Release/3.17.0 #3745

Release/3.15.5

The `etree.ElementTree.tostring` method stringifies as valid XML by default. While XML allows self-closing tags by default, only some tags can be self-closing in HTML. This causes problems when rendering the sanitized HTML. Consider this example: ```html <noscript><script src="..."></script></noscript> <h1>Page title</h1> <p>Some text</p> ``` When converting the sanitized element tree to XML, this would result in something like this: ```html <noscript /> <h1>Page title</h1> <p>Some text</p> ``` `noscript` is not a valid void element which results in browsers treating all following elements as children of the `noscript` tag, parsing the HTML into an effective DOM structure like this: ```html <noscript> <h1>Page title</h1> <p>Some text</p> </noscript> ``` As a result the actual page contents are hidden when rendered in a browser (if JavaScript is enabled).

Don't override collection label when running crawldir several times

…ter (#3580) The previous instructions simply don’t make sense 🙃

Bumps [python-frontmatter](https://github.com/eyeseast/python-frontmatter) from 1.0.1 to 1.1.0. - [Release notes](https://github.com/eyeseast/python-frontmatter/releases) - [Commits](eyeseast/python-frontmatter@v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: python-frontmatter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

* Fix default Dockerfile command I broke the default Dockerfile command in `7cfcb5`. While the Dockerfile did always specify the WSGI app `aleph.manage:app`, this has been incorrect for some time and it should have always been `aleph.wsgi:app`. Previously we never actually ran a container with the default command though and instead specified the command in the `docker-compose.yml` file. I removed the "duplicate" command in the `docker-compose.yml` in the referenced commit and thus the default command in the Dockerfile is now used. I’ve now changed the default command specified in `Dockerfile` to be in line with the command previously set in `docker-compose.yml` (https://github.com/alephdata/aleph/blob/3.15.5/docker-compose.yml#L76). * The WSGI app is now `aleph.wsgi:app` (this is specified in `gunicorn.py` not via a CLI option). * Uses 6 workers by default (instead of 5). Closes #3606 * Update mentions of `master` branch to `main` We recently renamed the `master` branch to `main` and changed the default branch in GitHub to `develop`. Because a branch with the name `master` doesn’t exist anymore, GitHub redirects all links to the default branch which is not `develop`. In some cases this leads to problems, e.g. the installation guide effectively links to the Docker Compose configuration and environment templates on the `develop` branch instead of the stable `main` branch.

…ll-queries Document how to enable postgres query logging

Bumps [flask-migrate](https://github.com/miguelgrinberg/flask-migrate) from 4.0.5 to 4.0.7. - [Release notes](https://github.com/miguelgrinberg/flask-migrate/releases) - [Changelog](https://github.com/miguelgrinberg/Flask-Migrate/blob/main/CHANGES.md) - [Commits](miguelgrinberg/Flask-Migrate@v4.0.5...v4.0.7) --- updated-dependencies: - dependency-name: flask-migrate dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [marshmallow](https://github.com/marshmallow-code/marshmallow) from 3.20.1 to 3.21.1. - [Changelog](https://github.com/marshmallow-code/marshmallow/blob/dev/CHANGELOG.rst) - [Commits](marshmallow-code/marshmallow@3.20.1...3.21.1) --- updated-dependencies: - dependency-name: marshmallow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [followthemoney-store[postgresql]](https://github.com/alephdata/followthemoney-store) from 3.0.6 to 3.1.0. - [Release notes](https://github.com/alephdata/followthemoney-store/releases) - [Commits](alephdata/followthemoney-store@3.0.6...3.1.0) --- updated-dependencies: - dependency-name: followthemoney-store[postgresql] dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps playwright/python from v1.41.0-focal to v1.42.0-focal. --- updated-dependencies: - dependency-name: playwright/python dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

* Update documentation links to use docs.aleph.occrp.org domain When we updated the docs site, we set up redirects for all of these links, so they were still working, but it is time to properly update the links everywhere. * Remove "Cross-referencing" docs link on investigations homepage In the new user guide, there is no separate page for cross-referencing anymore. Instead, cross-referencing is mentioned as part of the docs article "Generating entities from a spreadsheet", so this link is redundant. * Update user guide link in entity mapping UI Previously, this linked to the developer docs about mappings. As this link is displayed in the Aleph UI, it makes more sense to link to the end user guide.

…ity (#3671) Previously, the label for both email addresses and email entities was "Email" which could be confusing when both were displayed next to each other (for example on the dataset overview screen). Fixes #3668

Use pytest instead of 👃

…/playwright/python-v1.42.0-focal Bump playwright/python from v1.41.0-focal to v1.42.0-focal in /e2e

Bumps the dev-dependencies group with 4 updates: [black](https://github.com/psf/black), [playwright](https://github.com/Microsoft/playwright-python), [pytest-playwright](https://github.com/microsoft/playwright-pytest) and [ruff](https://github.com/astral-sh/ruff). Updates `black` from 23.12.1 to 24.3.0 - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@23.12.1...24.3.0) Updates `playwright` from 1.40.0 to 1.42.0 - [Release notes](https://github.com/Microsoft/playwright-python/releases) - [Commits](microsoft/playwright-python@v1.40.0...v1.42.0) Updates `pytest-playwright` from 0.4.3 to 0.4.4 - [Release notes](https://github.com/microsoft/playwright-pytest/releases) - [Commits](microsoft/playwright-pytest@v0.4.3...v0.4.4) Updates `ruff` from 0.1.9 to 0.3.5 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@v0.1.9...v0.3.5) --- updated-dependencies: - dependency-name: black dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: playwright dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: pytest-playwright dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

…pendencies-84a3d375eb Bump the dev-dependencies group with 4 updates

docs: remove references to convert-document

Keep Playwright versions in sync

Add playwright version build arg to run step

Fix broken link in docs

Updates the requirements on [faker](https://github.com/joke2k/faker) to permit the latest version. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v5.6.0...v25.0.0) --- updated-dependencies: - dependency-name: faker dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.20.0 to 4.22.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](python-jsonschema/jsonschema@v4.20.0...v4.22.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps the dev-dependencies group with 3 updates in the / directory: [black](https://github.com/psf/black), [ruff](https://github.com/astral-sh/ruff) and [pytest](https://github.com/pytest-dev/pytest). Updates `black` from 24.3.0 to 24.4.2 - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@24.3.0...24.4.2) Updates `ruff` from 0.3.5 to 0.4.2 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@v0.3.5...v0.4.2) Updates `pytest` from 8.1.1 to 8.2.0 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@8.1.1...8.2.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [sentry-sdk[flask]](https://github.com/getsentry/sentry-python) from 1.31.0 to 2.0.1. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.31.0...2.0.1) --- updated-dependencies: - dependency-name: sentry-sdk[flask] dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…-sdk-flask--2.0.1 Bump sentry-sdk[flask] from 1.31.0 to 2.0.1

…pendencies-33744de1f9 Bump the dev-dependencies group across 1 directory with 3 updates

…hema-4.22.0 Bump jsonschema from 4.20.0 to 4.22.0

…allow-3.21.1 Bump marshmallow from 3.20.1 to 3.21.1

…themoney-store-postgresql--3.1.0 Bump followthemoney-store[postgresql] from 3.0.6 to 3.1.0

…migrate-4.0.7 Bump flask-migrate from 4.0.5 to 4.0.7

Bumps [followthemoney](https://github.com/alephdata/followthemoney) from 3.5.8 to 3.5.9. - [Release notes](https://github.com/alephdata/followthemoney/releases) - [Commits](alephdata/followthemoney@v3.5.8...v3.5.9) --- updated-dependencies: - dependency-name: followthemoney dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…-frontmatter-1.1.0 Bump python-frontmatter from 1.0.1 to 1.1.0

Bumps [blinker](https://github.com/pallets-eco/blinker) from 1.7.0 to 1.8.1. - [Release notes](https://github.com/pallets-eco/blinker/releases) - [Changelog](https://github.com/pallets-eco/blinker/blob/main/CHANGES.rst) - [Commits](pallets-eco/blinker@1.7.0...1.8.1) --- updated-dependencies: - dependency-name: blinker dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

…r-1.8.1 Bump blinker from 1.7.0 to 1.8.1

…d-lt-26.0.0

…themoney-3.5.9 Bump followthemoney from 3.5.8 to 3.5.9

…gte-5.6.0-and-lt-26.0.0 Update faker requirement from <23.0.0,>=5.6.0 to >=5.6.0,<26.0.0

This reverts commit 3cd864e.

* Bump react-pdf from 5.7.2 to 7.7.3 in /ui Bumps [react-pdf](https://github.com/wojtekmaj/react-pdf/tree/HEAD/packages/react-pdf) from 5.7.2 to 7.7.3. - [Release notes](https://github.com/wojtekmaj/react-pdf/releases) - [Commits](https://github.com/wojtekmaj/react-pdf/commits/v7.7.3/packages/react-pdf) --- updated-dependencies: - dependency-name: react-pdf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Fix alignment of invisible text layer The text layer is what makes text selectable, but it needs to be aligned in the same way as the underlying canvas that renders the page. * Do not render annotations Annotations can be popups, notes, highlights, forms, or clickable links. We currently do not render annotations. While the use of the `renderAnnotations` property suggests that annotations were indeed enabled in an earlier version, the property has been renamed long time ago and annotations have (effectively) not been enabled for multiple years now. While it would have been possible to enable annotations again, I think keeping them disabled is actually sensible as they bear some risk due to their interactive nature. --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Till Prochaska <[email protected]>

* Ensure that end-to-end test run in CI The `docker compose run` command doesn’t support the `--build-arg` argument. Depending on the Docker Compose version installed, using the `--build-arg` argument would either exit with an error code or simply print the command help. To achieve the desired outcome, we can first build the image with the build argument, then start the container. This has the additional advantage of separating the build logs from the logs of the actual command execution in the GitHub Actions UI. * Pull and start services before running tests This separates logs related to pulling/starting service containers from the logs of the actual test command.

This command override is not required anymore because the default command specified in the Dockerfile now has the correct command. We only added it back temporarily due to a release issue. See ed017fa.

The PDF.js worker is dynamically loaded by PDF.js at runtime. The version of PDF.js in the main app bundle and of the worker have to be in sync. Previously, we simply copied the worker file to a static location (`/static/pdf.worker.min.js`). When updating PDF.js, this might cause problems if the worker file is still cached by browsers. Instead of manually copying the file, we now make use of Webpack’s support for external assets[1]. Webpack copies the file to the build directory during the build step. It also appends a hash based on the file contents to the file name, e.g. `pdf.worker.min.2b1fcb1d45631a4dd93a.js` to ensure that browsers do not load a cached version when the worker has been updated. [1]: https://webpack.js.org/guides/asset-modules/#url-assets

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Release/3.17.0 #3745

Release/3.17.0 #3745

Commits on Jan 23, 2024

Commits on Jan 25, 2024

Commits on Jan 30, 2024

Commits on Jan 31, 2024

Commits on Feb 1, 2024

Commits on Feb 5, 2024

Commits on Feb 28, 2024

Commits on Apr 1, 2024

Commits on Apr 4, 2024

Commits on Apr 5, 2024

Commits on Apr 16, 2024

Commits on Apr 17, 2024

Commits on Apr 22, 2024

Commits on Apr 23, 2024

Commits on May 1, 2024

Commits on May 3, 2024

Commits on May 6, 2024

Commits on May 22, 2024

Commits on May 23, 2024

Commits on May 26, 2024

Commits on May 27, 2024