From bfb2307197ccc8844f34d20bda2af617568f84e7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Sep 2022 01:42:55 +0000 Subject: [PATCH 01/17] Bump django-debug-toolbar from 3.6.0 to 3.7.0 Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/jazzband/django-debug-toolbar/releases) - [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/main/docs/changes.rst) - [Commits](https://github.com/jazzband/django-debug-toolbar/compare/3.6...3.7) --- updated-dependencies: - dependency-name: django-debug-toolbar dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements/local.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements/local.txt b/requirements/local.txt index abccdc18e..c6618a4de 100644 --- a/requirements/local.txt +++ b/requirements/local.txt @@ -15,6 +15,6 @@ pydocstyle==6.1.1 # Django # ------------------------------------------------------------------------------ -django-debug-toolbar==3.6.0 # https://github.com/jazzband/django-debug-toolbar +django-debug-toolbar==3.7.0 # https://github.com/jazzband/django-debug-toolbar django-extensions==3.2.1 # https://github.com/django-extensions/django-extensions pytest-django==4.5.2 # https://github.com/pytest-dev/pytest-django From d79f8c09dbc9188d19f28eb52cc7c5f6fb66391d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Sep 2022 01:14:53 +0000 Subject: [PATCH 02/17] Bump mypy from 0.971 to 0.981 Bumps [mypy](https://github.com/python/mypy) from 0.971 to 0.981. - [Release notes](https://github.com/python/mypy/releases) - [Commits](https://github.com/python/mypy/compare/v0.971...v0.981) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements/local.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements/local.txt b/requirements/local.txt index c6618a4de..3716c7d0d 100644 --- a/requirements/local.txt +++ b/requirements/local.txt @@ -3,7 +3,7 @@ # Testing # ------------------------------------------------------------------------------ -mypy==0.971 # https://github.com/python/mypy +mypy==0.981 # https://github.com/python/mypy pytest==7.1.3 # https://github.com/pytest-dev/pytest pytest-sugar==0.9.5 # https://github.com/Frozenball/pytest-sugar From fd2d612203c8354f4a87805f0ccc7abbd94e5b11 Mon Sep 17 00:00:00 2001 From: Jack Morgan Date: Tue, 27 Sep 2022 18:48:10 +1300 Subject: [PATCH 03/17] Delete command with duplicated command name --- .../programming/management/commands/update_data.py | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 codewof/programming/management/commands/update_data.py diff --git a/codewof/programming/management/commands/update_data.py b/codewof/programming/management/commands/update_data.py deleted file mode 100644 index 650ec7957..000000000 --- a/codewof/programming/management/commands/update_data.py +++ /dev/null @@ -1,13 +0,0 @@ -"""Module for the custom Django updatedata command.""" - -from django.core import management - - -class Command(management.base.BaseCommand): - """Required command class for the custom Django updatedata command.""" - - help = "Update all data from content folders for all applications" - - def handle(self, *args, **options): - """Automatically called when the updatedata command is given.""" - management.call_command("load_questions") From ab9a0b0ddc425ca28cc31376e5b38b7275aae993 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Sep 2022 01:22:24 +0000 Subject: [PATCH 04/17] Bump coverage from 6.4.4 to 6.5.0 Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.4 to 6.5.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.4.4...6.5.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements/local.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements/local.txt b/requirements/local.txt index 3716c7d0d..10f122cec 100644 --- a/requirements/local.txt +++ b/requirements/local.txt @@ -10,7 +10,7 @@ pytest-sugar==0.9.5 # https://github.com/Frozenball/pytest-sugar # Code quality # ------------------------------------------------------------------------------ # flake8 is installed as dependency in base.txt -coverage==6.4.4 # https://github.com/nedbat/coveragepy +coverage==6.5.0 # https://github.com/nedbat/coveragepy pydocstyle==6.1.1 # Django From b3f05c131900f4ca8870caf55a3ba0b8861e0a7a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Oct 2022 01:33:49 +0000 Subject: [PATCH 05/17] Bump postcss from 8.4.16 to 8.4.17 in /codewof Bumps [postcss](https://github.com/postcss/postcss) from 8.4.16 to 8.4.17. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.4.16...8.4.17) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- codewof/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codewof/package.json b/codewof/package.json index b29fd5ea2..ccf5a6ae3 100644 --- a/codewof/package.json +++ b/codewof/package.json @@ -30,7 +30,7 @@ "jquery": "3.6.1", "pixrem": "5.0.0", "popper.js": "1.16.1", - "postcss": "8.4.16", + "postcss": "8.4.17", "postcss-flexbugs-fixes": "5.0.2", "sass": "1.55.0", "skulpt": "0.11.1", From 83674dbdafa2409751b914c1d0a7fff55a2348be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Oct 2022 01:34:11 +0000 Subject: [PATCH 06/17] Bump yargs from 17.5.1 to 17.6.0 in /codewof Bumps [yargs](https://github.com/yargs/yargs) from 17.5.1 to 17.6.0. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs/compare/v17.5.1...v17.6.0) --- updated-dependencies: - dependency-name: yargs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- codewof/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codewof/package.json b/codewof/package.json index b29fd5ea2..09a408847 100644 --- a/codewof/package.json +++ b/codewof/package.json @@ -36,7 +36,7 @@ "skulpt": "0.11.1", "sortablejs": "1.15.0", "vinyl-buffer": "1.0.1", - "yargs": "17.5.1" + "yargs": "17.6.0" }, "engines": { "node": ">=8" From 2c7c5163227872deb990fa9b85eaaff97c506243 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Oct 2022 01:50:45 +0000 Subject: [PATCH 07/17] Bump dependabot/fetch-metadata from 1.3.3 to 1.3.4 Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1.3.3 to 1.3.4. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.3.3...v1.3.4) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-merge-dependency-updates.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/auto-merge-dependency-updates.yaml b/.github/workflows/auto-merge-dependency-updates.yaml index 53f271eaa..5451a5093 100644 --- a/.github/workflows/auto-merge-dependency-updates.yaml +++ b/.github/workflows/auto-merge-dependency-updates.yaml @@ -13,7 +13,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v1.3.3 + uses: dependabot/fetch-metadata@v1.3.4 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - name: Approve From beba9594c4181bc7cdea5fbe36dcd182a1fd036c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Oct 2022 01:50:59 +0000 Subject: [PATCH 08/17] Bump pytz from 2022.2.1 to 2022.4 Bumps [pytz](https://github.com/stub42/pytz) from 2022.2.1 to 2022.4. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/commits) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements/base.txt b/requirements/base.txt index a5e83b5f0..98d338ecd 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -35,7 +35,7 @@ flake8-quotes==3.3.1 pep8-naming==0.13.2 # Other -pytz==2022.2.1 +pytz==2022.4 python-dateutil==2.8.2 argon2-cffi==21.3.0 From 43aca95c38de592f352711ecd87d96a8809cd366 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Oct 2022 01:32:29 +0000 Subject: [PATCH 09/17] Bump mypy from 0.981 to 0.982 Bumps [mypy](https://github.com/python/mypy) from 0.981 to 0.982. - [Release notes](https://github.com/python/mypy/releases) - [Commits](https://github.com/python/mypy/compare/v0.981...v0.982) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements/local.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements/local.txt b/requirements/local.txt index 10f122cec..64f4ead57 100644 --- a/requirements/local.txt +++ b/requirements/local.txt @@ -3,7 +3,7 @@ # Testing # ------------------------------------------------------------------------------ -mypy==0.981 # https://github.com/python/mypy +mypy==0.982 # https://github.com/python/mypy pytest==7.1.3 # https://github.com/pytest-dev/pytest pytest-sugar==0.9.5 # https://github.com/Frozenball/pytest-sugar From 5c42167942a28a7aba7f8ed182ea762c9d375d46 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 7 Oct 2022 01:15:40 +0000 Subject: [PATCH 10/17] Bump psycopg2 from 2.9.3 to 2.9.4 Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.3 to 2.9.4. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements/base.txt b/requirements/base.txt index 98d338ecd..29abf4ad6 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -21,7 +21,7 @@ gunicorn==20.1.0 whitenoise==6.2.0 # Database APIs -psycopg2==2.9.3 +psycopg2==2.9.4 # Content loading verto==1.0.1 From e4b37f4ef758a72108473622a62caab45617f90c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 Oct 2022 01:03:04 +0000 Subject: [PATCH 11/17] Bump postcss from 8.4.17 to 8.4.18 in /codewof Bumps [postcss](https://github.com/postcss/postcss) from 8.4.17 to 8.4.18. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.4.17...8.4.18) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- codewof/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codewof/package.json b/codewof/package.json index 24b196fd7..ad684b579 100644 --- a/codewof/package.json +++ b/codewof/package.json @@ -30,7 +30,7 @@ "jquery": "3.6.1", "pixrem": "5.0.0", "popper.js": "1.16.1", - "postcss": "8.4.17", + "postcss": "8.4.18", "postcss-flexbugs-fixes": "5.0.2", "sass": "1.55.0", "skulpt": "0.11.1", From a95d584316a633f80fe503d7a5c9fcd309ca6584 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 Oct 2022 01:12:47 +0000 Subject: [PATCH 12/17] Bump docker/login-action from 2.0.0 to 2.1.0 Bumps [docker/login-action](https://github.com/docker/login-action) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/test-and-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-and-deploy.yaml b/.github/workflows/test-and-deploy.yaml index 12ff83c42..6a31f9e52 100644 --- a/.github/workflows/test-and-deploy.yaml +++ b/.github/workflows/test-and-deploy.yaml @@ -131,7 +131,7 @@ jobs: tar -xz --file artifacts/static-files/static-files.tar.gz --directory codewof/staticfiles - name: Log in to the Container registry - uses: docker/login-action@v2.0.0 + uses: docker/login-action@v2.1.0 with: registry: ghcr.io username: ${{ github.actor }} From ade5631757924e140e2ab0e159cbf5c2c8824a5f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 Oct 2022 01:12:50 +0000 Subject: [PATCH 13/17] Bump docker/build-push-action from 3.1.1 to 3.2.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.1 to 3.2.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3.1.1...v3.2.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/test-and-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-and-deploy.yaml b/.github/workflows/test-and-deploy.yaml index 12ff83c42..75aa68de9 100644 --- a/.github/workflows/test-and-deploy.yaml +++ b/.github/workflows/test-and-deploy.yaml @@ -147,7 +147,7 @@ jobs: type=ref,event=branch,priority=2 - name: Build and push Docker image - uses: docker/build-push-action@v3.1.1 + uses: docker/build-push-action@v3.2.0 with: file: ./infrastructure/production/django/Dockerfile context: . From 14114d81c72a8f70440e2803394330401d5e8a64 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 Oct 2022 01:13:03 +0000 Subject: [PATCH 14/17] Bump django-modeltranslation from 0.18.4 to 0.18.5 Bumps [django-modeltranslation](https://github.com/deschler/django-modeltranslation) from 0.18.4 to 0.18.5. - [Release notes](https://github.com/deschler/django-modeltranslation/releases) - [Changelog](https://github.com/deschler/django-modeltranslation/blob/master/CHANGELOG.md) - [Commits](https://github.com/deschler/django-modeltranslation/compare/v0.18.4...v0.18.5) --- updated-dependencies: - dependency-name: django-modeltranslation dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements/base.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements/base.txt b/requirements/base.txt index 29abf4ad6..4d432bb90 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -40,7 +40,7 @@ python-dateutil==2.8.2 argon2-cffi==21.3.0 # I18n -django-modeltranslation==0.18.4 +django-modeltranslation==0.18.5 # CORS django-cors-headers==3.13.0 From 5dd4ccf91471210eb67ec1aabdf6832887d4f024 Mon Sep 17 00:00:00 2001 From: Jack Morgan Date: Tue, 18 Oct 2022 10:21:19 +1300 Subject: [PATCH 15/17] Fix bug where JS is not constructed correctly A character sequence may escape JS template string and look for variables, causing the string to through an error. --- codewof/templates/programming/question.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codewof/templates/programming/question.html b/codewof/templates/programming/question.html index 9c75e2cdb..d080dc6b4 100644 --- a/codewof/templates/programming/question.html +++ b/codewof/templates/programming/question.html @@ -115,7 +115,7 @@

{{ question.title }}

{% if question.QUESTION_TYPE == QUESTION_TYPE_DEBUGGING %} var read_only_lines_top = {{ question.read_only_lines_top }}; var read_only_lines_bottom = {{ question.read_only_lines_bottom }}; - var initial_code = `{{ question.initial_code|escapejs }}`; + var initial_code = '{{ question.initial_code|escapejs }}'; {% endif %} From 683f57023139767d67e7f8cb24b513f6ac85b340 Mon Sep 17 00:00:00 2001 From: Jack Morgan Date: Tue, 18 Oct 2022 10:28:58 +1300 Subject: [PATCH 16/17] Increment version number --- codewof/config/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/codewof/config/__init__.py b/codewof/config/__init__.py index b3d6e3190..a0f1432c2 100644 --- a/codewof/config/__init__.py +++ b/codewof/config/__init__.py @@ -1,6 +1,6 @@ """Configuration for Django system.""" -__version__ = "5.0.0" +__version__ = "5.0.1" __version_info__ = tuple( [ int(num) if num.isdigit() else num From 7e31f22e4973748ec2666777551fe37c34d931c2 Mon Sep 17 00:00:00 2001 From: Jack Morgan Date: Tue, 18 Oct 2022 10:35:18 +1300 Subject: [PATCH 17/17] Update changelog --- CHANGELOG.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 57c47a4e6..c6c5c2f28 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,22 @@ # Changelog +## 5.0.1 + +- Fix bug where a sequence of code characters could stop the JavaScript file from parsing correctly. +- Delete management command with duplicated command name +- Dependency updates: + - Update dependabot/fetch-metadata from v1.3.3 to v1.3.4. + - Update docker/login-action from v2.0.0 to v2.1.0. + - Update docker/build-push-action from v3.1.1 to v3.2.0. + - Update postcss from 8.4.16 to 8.4.18. + - Update yargs from 17.5.1 to 17.6.0. + - Update psycopg2 from 2.9.3 to 2.9.4. + - Update pytz from 2022.2.1 to 2022.4. + - Update django-modeltranslation from 0.18.4 to 0.18.5. + - Update mypy from 0.971 to 0.982. + - Update coverage from 6.4.4 to 6.5.0. + - Update django-debug-toolbar from 3.6.0 to 3.7.0. + ## 5.0.0 - Add question recommendations to users.