From 38ec9357c6b8bed94553cee6830b61e051150992 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Jul 2024 14:59:26 +0000 Subject: [PATCH 1/2] Bump djangorestframework from 3.14.0 to 3.15.2 Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.14.0 to 3.15.2. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.14.0...3.15.2) --- updated-dependencies: - dependency-name: djangorestframework dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- poetry.lock | 24 ++++++------------------ pyproject.toml | 2 +- 2 files changed, 7 insertions(+), 19 deletions(-) diff --git a/poetry.lock b/poetry.lock index f4bc418..b039bca 100644 --- a/poetry.lock +++ b/poetry.lock @@ -459,18 +459,17 @@ tokenize-rt = ">=4.1.0" [[package]] name = "djangorestframework" -version = "3.14.0" +version = "3.15.2" description = "Web APIs for Django, made easy." optional = false -python-versions = ">=3.6" +python-versions = ">=3.8" files = [ - {file = "djangorestframework-3.14.0-py3-none-any.whl", hash = "sha256:eb63f58c9f218e1a7d064d17a70751f528ed4e1d35547fdade9aaf4cd103fd08"}, - {file = "djangorestframework-3.14.0.tar.gz", hash = "sha256:579a333e6256b09489cbe0a067e66abe55c6595d8926be6b99423786334350c8"}, + {file = "djangorestframework-3.15.2-py3-none-any.whl", hash = "sha256:2b8871b062ba1aefc2de01f773875441a961fefbf79f5eed1e32b2f096944b20"}, + {file = "djangorestframework-3.15.2.tar.gz", hash = "sha256:36fe88cd2d6c6bec23dca9804bab2ba5517a8bb9d8f47ebc68981b56840107ad"}, ] [package.dependencies] -django = ">=3.0" -pytz = "*" +django = ">=4.2" [[package]] name = "drf-writable-nested" @@ -918,17 +917,6 @@ cryptography = ["cryptography (>=3.4.0)"] pycrypto = ["pyasn1", "pycrypto (>=2.6.0,<2.7.0)"] pycryptodome = ["pyasn1", "pycryptodome (>=3.3.1,<4.0.0)"] -[[package]] -name = "pytz" -version = "2023.3" -description = "World timezone definitions, modern and historical" -optional = false -python-versions = "*" -files = [ - {file = "pytz-2023.3-py2.py3-none-any.whl", hash = "sha256:a151b3abb88eda1d4e34a9814df37de2a80e301e68ba0fd856fb9b46bfbbbffb"}, - {file = "pytz-2023.3.tar.gz", hash = "sha256:1d8ce29db189191fb55338ee6d0387d82ab59f3d00eac103412d64e0ebd0c588"}, -] - [[package]] name = "pyupgrade" version = "3.9.0" @@ -1226,4 +1214,4 @@ files = [ [metadata] lock-version = "2.0" python-versions = "^3.11" -content-hash = "e264377e8a1ca2aef762395e11f6888f50d6b3ff7a5a054a246c8d498a59b5d1" +content-hash = "d5dadd26c28cac2feee738c1b66a5b22989102bae82eace5211d9d5c08e620a2" diff --git a/pyproject.toml b/pyproject.toml index 1a51910..6ba3626 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -41,7 +41,7 @@ whitenoise = "^6.5.0" django-reversion = "^5.0.4" django-reversion-compare = "^0.16.2" django-import-export = "^3.2.0" -djangorestframework = "^3.14.0" +djangorestframework = "^3.15.2" django-filter = "^23.2" django-health-check = "^3.17.0" django-bootstrap3 = "^23.4" From 13d081c51b8ce21a6900d548f9bb300a10f0c371 Mon Sep 17 00:00:00 2001 From: Joep de Jong Date: Mon, 12 Aug 2024 17:45:49 +0000 Subject: [PATCH 2/2] Black --- ci.env | 1 + dev.env | 1 + dienst2/settings.py | 3 +++ 3 files changed, 5 insertions(+) diff --git a/ci.env b/ci.env index 4d5a677..43b63c5 100644 --- a/ci.env +++ b/ci.env @@ -4,3 +4,4 @@ DATABASE_URL=postgres://postgres@127.0.0.1/dienst2?atomic_requests=True CACHE_URL=dummycache:// GOOGLE_SERVICE_ACCOUNT_DELEGATED_USER="joepj@ch.tudelft.nl" GOOGLE_IAP_AUDIENCE= +CSRF_TRUSTED_ORIGINS=http://localhost:8000 diff --git a/dev.env b/dev.env index c185664..1f75621 100644 --- a/dev.env +++ b/dev.env @@ -6,3 +6,4 @@ CACHE_URL=dummycache:// INTERNAL_IPS=127.0.0.1,172.18.0.1 GOOGLE_SERVICE_ACCOUNT_DELEGATED_USER="joepj@ch.tudelft.nl" GOOGLE_IAP_AUDIENCE=/projects/966138216790/apps/wisvch +CSRF_TRUSTED_ORIGINS=http://localhost:8000 diff --git a/dienst2/settings.py b/dienst2/settings.py index bed8a56..2abdf53 100644 --- a/dienst2/settings.py +++ b/dienst2/settings.py @@ -15,6 +15,9 @@ ALLOWED_HOSTS = env.list("ALLOWED_HOSTS", default=["*"]) INTERNAL_IPS = env.list("INTERNAL_IPS", default="") +CSRF_TRUSTED_ORIGINS = env.list( + "CSRF_TRUSTED_ORIGINS", default=["https://dienst2.ch.tudelft.nl"] +) SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") DATABASES = {"default": env.db()}