search

falkben / steam-to-sqlite

Public Steam app and achievement data in a sqlite database
https://steam-to-sqlite.fly.dev
MIT License
2 stars 0 forks source link

Bump datasette from 0.64.3 to 0.64.4 #137

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 10 months ago

Bumps datasette from 0.64.3 to 0.64.4.

Release notes

Sourced from datasette's releases.

0.64.4

  • Fix for a crashing bug caused by viewing the table page for a named in-memory database. #2189
Changelog

Sourced from datasette's changelog.

0.64.4 (2023-09-21)

  • Fix for a crashing bug caused by viewing the table page for a named in-memory database. (:issue:2189)

.. _v1_0_a6:

1.0a6 (2023-09-07)

  • New plugin hook: :ref:plugin_hook_actors_from_ids and an internal method to accompany it, :ref:datasette_actors_from_ids. This mechanism is intended to be used by plugins that may need to display the actor who was responsible for something managed by that plugin: they can now resolve the recorded IDs of actors into the full actor objects. (:issue:2181)
  • DATASETTE_LOAD_PLUGINS environment variable for :ref:controlling which plugins <plugins_datasette_load_plugins> are loaded by Datasette. (:issue:2164)
  • Datasette now checks if the user has permission to view a table linked to by a foreign key before turning that foreign key into a clickable link. (:issue:2178)
  • The execute-sql permission now implies that the actor can also view the database and instance. (:issue:2169)
  • Documentation describing a pattern for building plugins that themselves :ref:define further hooks <writing_plugins_extra_hooks> for other plugins. (:issue:1765)
  • Datasette is now tested against the Python 3.12 preview. ([#2175](https://github.com/simonw/datasette/issues/2175) <https://github.com/simonw/datasette/pull/2175>__)

.. _v1_0_a5:

1.0a5 (2023-08-29)

  • When restrictions are applied to :ref:API tokens <CreateTokenView>, those restrictions now behave slightly differently: applying the view-table restriction will imply the ability to view-database for the database containing that table, and both view-table and view-database will imply view-instance. Previously you needed to create a token with restrictions that explicitly listed view-instance and view-database and view-table in order to view a table without getting a permission denied error. (:issue:2102)
  • New datasette.yaml (or .json) configuration file, which can be specified using datasette -c path-to-file. The goal here to consolidate settings, plugin configuration, permissions, canned queries, and other Datasette configuration into a single single file, separate from metadata.yaml. The legacy settings.json config file used for :ref:config_dir has been removed, and datasette.yaml has a "settings" section where the same settings key/value pairs can be included. In the next future alpha release, more configuration such as plugins/permissions/canned queries will be moved to the datasette.yaml file. See :issue:2093 for more details. Thanks, Alex Garcia.
  • The -s/--setting option can now take dotted paths to nested settings. These will then be used to set or over-ride the same options as are present in the new configuration file. (:issue:2156)
  • New --actor '{"id": "json-goes-here"}' option for use with datasette --get to treat the simulated request as being made by a specific actor, see :ref:cli_datasette_get. (:issue:2153)
  • The Datasette _internal database has had some changes. It no longer shows up in the datasette.databases list by default, and is now instead available to plugins using the datasette.get_internal_database(). Plugins are invited to use this as a private database to store configuration and settings and secrets that should not be made visible through the default Datasette interface. Users can pass the new --internal internal.db option to persist that internal database to disk. Thanks, Alex Garcia. (:issue:2157).

.. _v1_0_a4:

1.0a4 (2023-08-21)

This alpha fixes a security issue with the /-/api API explorer. On authenticated Datasette instances (instances protected using plugins such as datasette-auth-passwords <https://datasette.io/plugins/datasette-auth-passwords>__) the API explorer interface could reveal the names of databases and tables within the protected instance. The data stored in those tables was not revealed.

For more information and workarounds, read the security advisory <https://github.com/simonw/datasette/security/advisories/GHSA-7ch3-7pp7-7cpq>__. The issue has been present in every previous alpha version of Datasette 1.0: versions 1.0a0, 1.0a1, 1.0a2 and 1.0a3.

Also in this alpha:

  • The new datasette plugins --requirements option outputs a list of currently installed plugins in Python requirements.txt format, useful for duplicating that installation elsewhere. (:issue:2133)
  • :ref:canned_queries_writable can now define a on_success_message_sql field in their configuration, containing a SQL query that should be executed upon successful completion of the write operation in order to generate a message to be shown to the user. (:issue:2138)
  • The automatically generated border color for a database is now shown in more places around the application. (:issue:2119)
  • Every instance of example shell script code in the documentation should now include a working copy button, free from additional syntax. (:issue:2140)

.. _v1_0_a3:

1.0a3 (2023-08-09)

This alpha release previews the updated design for Datasette's default JSON API. (:issue:782)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov-commenter commented 10 months ago

Codecov Report

All modified lines are covered by tests :white_check_mark:

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

:loudspeaker: Thoughts on this report? Let us know!.

dependabot[bot] commented 10 months ago

Looks like datasette is up-to-date now, so this is no longer needed.