From b2534fdf32e554b4624a54a6ac0cf30272ba78d9 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Thu, 11 May 2023 17:20:45 -0300 Subject: [PATCH 1/5] chore: Update requirements.txt for Django 3.1 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 1804a737c..e0fe30473 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,7 +9,7 @@ celery>=5.2.6 coverage>=4.5.4,<5.0 # Coverage 5.x moves from a json database to SQLite. Moving to 5.x will require substantial rewrites in ietf.utils.test_runner and ietf.release.views decorator>=5.1.1 defusedxml>=0.7.1 # for TastyPie when using xml; not a declared dependency -Django<3.1 +Django<3.2 django-analytical>=3.1.0 django-bootstrap5>=21.3 django-celery-beat>=2.3.0 From c4f99d0b1d3b59f46413be9fa126bf0ed95370db Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Fri, 12 May 2023 10:49:58 -0300 Subject: [PATCH 2/5] chore: Update django-stubs and mypy requirements for Django 3.1 --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index e0fe30473..cfabe0ebe 100644 --- a/requirements.txt +++ b/requirements.txt @@ -21,7 +21,7 @@ django-oidc-provider>=0.7,<0.8 # 0.8 dropped Django 2 support django-password-strength>=1.2.1 django-referrer-policy>=1.0 django-simple-history>=3.0.0 -django-stubs==1.6.0 # The django-stubs version used determines the the mypy version indicated below +django-stubs==1.8.0 # The django-stubs version used determines the the mypy version indicated below django-tastypie==0.14.3 # Version must be locked in sync with version of Django django-vite>=2.0.2 django-webtest>=1.9.10 # Only used in tests @@ -41,7 +41,7 @@ logging_tree>=1.9 # Used only by the showloggers management command lxml>=4.8.0,<5 markdown>=3.3.6 mock>=4.0.3 # Used only by tests, of course -mypy>=0.782,<0.790 # Version requirements determined by django-stubs. +mypy==0.812 # Version requirements determined by django-stubs. oic>=1.3 # Used only by tests Pillow>=9.1.0 psycopg2<2.9 From ccb7d666ce0c1d70dbbcad6a148b5437bbf951b4 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Fri, 12 May 2023 10:50:27 -0300 Subject: [PATCH 3/5] chore: Remove add-django-http-cookie-value-none.patch Fixed upstream --- ietf/settings.py | 1 - patch/add-django-http-cookie-value-none.patch | 13 ------------- 2 files changed, 14 deletions(-) delete mode 100644 patch/add-django-http-cookie-value-none.patch diff --git a/ietf/settings.py b/ietf/settings.py index c08918c7e..0aca062b7 100644 --- a/ietf/settings.py +++ b/ietf/settings.py @@ -1120,7 +1120,6 @@ CHECKS_LIBRARY_PATCHES_TO_APPLY = [ 'patch/fix-oidc-access-token-post.patch', 'patch/fix-jwkest-jwt-logging.patch', 'patch/fix-django-password-strength-kwargs.patch', - 'patch/add-django-http-cookie-value-none.patch', 'patch/django-cookie-delete-with-all-settings.patch', 'patch/tastypie-django22-fielderror-response.patch', ] diff --git a/patch/add-django-http-cookie-value-none.patch b/patch/add-django-http-cookie-value-none.patch deleted file mode 100644 index 54d0f74d9..000000000 --- a/patch/add-django-http-cookie-value-none.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- django/http/response.py.orig 2020-07-08 14:34:42.776562458 +0200 -+++ django/http/response.py 2020-07-08 14:35:56.454687322 +0200 -@@ -196,8 +196,8 @@ - if httponly: - self.cookies[key]['httponly'] = True - if samesite: -- if samesite.lower() not in ('lax', 'strict'): -- raise ValueError('samesite must be "lax" or "strict".') -+ if samesite.lower() not in ('lax', 'strict', 'none'): -+ raise ValueError('samesite must be "lax", "strict", or "none", not "%s".' % samesite) - self.cookies[key]['samesite'] = samesite - - def setdefault(self, key, value): From addc96713414537899a5bd512789e96e9269f91e Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Fri, 12 May 2023 11:35:11 -0300 Subject: [PATCH 4/5] chore: Update django-cookie-delete-with-all-settings.patch --- ...ango-cookie-delete-with-all-settings.patch | 22 +++++++++++++------ 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/patch/django-cookie-delete-with-all-settings.patch b/patch/django-cookie-delete-with-all-settings.patch index eb9d0a6c6..01dee277d 100644 --- a/patch/django-cookie-delete-with-all-settings.patch +++ b/patch/django-cookie-delete-with-all-settings.patch @@ -1,6 +1,6 @@ --- django/contrib/messages/storage/cookie.py.orig 2020-08-13 11:10:36.719177122 +0200 +++ django/contrib/messages/storage/cookie.py 2020-08-13 11:45:23.503463150 +0200 -@@ -92,6 +92,8 @@ +@@ -95,6 +95,8 @@ response.delete_cookie( self.cookie_name, domain=settings.SESSION_COOKIE_DOMAIN, @@ -11,22 +11,30 @@ --- django/http/response.py.orig 2020-08-13 11:16:04.060627793 +0200 +++ django/http/response.py 2020-08-13 11:54:03.482476973 +0200 -@@ -209,12 +209,18 @@ +@@ -210,12 +210,18 @@ value = signing.get_cookie_signer(salt=key + salt).sign(value) return self.set_cookie(key, value, **kwargs) - def delete_cookie(self, key, path='/', domain=None, samesite=None): + def delete_cookie(self, key, path='/', domain=None, secure=False, httponly=False, samesite=None): - # Most browsers ignore the Set-Cookie header if the cookie name starts - # with __Host- or __Secure- and the cookie doesn't use the secure flag. -- secure = key.startswith(('__Secure-', '__Host-')) + # Browsers can ignore the Set-Cookie header if the cookie doesn't use + # the secure flag and: + # - the cookie name starts with "__Host-" or "__Secure-", or + # - the samesite is "none". +- secure = ( +- key.startswith(('__Secure-', '__Host-')) or +- (samesite and samesite.lower() == 'none') +- ) + if key in self.cookies: + domain = self.cookies[key].get('domain', domain) + secure = self.cookies[key].get('secure', secure) + httponly = self.cookies[key].get('httponly', httponly) + samesite = self.cookies[key].get('samesite', samesite) + else: -+ secure = secure or key.startswith(('__Secure-', '__Host-')) ++ secure = secure or ( ++ key.startswith(('__Secure-', '__Host-')) or ++ (samesite and samesite.lower() == 'none') ++ ) self.set_cookie( - key, max_age=0, path=path, domain=domain, secure=secure, + key, max_age=0, path=path, domain=domain, secure=secure, httponly=httponly, @@ -35,7 +43,7 @@ --- django/contrib/sessions/middleware.py.orig 2020-08-13 12:12:12.401898114 +0200 +++ django/contrib/sessions/middleware.py 2020-08-13 12:14:52.690520659 +0200 -@@ -38,6 +38,8 @@ +@@ -42,6 +42,8 @@ settings.SESSION_COOKIE_NAME, path=settings.SESSION_COOKIE_PATH, domain=settings.SESSION_COOKIE_DOMAIN, From d0cb46d320063e8e1999a0857c5b16499a3a3f77 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Fri, 12 May 2023 15:39:57 -0300 Subject: [PATCH 5/5] fix: Use TruncDate instead of QuerySet.extra() --- ietf/doc/views_stats.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/ietf/doc/views_stats.py b/ietf/doc/views_stats.py index 7d56e8569..ab71efce7 100644 --- a/ietf/doc/views_stats.py +++ b/ietf/doc/views_stats.py @@ -7,6 +7,7 @@ from django.conf import settings from django.core.cache import cache from django.urls import reverse as urlreverse from django.db.models.aggregates import Count +from django.db.models.functions import TruncDate from django.http import JsonResponse, HttpResponseBadRequest from django.shortcuts import render from django.views.decorators.cache import cache_page @@ -40,15 +41,12 @@ def model_to_timeline_data(model, field='time', **kwargs): assert field in [ f.name for f in model._meta.get_fields() ] objects = ( model.objects.filter(**kwargs) + .annotate(date=TruncDate(field)) .order_by('date') - .extra(select={'date': 'date(%s.%s)'% (model._meta.db_table, field) }) .values('date') .annotate(count=Count('id'))) if objects.exists(): obj_list = list(objects) - # This is needed for sqlite, when we're running tests: - if type(obj_list[0]['date']) != datetime.date: - obj_list = [ {'date': dt(e['date']), 'count': e['count']} for e in obj_list ] today = date_today(datetime.timezone.utc) if not obj_list[-1]['date'] == today: obj_list += [ {'date': today, 'count': 0} ]