere, hugovk]</p> </li> <li> <p>Deprecate <code>eval()</code>, replacing it with <code>lambda_eval()</code> and <code>unsafe_eval()</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/7927">#7927</a> [radarhere, hugovk]</p> </li> <li> <p>Raise <code>ValueError</code> if seeking to greater than offset-sized integer in TIFF <a href="https://redirect.github.com/python-pillow/Pillow/issues/7883">#7883</a> [radarhere]</p> </li> <li> <p>Add <code>--report</code> argument to <code>__main__.py</code> to omit supported formats <a href="https://redirect.github.com/python-pillow/Pillow/issues/7818">#7818</a> [nulano, radarhere, hugovk]</p> </li> <li> <p>Added RGB to I;16, I;16L, I;16B and I;16N conversion <a href="https://redirect.github.com/python-pillow/Pillow/issues/7918">#7918</a>, <a href="https://redirect.github.com/python-pillow/Pillow/issues/7920">#7920</a> [radarhere]</p> </li> <li> <p>Fix editable installation with custom build backend and configuration options <a href="https://redirect.github.com/python-pillow/Pillow/issues/7658">#7658</a> [nulano, radarhere]</p> </li> <li> <p>Fix putdata() for I;16N on big-endian <a href="https://redirect.github.com/python-pillow/Pillow/issues/7209">#7209</a> [Yay295, hugovk, radarhere]</p> </li> <li> <p>Determine MPO size from markers, not EXIF data <a href="https://redirect.github.com/python-pillow/Pillow/issues/7884">#7884</a> [radarhere]</p> </li> <li> <p>Improved conversion from RGB to RGBa, LA and La <a href="https://redirect.github.com/python-pillow/Pillow/issues/7888">#7888</a> [radarhere]</p> </li> <li> <p>Support FITS images with GZIP_1 compression <a href="https://redirect.github.com/python-pillow/Pillow/issues/7894">#7894</a> [radarhere]</p> </li> <li> <p>Use I;16 mode for 9-bit JPEG 2000 images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7900">#7900</a> [scaramallion, radarhere]</p> </li> <li> <p>Raise ValueError if kmeans is negative <a href="https://redirect.github.com/python-pillow/Pillow/issues/7891">#7891</a> [radarhere]</p> </li> <li> <p>Remove TIFF tag OSUBFILETYPE when saving using libtiff <a href="https://redirect.github.com/python-pillow/Pillow/issues/7893">#7893</a> [radarhere]</p> </li> <li> <p>Raise ValueError for negative values when loading P1-P3 PPM images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7882">#7882</a> [radarhere]</p> </li> <li> <p>Added reading of JPEG2000 palettes <a href="https://redirect.github.com/python-pillow/Pillow/issues/7870">#7870</a> [radarhere]</p> </li> <li> <p>Added alpha_quality argument when saving WebP images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7872">#7872</a> [radarhere]</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| d69f4ec829 |
build(deps): bump certifi from 2024.2.2 to 2024.7.4 (#1680)
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.2.2 to 2024.7.4. <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| ef45526700 |
build(deps): bump tqdm from 4.66.2 to 4.66.3 (#1681)
Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.66.2 to 4.66.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tqdm/tqdm/releases">tqdm's releases</a>.</em></p> <blockquote> <h2>tqdm v4.66.3 stable</h2> <ul> <li><code>cli</code>: <code>eval</code> safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 79034bd194 |
build(deps): bump pymysql from 1.1.0 to 1.1.1 (#1664)
Bumps [pymysql](https://github.com/PyMySQL/PyMySQL) from 1.1.0 to 1.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/PyMySQL/PyMySQL/releases">pymysql's releases</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <blockquote> <p>[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.</p> <p>If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.</p> </blockquote> <h2>What's Changed</h2> <ul> <li>Prohibit dict parameter for <code>Cursor.execute()</code>. It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)</li> <li>Added ssl_key_password param by <a href="https://github.com/svaskov"><code>@svaskov</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1145">PyMySQL/PyMySQL#1145</a></li> </ul> <h2>Merged PRs</h2> <ul> <li>Add support for Python 3.12 by <a href="https://github.com/hugovk"><code>@hugovk</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1134">PyMySQL/PyMySQL#1134</a></li> <li>chore(deps): update actions/checkout action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1136">PyMySQL/PyMySQL#1136</a></li> <li>Update codecov/codecov-action action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1137">PyMySQL/PyMySQL#1137</a></li> <li>ci: use codecov@v3 by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1142">PyMySQL/PyMySQL#1142</a></li> <li>chore(deps): update dessant/lock-threads action to v5 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1141">PyMySQL/PyMySQL#1141</a></li> <li>doc: use rtd theme by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1143">PyMySQL/PyMySQL#1143</a></li> <li>use Ruff as formatter by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1144">PyMySQL/PyMySQL#1144</a></li> <li>chore(deps): update dependency sphinx-rtd-theme to v2 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1147">PyMySQL/PyMySQL#1147</a></li> <li>chore(deps): update actions/setup-python action to v5 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1152">PyMySQL/PyMySQL#1152</a></li> <li>chore(deps): update github/codeql-action action to v3 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1154">PyMySQL/PyMySQL#1154</a></li> <li>chore(deps): update codecov/codecov-action action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1158">PyMySQL/PyMySQL#1158</a></li> <li>Support error packet without sqlstate by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1160">PyMySQL/PyMySQL#1160</a></li> <li>test json - mariadb without JSON type by <a href="https://github.com/grooverdan"><code>@grooverdan</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1165">PyMySQL/PyMySQL#1165</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hugovk"><code>@hugovk</code></a> made their first contribution in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1134">PyMySQL/PyMySQL#1134</a></li> <li><a href="https://github.com/svaskov"><code>@svaskov</code></a> made their first contribution in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1145">PyMySQL/PyMySQL#1145</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1">https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyMySQL/PyMySQL/blob/main/CHANGELOG.md">pymysql's changelog</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <p>Release date: 2024-05-21</p> <blockquote> <p>[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.</p> <p>If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.</p> </blockquote> <ul> <li>Prohibit dict parameter for <code>Cursor.execute()</code>. It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)</li> <li>Added ssl_key_password param. <a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1145">#1145</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 4da3ee400b |
Add component arxiv (#1587)
### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| f8602b5286 |
Add component pubmed (#1586)
### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| 258a10fb74 |
Add component Wikipedia (#1513)
### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| ddeac9ab3d |
added SVG for Groq model model providers (#1470)
#1432 #1447 This PR adds support for the GROQ LLM (Large Language Model). Groq is an AI solutions company delivering ultra-low latency inference with the first-ever LPU™ Inference Engine. The Groq API enables developers to integrate state-of-the-art LLMs, such as Llama-2 and llama3-70b-8192, into low latency applications with the request limits specified below. Learn more at [groq.com](https://groq.com/). Supported Models | ID | Requests per Minute | Requests per Day | Tokens per Minute | |----------------------|---------------------|------------------|-------------------| | gemma-7b-it | 30 | 14,400 | 15,000 | | gemma2-9b-it | 30 | 14,400 | 15,000 | | llama3-70b-8192 | 30 | 14,400 | 6,000 | | llama3-8b-8192 | 30 | 14,400 | 30,000 | | mixtral-8x7b-32768 | 30 | 14,400 | 5,000 | --------- Co-authored-by: paresh0628 <paresh.tuvoc@gmail.com> Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> |
|||
| 3e9f444e6b |
add support for Gemini (#1465)
### What problem does this PR solve? #1036 ### Type of change - [x] New Feature (non-breaking change which adds functionality) Co-authored-by: Zhedong Cen <cenzhedong2@126.com> |
|||
| 6144a109ab |
Add Support for AWS Bedrock (#1408)
### What problem does this PR solve? #308 ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: KevinHuSh <kevinhu.sh@gmail.com> |
|||
| f4674ae9d0 |
add Duckduckgo pkg (#1392)
### What problem does this PR solve? #918 ### Type of change - [x] Documentation Update |
|||
| b75bb1d8d3 |
Support displaying tables in the chunks of pdf file when using QA parser (#1263)
### What problem does this PR solve? Support displaying tables in the chunks of pdf file when using QA parser ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| 747e69ef68 |
Fix Docker image building failure on MacOS (ARM architecture) (#1177)
### What problem does this PR solve? #1164 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) |
|||
| 90975460af |
Add pdf support for QA parser (#1155)
### What problem does this PR solve? Support extracting questions and answers from PDF files ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| b6980d8a16 |
add version to package volcengine (#1062)
### What problem does this PR solve? #992 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) |
|||
| 8dd45459be |
Add support for HTML file (#973)
### What problem does this PR solve? Add support for HTML file ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| 5041677f11 |
Add umap-learn, fasttext and volcengine in requirements_arm.txt (#945)
### What problem does this PR solve? Complete the requirements for ARM ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
|||
| 571aaaff22 |
Add Dockerfile and requirements.txt for arm (#936)
### What problem does this PR solve? #253 ### Type of change - [x] New Feature (non-breaking change which adds functionality) |
