From 754b9ae7eec702302babc277c24939c7ecc3cfa1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 12:02:55 +0000 Subject: [PATCH 01/29] Bump stac-fastapi-extensions from 2.4.8 to 2.4.9 Bumps [stac-fastapi-extensions](https://github.com/stac-utils/stac-fastapi) from 2.4.8 to 2.4.9. - [Release notes](https://github.com/stac-utils/stac-fastapi/releases) - [Changelog](https://github.com/stac-utils/stac-fastapi/blob/main/CHANGES.md) - [Commits](https://github.com/stac-utils/stac-fastapi/compare/2.4.8...2.4.9) --- updated-dependencies: - dependency-name: stac-fastapi-extensions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-apps-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-apps-api.txt b/requirements-apps-api.txt index cd804a63..418de17f 100644 --- a/requirements-apps-api.txt +++ b/requirements-apps-api.txt @@ -1,5 +1,5 @@ mangum==0.17.0 stac-fastapi.api==2.4.8 -stac-fastapi.extensions==2.4.8 +stac-fastapi.extensions==2.4.9 stac-fastapi.pgstac==2.4.10 stac-fastapi.types==2.4.8 From b3628eb2daac071730725ad7d2ca7d1cd2835406 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 12:02:58 +0000 Subject: [PATCH 02/29] Bump stac-fastapi-types from 2.4.8 to 2.4.9 Bumps [stac-fastapi-types](https://github.com/stac-utils/stac-fastapi) from 2.4.8 to 2.4.9. - [Release notes](https://github.com/stac-utils/stac-fastapi/releases) - [Changelog](https://github.com/stac-utils/stac-fastapi/blob/main/CHANGES.md) - [Commits](https://github.com/stac-utils/stac-fastapi/compare/2.4.8...2.4.9) --- updated-dependencies: - dependency-name: stac-fastapi-types dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-apps-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-apps-api.txt b/requirements-apps-api.txt index cd804a63..31611423 100644 --- a/requirements-apps-api.txt +++ b/requirements-apps-api.txt @@ -2,4 +2,4 @@ mangum==0.17.0 stac-fastapi.api==2.4.8 stac-fastapi.extensions==2.4.8 stac-fastapi.pgstac==2.4.10 -stac-fastapi.types==2.4.8 +stac-fastapi.types==2.4.9 From b664cb2bbf12b89eb5fe38531fa9d20b4bb34227 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Dec 2023 11:21:14 +0000 Subject: [PATCH 03/29] Bump stac-fastapi-api from 2.4.8 to 2.4.9 Bumps [stac-fastapi-api](https://github.com/stac-utils/stac-fastapi) from 2.4.8 to 2.4.9. - [Release notes](https://github.com/stac-utils/stac-fastapi/releases) - [Changelog](https://github.com/stac-utils/stac-fastapi/blob/main/CHANGES.md) - [Commits](https://github.com/stac-utils/stac-fastapi/compare/2.4.8...2.4.9) --- updated-dependencies: - dependency-name: stac-fastapi-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-apps-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-apps-api.txt b/requirements-apps-api.txt index cd804a63..d28ffe2a 100644 --- a/requirements-apps-api.txt +++ b/requirements-apps-api.txt @@ -1,5 +1,5 @@ mangum==0.17.0 -stac-fastapi.api==2.4.8 +stac-fastapi.api==2.4.9 stac-fastapi.extensions==2.4.8 stac-fastapi.pgstac==2.4.10 stac-fastapi.types==2.4.8 From c669a49a3f996250fc119334e5db48663ed6fc9f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Dec 2023 11:26:57 +0000 Subject: [PATCH 04/29] Bump ASFHyP3/actions from 0.8.3 to 0.9.0 Bumps [ASFHyP3/actions](https://github.com/asfhyp3/actions) from 0.8.3 to 0.9.0. - [Release notes](https://github.com/asfhyp3/actions/releases) - [Changelog](https://github.com/ASFHyP3/actions/blob/develop/CHANGELOG.md) - [Commits](https://github.com/asfhyp3/actions/compare/v0.8.3...v0.9.0) --- updated-dependencies: - dependency-name: ASFHyP3/actions dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/changelog.yml | 2 +- .github/workflows/create-jira-issue.yml | 2 +- .github/workflows/deploy-stac-prod.yml | 2 +- .github/workflows/labeled-pr.yml | 2 +- .github/workflows/release.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 1790266f..0120a6b7 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -13,6 +13,6 @@ on: jobs: call-changelog-check-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-changelog-check.yml@v0.8.3 + uses: ASFHyP3/actions/.github/workflows/reusable-changelog-check.yml@v0.9.0 secrets: USER_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/create-jira-issue.yml b/.github/workflows/create-jira-issue.yml index 3a138e94..e87e1c24 100644 --- a/.github/workflows/create-jira-issue.yml +++ b/.github/workflows/create-jira-issue.yml @@ -6,7 +6,7 @@ on: jobs: call-create-jira-issue-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.8.3 + uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.9.0 secrets: JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} diff --git a/.github/workflows/deploy-stac-prod.yml b/.github/workflows/deploy-stac-prod.yml index ededad08..066710e5 100644 --- a/.github/workflows/deploy-stac-prod.yml +++ b/.github/workflows/deploy-stac-prod.yml @@ -31,6 +31,6 @@ jobs: call-bump-version-workflow: needs: deploy-stac-api - uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.8.3 + uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.9.0 secrets: USER_TOKEN: ${{ secrets.TOOLS_BOT_PAK }} diff --git a/.github/workflows/labeled-pr.yml b/.github/workflows/labeled-pr.yml index 103ae29a..64b1b10b 100644 --- a/.github/workflows/labeled-pr.yml +++ b/.github/workflows/labeled-pr.yml @@ -12,4 +12,4 @@ on: jobs: call-labeled-pr-check-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.8.3 + uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.9.0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ab5f820c..684d120f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,7 +7,7 @@ on: jobs: call-release-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.8.3 + uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.9.0 with: release_prefix: ASF STAC secrets: From 8c912231ba555bea6e457d93f1948779e7e0c718 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 Dec 2023 11:44:35 +0000 Subject: [PATCH 05/29] Bump actions/setup-python from 4 to 5 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/static-analysis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index e688e92e..d6056395 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: 3.9 - run: make install @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: 3.9 - run: make install From ed660847c2c83ea7f8f18d677065f8d7c4fd6ffa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 Jan 2024 11:49:39 +0000 Subject: [PATCH 06/29] Bump boto3 from 1.33.4 to 1.34.17 Bumps [boto3](https://github.com/boto/boto3) from 1.33.4 to 1.34.17. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.33.4...1.34.17) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-run-codebuild.txt | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-run-codebuild.txt b/requirements-run-codebuild.txt index d7d1a11f..2abda016 100644 --- a/requirements-run-codebuild.txt +++ b/requirements-run-codebuild.txt @@ -1 +1 @@ -boto3==1.33.4 \ No newline at end of file +boto3==1.34.17 \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index a3b9e2c5..d54686d6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ -r requirements-apps-api.txt -r requirements-run-codebuild.txt ./lib/asf-stac-util/ -boto3==1.33.4 +boto3==1.34.17 cfn-lint==0.83.3 flake8==6.1.0 pypgstac[psycopg]==0.7.10 From 2f4f056ffdab5d2fd44c4405191d3222d30f2b15 Mon Sep 17 00:00:00 2001 From: Andrew Johnston Date: Tue, 30 Apr 2024 10:58:25 -0800 Subject: [PATCH 07/29] Update dependabot.yml to weekly --- .github/dependabot.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 383b1536..f95d8a5c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,15 +5,15 @@ version: 2 updates: - - package-ecosystem: "pip" - directory: "/" + - package-ecosystem: pip + directory: / schedule: - interval: "daily" + interval: weekly labels: - - "bumpless" - - package-ecosystem: "github-actions" - directory: "/" + - bumpless + - package-ecosystem: github-actions + directory: / schedule: - interval: "daily" + interval: weekly labels: - - "bumpless" + - bumpless From 42691e1082fd724092577f793ba0a48fe96efbc0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 May 2024 12:00:57 +0000 Subject: [PATCH 08/29] Bump tqdm from 4.66.1 to 4.66.4 Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.66.1 to 4.66.4. - [Release notes](https://github.com/tqdm/tqdm/releases) - [Commits](https://github.com/tqdm/tqdm/compare/v4.66.1...v4.66.4) --- updated-dependencies: - dependency-name: tqdm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d54686d6..e1e88712 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,5 +9,5 @@ pystac==1.9.0 pytest==7.4.3 requests==2.31.0 shapely==2.0.2 -tqdm==4.66.1 +tqdm==4.66.4 uvicorn==0.24.0.post1 From cb878de085abd1b9f7987ff27b419c603a6bdff2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 11:05:52 +0000 Subject: [PATCH 09/29] Bump uvicorn from 0.24.0.post1 to 0.30.1 Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.24.0.post1 to 0.30.1. - [Release notes](https://github.com/encode/uvicorn/releases) - [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md) - [Commits](https://github.com/encode/uvicorn/compare/0.24.0.post1...0.30.1) --- updated-dependencies: - dependency-name: uvicorn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d54686d6..bb5204be 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,4 +10,4 @@ pytest==7.4.3 requests==2.31.0 shapely==2.0.2 tqdm==4.66.1 -uvicorn==0.24.0.post1 +uvicorn==0.30.1 From 05ff4c28c6388c793cd162ea5dcebead8edfd856 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 11:06:04 +0000 Subject: [PATCH 10/29] Bump requests from 2.31.0 to 2.32.3 Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.3. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.31.0...v2.32.3) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d54686d6..4e8819b8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ flake8==6.1.0 pypgstac[psycopg]==0.7.10 pystac==1.9.0 pytest==7.4.3 -requests==2.31.0 +requests==2.32.3 shapely==2.0.2 tqdm==4.66.1 uvicorn==0.24.0.post1 From 77b81342ca396619f151491ddb44a3dc0031fd6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 11:19:52 +0000 Subject: [PATCH 11/29] Bump pytest from 7.4.3 to 8.2.2 Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to 8.2.2. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.4.3...8.2.2) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d54686d6..59de02ae 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,7 @@ cfn-lint==0.83.3 flake8==6.1.0 pypgstac[psycopg]==0.7.10 pystac==1.9.0 -pytest==7.4.3 +pytest==8.2.2 requests==2.31.0 shapely==2.0.2 tqdm==4.66.1 From dc59c33c1b11bebb11fc5fea0c353de29d7c3d56 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 11:22:21 +0000 Subject: [PATCH 12/29] Bump cfn-lint from 0.83.3 to 0.87.7 Bumps [cfn-lint](https://github.com/aws-cloudformation/cfn-python-lint) from 0.83.3 to 0.87.7. - [Release notes](https://github.com/aws-cloudformation/cfn-python-lint/releases) - [Changelog](https://github.com/aws-cloudformation/cfn-lint/blob/v0.87.7/CHANGELOG.md) - [Commits](https://github.com/aws-cloudformation/cfn-python-lint/compare/v0.83.3...v0.87.7) --- updated-dependencies: - dependency-name: cfn-lint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d54686d6..f57d84dc 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,7 +2,7 @@ -r requirements-run-codebuild.txt ./lib/asf-stac-util/ boto3==1.34.17 -cfn-lint==0.83.3 +cfn-lint==0.87.7 flake8==6.1.0 pypgstac[psycopg]==0.7.10 pystac==1.9.0 From b7a9a06e7ba1a9ec0c7a4df9deb7f59eac78a72d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 11:22:29 +0000 Subject: [PATCH 13/29] Bump boto3 from 1.34.17 to 1.34.127 Bumps [boto3](https://github.com/boto/boto3) from 1.34.17 to 1.34.127. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.34.17...1.34.127) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-run-codebuild.txt | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-run-codebuild.txt b/requirements-run-codebuild.txt index 2abda016..df6e84cd 100644 --- a/requirements-run-codebuild.txt +++ b/requirements-run-codebuild.txt @@ -1 +1 @@ -boto3==1.34.17 \ No newline at end of file +boto3==1.34.127 \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index d54686d6..e1adc24f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ -r requirements-apps-api.txt -r requirements-run-codebuild.txt ./lib/asf-stac-util/ -boto3==1.34.17 +boto3==1.34.127 cfn-lint==0.83.3 flake8==6.1.0 pypgstac[psycopg]==0.7.10 From 2c8005702b2e24808a623ba7d9a6bc8280091df8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 11:22:32 +0000 Subject: [PATCH 14/29] Bump flake8 from 6.1.0 to 7.1.0 Bumps [flake8](https://github.com/pycqa/flake8) from 6.1.0 to 7.1.0. - [Commits](https://github.com/pycqa/flake8/compare/6.1.0...7.1.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index d54686d6..b5ebd30e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ ./lib/asf-stac-util/ boto3==1.34.17 cfn-lint==0.83.3 -flake8==6.1.0 +flake8==7.1.0 pypgstac[psycopg]==0.7.10 pystac==1.9.0 pytest==7.4.3 From f186c860d8048678930c9335e969954d106e7975 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 11:49:01 +0000 Subject: [PATCH 15/29] Bump ASFHyP3/actions from 0.9.0 to 0.11.1 Bumps [ASFHyP3/actions](https://github.com/asfhyp3/actions) from 0.9.0 to 0.11.1. - [Release notes](https://github.com/asfhyp3/actions/releases) - [Changelog](https://github.com/ASFHyP3/actions/blob/develop/CHANGELOG.md) - [Commits](https://github.com/asfhyp3/actions/compare/v0.9.0...v0.11.1) --- updated-dependencies: - dependency-name: ASFHyP3/actions dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/changelog.yml | 2 +- .github/workflows/create-jira-issue.yml | 2 +- .github/workflows/deploy-stac-prod.yml | 2 +- .github/workflows/labeled-pr.yml | 2 +- .github/workflows/release.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 0120a6b7..6b6bbdaa 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -13,6 +13,6 @@ on: jobs: call-changelog-check-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-changelog-check.yml@v0.9.0 + uses: ASFHyP3/actions/.github/workflows/reusable-changelog-check.yml@v0.11.1 secrets: USER_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/create-jira-issue.yml b/.github/workflows/create-jira-issue.yml index e87e1c24..129ff5f1 100644 --- a/.github/workflows/create-jira-issue.yml +++ b/.github/workflows/create-jira-issue.yml @@ -6,7 +6,7 @@ on: jobs: call-create-jira-issue-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.9.0 + uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.11.1 secrets: JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} diff --git a/.github/workflows/deploy-stac-prod.yml b/.github/workflows/deploy-stac-prod.yml index 066710e5..d823a771 100644 --- a/.github/workflows/deploy-stac-prod.yml +++ b/.github/workflows/deploy-stac-prod.yml @@ -31,6 +31,6 @@ jobs: call-bump-version-workflow: needs: deploy-stac-api - uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.9.0 + uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.11.1 secrets: USER_TOKEN: ${{ secrets.TOOLS_BOT_PAK }} diff --git a/.github/workflows/labeled-pr.yml b/.github/workflows/labeled-pr.yml index 64b1b10b..3ba21604 100644 --- a/.github/workflows/labeled-pr.yml +++ b/.github/workflows/labeled-pr.yml @@ -12,4 +12,4 @@ on: jobs: call-labeled-pr-check-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.9.0 + uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.11.1 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 684d120f..27ecfd4f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,7 +7,7 @@ on: jobs: call-release-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.9.0 + uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.11.1 with: release_prefix: ASF STAC secrets: From be3bd99b846c81716470bfcfb6f69d2453b9250f Mon Sep 17 00:00:00 2001 From: Jake Herrmann Date: Mon, 17 Jun 2024 09:39:42 -0800 Subject: [PATCH 16/29] Update .github/workflows/changelog.yml --- .github/workflows/changelog.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 6b6bbdaa..6047ddb1 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -14,5 +14,3 @@ on: jobs: call-changelog-check-workflow: uses: ASFHyP3/actions/.github/workflows/reusable-changelog-check.yml@v0.11.1 - secrets: - USER_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 699e8c90b00d23a6c04a9c0ef21f13551c921612 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:11:01 +0000 Subject: [PATCH 17/29] Bump ASFHyP3/actions from 0.11.1 to 0.11.2 Bumps [ASFHyP3/actions](https://github.com/asfhyp3/actions) from 0.11.1 to 0.11.2. - [Release notes](https://github.com/asfhyp3/actions/releases) - [Changelog](https://github.com/ASFHyP3/actions/blob/develop/CHANGELOG.md) - [Commits](https://github.com/asfhyp3/actions/compare/v0.11.1...v0.11.2) --- updated-dependencies: - dependency-name: ASFHyP3/actions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/changelog.yml | 2 +- .github/workflows/create-jira-issue.yml | 2 +- .github/workflows/deploy-stac-prod.yml | 2 +- .github/workflows/labeled-pr.yml | 2 +- .github/workflows/release.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 6047ddb1..7740de9e 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -13,4 +13,4 @@ on: jobs: call-changelog-check-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-changelog-check.yml@v0.11.1 + uses: ASFHyP3/actions/.github/workflows/reusable-changelog-check.yml@v0.11.2 diff --git a/.github/workflows/create-jira-issue.yml b/.github/workflows/create-jira-issue.yml index 129ff5f1..99489d50 100644 --- a/.github/workflows/create-jira-issue.yml +++ b/.github/workflows/create-jira-issue.yml @@ -6,7 +6,7 @@ on: jobs: call-create-jira-issue-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.11.1 + uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.11.2 secrets: JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} diff --git a/.github/workflows/deploy-stac-prod.yml b/.github/workflows/deploy-stac-prod.yml index d823a771..dfb5913d 100644 --- a/.github/workflows/deploy-stac-prod.yml +++ b/.github/workflows/deploy-stac-prod.yml @@ -31,6 +31,6 @@ jobs: call-bump-version-workflow: needs: deploy-stac-api - uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.11.1 + uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.11.2 secrets: USER_TOKEN: ${{ secrets.TOOLS_BOT_PAK }} diff --git a/.github/workflows/labeled-pr.yml b/.github/workflows/labeled-pr.yml index 3ba21604..f89f3e3b 100644 --- a/.github/workflows/labeled-pr.yml +++ b/.github/workflows/labeled-pr.yml @@ -12,4 +12,4 @@ on: jobs: call-labeled-pr-check-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.11.1 + uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.11.2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 27ecfd4f..ed83fc19 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,7 +7,7 @@ on: jobs: call-release-workflow: - uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.11.1 + uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.11.2 with: release_prefix: ASF STAC secrets: From 2ab5363c5aba1f223faad0af0c8b4045b9ccc9dc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:16:14 +0000 Subject: [PATCH 18/29] Bump stac-fastapi-api from 2.4.9 to 2.5.5.post1 Bumps [stac-fastapi-api](https://github.com/stac-utils/stac-fastapi) from 2.4.9 to 2.5.5.post1. - [Release notes](https://github.com/stac-utils/stac-fastapi/releases) - [Changelog](https://github.com/stac-utils/stac-fastapi/blob/main/CHANGES.md) - [Commits](https://github.com/stac-utils/stac-fastapi/compare/2.4.9...2.5.5.post1) --- updated-dependencies: - dependency-name: stac-fastapi-api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-apps-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-apps-api.txt b/requirements-apps-api.txt index 97ef445a..21315889 100644 --- a/requirements-apps-api.txt +++ b/requirements-apps-api.txt @@ -1,5 +1,5 @@ mangum==0.17.0 -stac-fastapi.api==2.4.9 +stac-fastapi.api==2.5.5.post1 stac-fastapi.extensions==2.4.9 stac-fastapi.pgstac==2.4.10 stac-fastapi.types==2.4.9 From 5a9635db1c74d5e53503bce7ec0c8d7dc7ffde6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:16:16 +0000 Subject: [PATCH 19/29] Bump stac-fastapi-pgstac from 2.4.10 to 2.5.0 Bumps [stac-fastapi-pgstac](https://github.com/stac-utils/stac-fastapi) from 2.4.10 to 2.5.0. - [Release notes](https://github.com/stac-utils/stac-fastapi/releases) - [Changelog](https://github.com/stac-utils/stac-fastapi/blob/main/CHANGES.md) - [Commits](https://github.com/stac-utils/stac-fastapi/commits/2.5.0) --- updated-dependencies: - dependency-name: stac-fastapi-pgstac dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-apps-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-apps-api.txt b/requirements-apps-api.txt index 97ef445a..80a6fbc7 100644 --- a/requirements-apps-api.txt +++ b/requirements-apps-api.txt @@ -1,5 +1,5 @@ mangum==0.17.0 stac-fastapi.api==2.4.9 stac-fastapi.extensions==2.4.9 -stac-fastapi.pgstac==2.4.10 +stac-fastapi.pgstac==2.5.0 stac-fastapi.types==2.4.9 From c58a869fe584b065616f5fd75504f611d1ce1f8d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:16:19 +0000 Subject: [PATCH 20/29] Bump stac-fastapi-extensions from 2.4.9 to 2.5.5.post1 Bumps [stac-fastapi-extensions](https://github.com/stac-utils/stac-fastapi) from 2.4.9 to 2.5.5.post1. - [Release notes](https://github.com/stac-utils/stac-fastapi/releases) - [Changelog](https://github.com/stac-utils/stac-fastapi/blob/main/CHANGES.md) - [Commits](https://github.com/stac-utils/stac-fastapi/compare/2.4.9...2.5.5.post1) --- updated-dependencies: - dependency-name: stac-fastapi-extensions dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-apps-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-apps-api.txt b/requirements-apps-api.txt index 97ef445a..89c529b8 100644 --- a/requirements-apps-api.txt +++ b/requirements-apps-api.txt @@ -1,5 +1,5 @@ mangum==0.17.0 stac-fastapi.api==2.4.9 -stac-fastapi.extensions==2.4.9 +stac-fastapi.extensions==2.5.5.post1 stac-fastapi.pgstac==2.4.10 stac-fastapi.types==2.4.9 From fb2c5c5400c4aa189b8afaae69dc1f5d59e3c91a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:16:22 +0000 Subject: [PATCH 21/29] Bump stac-fastapi-types from 2.4.9 to 2.5.5.post1 Bumps [stac-fastapi-types](https://github.com/stac-utils/stac-fastapi) from 2.4.9 to 2.5.5.post1. - [Release notes](https://github.com/stac-utils/stac-fastapi/releases) - [Changelog](https://github.com/stac-utils/stac-fastapi/blob/main/CHANGES.md) - [Commits](https://github.com/stac-utils/stac-fastapi/compare/2.4.9...2.5.5.post1) --- updated-dependencies: - dependency-name: stac-fastapi-types dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-apps-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-apps-api.txt b/requirements-apps-api.txt index 97ef445a..d76d0827 100644 --- a/requirements-apps-api.txt +++ b/requirements-apps-api.txt @@ -2,4 +2,4 @@ mangum==0.17.0 stac-fastapi.api==2.4.9 stac-fastapi.extensions==2.4.9 stac-fastapi.pgstac==2.4.10 -stac-fastapi.types==2.4.9 +stac-fastapi.types==2.5.5.post1 From ee3a8d4e581d3bcae4e01778d4b67b7684b24275 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 11:26:55 +0000 Subject: [PATCH 22/29] Bump shapely from 2.0.2 to 2.0.4 Bumps [shapely](https://github.com/shapely/shapely) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/shapely/shapely/releases) - [Changelog](https://github.com/shapely/shapely/blob/main/CHANGES.txt) - [Commits](https://github.com/shapely/shapely/compare/2.0.2...2.0.4) --- updated-dependencies: - dependency-name: shapely dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 31e64228..25ffe711 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,6 +8,6 @@ pypgstac[psycopg]==0.7.10 pystac==1.9.0 pytest==8.2.2 requests==2.32.3 -shapely==2.0.2 +shapely==2.0.4 tqdm==4.66.4 uvicorn==0.30.1 From afb6a463bde2239b06427cc5bf80c1c5f3c2003c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 11:27:00 +0000 Subject: [PATCH 23/29] Bump cfn-lint from 0.87.7 to 1.5.0 Bumps [cfn-lint](https://github.com/aws-cloudformation/cfn-lint) from 0.87.7 to 1.5.0. - [Release notes](https://github.com/aws-cloudformation/cfn-lint/releases) - [Changelog](https://github.com/aws-cloudformation/cfn-lint/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-cloudformation/cfn-lint/compare/v0.87.7...v1.5.0) --- updated-dependencies: - dependency-name: cfn-lint dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 31e64228..ce972acd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,7 +2,7 @@ -r requirements-run-codebuild.txt ./lib/asf-stac-util/ boto3==1.34.127 -cfn-lint==0.87.7 +cfn-lint==1.5.0 flake8==7.1.0 pypgstac[psycopg]==0.7.10 pystac==1.9.0 From e6d3e37e423187870bd85e916f203f318ec4f070 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 11:27:07 +0000 Subject: [PATCH 24/29] Bump boto3 from 1.34.127 to 1.34.140 Bumps [boto3](https://github.com/boto/boto3) from 1.34.127 to 1.34.140. - [Release notes](https://github.com/boto/boto3/releases) - [Commits](https://github.com/boto/boto3/compare/1.34.127...1.34.140) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-run-codebuild.txt | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-run-codebuild.txt b/requirements-run-codebuild.txt index df6e84cd..435e8fd8 100644 --- a/requirements-run-codebuild.txt +++ b/requirements-run-codebuild.txt @@ -1 +1 @@ -boto3==1.34.127 \ No newline at end of file +boto3==1.34.140 \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index 31e64228..3c8d7c96 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ -r requirements-apps-api.txt -r requirements-run-codebuild.txt ./lib/asf-stac-util/ -boto3==1.34.127 +boto3==1.34.140 cfn-lint==0.87.7 flake8==7.1.0 pypgstac[psycopg]==0.7.10 From 65161ef56a1504afe61ada1ce9db7f1acffe7dbf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 17:03:16 +0000 Subject: [PATCH 25/29] Bump pystac from 1.9.0 to 1.10.1 Bumps [pystac](https://github.com/stac-utils/pystac) from 1.9.0 to 1.10.1. - [Release notes](https://github.com/stac-utils/pystac/releases) - [Changelog](https://github.com/stac-utils/pystac/blob/main/CHANGELOG.md) - [Commits](https://github.com/stac-utils/pystac/compare/v1.9.0...v1.10.1) --- updated-dependencies: - dependency-name: pystac dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 25ffe711..5329a7fd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,7 +5,7 @@ boto3==1.34.127 cfn-lint==0.87.7 flake8==7.1.0 pypgstac[psycopg]==0.7.10 -pystac==1.9.0 +pystac==1.10.1 pytest==8.2.2 requests==2.32.3 shapely==2.0.4 From e84800f34ffa07379e7c46e63e020cbf750e5b4b Mon Sep 17 00:00:00 2001 From: Jake Herrmann Date: Mon, 8 Jul 2024 09:44:24 -0800 Subject: [PATCH 26/29] ignore W1011 for cfn-lint --- Makefile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 28eee611..093e80c6 100644 --- a/Makefile +++ b/Makefile @@ -64,4 +64,6 @@ flake8: flake8 --max-line-length=120 cfn-lint: - cfn-lint --template `find . -name cloudformation.yml` --info --ignore-checks W3002 + # Ignore "W1011 Use dynamic references over parameters for secrets" because we store secrets + # using GitHub Secrets. See https://github.com/aws-cloudformation/cfn-lint/blob/main/docs/rules.md + cfn-lint --template `find . -name cloudformation.yml` --info --ignore-checks W3002 W1011 From 415706a44dced2514223342cf77b7f10ed6b9538 Mon Sep 17 00:00:00 2001 From: Jake Herrmann Date: Mon, 8 Jul 2024 10:21:33 -0800 Subject: [PATCH 27/29] update postgres version in template to match deployed version --- apps/database/cloudformation.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/apps/database/cloudformation.yml b/apps/database/cloudformation.yml index 86731350..d0653d2f 100644 --- a/apps/database/cloudformation.yml +++ b/apps/database/cloudformation.yml @@ -48,7 +48,12 @@ Resources: VPCSecurityGroups: - !Ref DatabaseSecurityGroup Engine: postgres - EngineVersion: '14.4' + # RDS may automatically apply minor version upgrades to the deployed database instance, + # in which case the version specified here will fall behind what is deployed in AWS. + # Eventually, cfn-lint may complain that the version shown here is invalid, + # in which case we should update the version shown here to match what is shown in the + # AWS RDS console for our database instance. + EngineVersion: '14.10' MasterUsername: postgres MasterUserPassword: !Ref DatabaseAdminPassword Port: '5432' From 1805c8ff1f556c9421f560fd4dc94c8027462b7a Mon Sep 17 00:00:00 2001 From: Jake Herrmann Date: Mon, 8 Jul 2024 10:38:06 -0800 Subject: [PATCH 28/29] update changelog --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c5f46926..e3913be6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [0.3.5] +### Changed +- Dependency upgrades. + ## [0.3.4] ### Changed - HAND license changed to CC0 from CCBy 4.0 in `collections/glo-30-hand/glo-30-hand.json` to match NASA data publishing guidelines. From 955ac62ca770af2402951ac40c82fb8c20095478 Mon Sep 17 00:00:00 2001 From: Jake Herrmann Date: Mon, 8 Jul 2024 11:14:51 -0800 Subject: [PATCH 29/29] cfn-lint ignore database engine and version --- Makefile | 10 ++++++++-- apps/database/cloudformation.yml | 5 ----- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 093e80c6..9bf58983 100644 --- a/Makefile +++ b/Makefile @@ -65,5 +65,11 @@ flake8: cfn-lint: # Ignore "W1011 Use dynamic references over parameters for secrets" because we store secrets - # using GitHub Secrets. See https://github.com/aws-cloudformation/cfn-lint/blob/main/docs/rules.md - cfn-lint --template `find . -name cloudformation.yml` --info --ignore-checks W3002 W1011 + # using GitHub Secrets. + # + # Ignore E3691 for validating the database instance engine and version, because RDS automatically + # applies minor version upgrades to keep the deployed database instance up-to-date, so we do not + # need to keep the engine version specified in the CloudFormation template up-to-date. + # + # See https://github.com/aws-cloudformation/cfn-lint/blob/main/docs/rules.md + cfn-lint --template `find . -name cloudformation.yml` --info --ignore-checks W3002 W1011 E3691 diff --git a/apps/database/cloudformation.yml b/apps/database/cloudformation.yml index d0653d2f..973cef5f 100644 --- a/apps/database/cloudformation.yml +++ b/apps/database/cloudformation.yml @@ -48,11 +48,6 @@ Resources: VPCSecurityGroups: - !Ref DatabaseSecurityGroup Engine: postgres - # RDS may automatically apply minor version upgrades to the deployed database instance, - # in which case the version specified here will fall behind what is deployed in AWS. - # Eventually, cfn-lint may complain that the version shown here is invalid, - # in which case we should update the version shown here to match what is shown in the - # AWS RDS console for our database instance. EngineVersion: '14.10' MasterUsername: postgres MasterUserPassword: !Ref DatabaseAdminPassword