{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":82719282,"defaultBranch":"dev","name":"physionet-build","ownerLogin":"MIT-LCP","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2017-02-21T19:37:04.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/8147560?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1715188613.0","currentOid":""},"activityList":{"items":[{"before":"d26f2fded538a9495a89538c577b31762d4b78ac","after":"b28f4435e89bae8f15ba46980115952352c4e076","ref":"refs/heads/staging","pushedAt":"2024-05-08T17:17:31.000Z","pushType":"push","commitsCount":11,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"Update CITI course instructions page (#2233)\n\nThis PR follows #2228 by updating the instructions on step 2 to\nprovide more details the MIT Affiliate status. The goal is to\nhopefully reduce emails with confusion around this affiliation status.","shortMessageHtmlLink":"Update CITI course instructions page (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2285954923\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2233\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2233/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2233\">#2233</a>)"}},{"before":"5e3aade6d367832ca120de17036b4ed82ba9838f","after":null,"ref":"refs/heads/ms-citi_instructions","pushedAt":"2024-05-08T17:16:53.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"}},{"before":"092932b88d31b67d1196cdef7746d192a2cccf15","after":"b28f4435e89bae8f15ba46980115952352c4e076","ref":"refs/heads/dev","pushedAt":"2024-05-08T17:14:51.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"Update CITI course instructions page (#2233)\n\nThis PR follows #2228 by updating the instructions on step 2 to\nprovide more details the MIT Affiliate status. The goal is to\nhopefully reduce emails with confusion around this affiliation status.","shortMessageHtmlLink":"Update CITI course instructions page (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2285954923\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2233\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2233/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2233\">#2233</a>)"}},{"before":null,"after":"5e3aade6d367832ca120de17036b4ed82ba9838f","ref":"refs/heads/ms-citi_instructions","pushedAt":"2024-05-08T16:05:55.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"mscanlan-git","name":"Michael Scanlan","path":"/mscanlan-git","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/67070862?s=80&v=4"},"commit":{"message":"Update step 2 under citi course instructions","shortMessageHtmlLink":"Update step 2 under citi course instructions"}},{"before":null,"after":"9063b7dd8ac8db60e123b851e7801c5db58c7be0","ref":"refs/heads/dependabot/pip/jinja2-3.1.4","pushedAt":"2024-05-06T21:01:02.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump jinja2 from 3.1.3 to 3.1.4\n\nBumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4.\n- [Release notes](https://github.com/pallets/jinja/releases)\n- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)\n- [Commits](https://github.com/pallets/jinja/compare/3.1.3...3.1.4)\n\n---\nupdated-dependencies:\n- dependency-name: jinja2\n  dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump jinja2 from 3.1.3 to 3.1.4"}},{"before":null,"after":"7b9d1579cd87f131696b1bb6c1aebf546aa4fbb7","ref":"refs/heads/dependabot/pip/werkzeug-3.0.3","pushedAt":"2024-05-06T19:29:30.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump werkzeug from 3.0.1 to 3.0.3\n\nBumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.1 to 3.0.3.\n- [Release notes](https://github.com/pallets/werkzeug/releases)\n- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)\n- [Commits](https://github.com/pallets/werkzeug/compare/3.0.1...3.0.3)\n\n---\nupdated-dependencies:\n- dependency-name: werkzeug\n  dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump werkzeug from 3.0.1 to 3.0.3"}},{"before":null,"after":"61cdd59794cc66e58aeef7e6faac7ab21a86ad31","ref":"refs/heads/bm/project-testurls","pushedAt":"2024-05-06T16:07:38.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"project/urls.py: add parameters for TestURLs.\n\nSeveral views in this app have mandatory query parameters - these\nviews are accessed only by JavaScript, and return an HTML\nfragment rather than a complete page.\n\nA couple of views are not yet tested because the demo database\ndoes not contain any UploadedDocument objects or any DataAccess\nobjects.  This should be fixed.","shortMessageHtmlLink":"project/urls.py: add parameters for TestURLs."}},{"before":null,"after":"d62648acc3f426238c53d152e1a13417e34fc9d1","ref":"refs/heads/bm/no-phi-internal","pushedAt":"2024-05-02T21:44:17.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"Make the \"no_phi\" field an \"internal\" quality assurance check.\n\nWhen reviewing a project, the editor is asked to perform a series of\n\"quality assurance\" checks.  In the \"edit submission\" form\n(console.forms.EditSubmissionForm), they must answer \"yes\", \"no\", or\n\"undetermined\" for each QA check.  All answers must be \"yes\" in order\nto accept the project.\n\nOne of the questions is \"Is the project free of protected health\ninformation?\"  We don't want to give anyone the false impression that\nthe editor has performed an exhaustive review or that this constitutes\nan \"expert determination\".  In fact, the author is responsible for\ndoing that review themselves before *uploading* the data.\n\nTherefore, keep this field among the questions included in\nEditSubmissionForm, but do not list it as a \"quality assurance result\"\nthat is shown to the authors.  Note that the public \"quality assurance\nresults\" are generated by EditLog.set_quality_assurance_results, and\nthey are included in email messages:\n- notification/templates/notification/email/accept_submission_notify.html\n- notification/templates/notification/email/reject_submission_notify.html\n- notification/templates/notification/email/revise_submission_notify.html\nand in the submission timeline:\n- project/templates/project/active_submission_timeline.html\n- project/templates/project/static_submission_timeline.html","shortMessageHtmlLink":"Make the \"no_phi\" field an \"internal\" quality assurance check."}},{"before":"bfe1ebf39c16a838c80145832b9566e22ebd9c41","after":null,"ref":"refs/heads/bm/unused-training-form","pushedAt":"2024-04-26T07:38:48.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"}},{"before":"1cc27e2f32993a656abeacc8de0e5288859ab2c1","after":"092932b88d31b67d1196cdef7746d192a2cccf15","ref":"refs/heads/dev","pushedAt":"2024-04-26T07:38:45.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Remove unused form processing junk (#2226)\n\nRemove some useless junk code that somebody copied and pasted without\r\nthinking.\r\n\r\nThe \"edit_certifications\" page is not the place where you submit\r\ntraining applications. That's the \"edit_trainings\" page.\r\n\r\n(related to issue #2220)","shortMessageHtmlLink":"Remove unused form processing junk (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2262193796\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2226\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2226/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2226\">#2226</a>)"}},{"before":null,"after":"bfe1ebf39c16a838c80145832b9566e22ebd9c41","ref":"refs/heads/bm/unused-training-form","pushedAt":"2024-04-24T21:09:00.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"edit_certification: remove unused form processing logic.\n\nThe page at /settings/certification/ does not contain any forms.  As\nfar as I can tell, there are no forms on the site that post to\n/settings/certification/.  (The place where people actually submit\ntraining applications is /settings/training/, which posts to\n/settings/training/.)\n\nThe POST-handling code here was apparently copied and pasted from\nedit_training and has no purpose.","shortMessageHtmlLink":"edit_certification: remove unused form processing logic."}},{"before":"2b0adf5e748eadd0d709e72be8ffd40d8c65fabe","after":null,"ref":"refs/heads/bm/db-port","pushedAt":"2024-04-24T18:09:16.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"}},{"before":"78af23ded8095378f240e1214488023db8290011","after":"1cc27e2f32993a656abeacc8de0e5288859ab2c1","ref":"refs/heads/dev","pushedAt":"2024-04-24T18:09:13.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Add a DB_PORT configuration variable (#2224)\n\nSimilar to the DB_HOST and DB_NAME variables (see also pull #2219), add\r\na configuration variable to control the port number for PostgreSQL.","shortMessageHtmlLink":"Add a DB_PORT configuration variable (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2259407901\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2224\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2224/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2224\">#2224</a>)"}},{"before":null,"after":"2b0adf5e748eadd0d709e72be8ffd40d8c65fabe","ref":"refs/heads/bm/db-port","pushedAt":"2024-04-23T17:28:22.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"settings: Add a DB_PORT configuration variable.\n\nSimilar to DB_HOST, this allows connecting to a database server on a\nnon-default port number.","shortMessageHtmlLink":"settings: Add a DB_PORT configuration variable."}},{"before":"45e709efc81b2a89b3fc5d9e9102f411f3a891bb","after":null,"ref":"refs/heads/bm/migration-checklist","pushedAt":"2024-04-22T23:14:09.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"}},{"before":"1b0cf1f8de6152b743ad2e8018d7d024ad6856db","after":"78af23ded8095378f240e1214488023db8290011","ref":"refs/heads/dev","pushedAt":"2024-04-22T23:14:06.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Add server migration checklist (#2222)\n\nAdd documentation of the steps needed to migrate to a new server.\r\n\r\nThis is just a marginally-cleaned-up copy of my old notes file, but this\r\nat least should be tracked somewhere.","shortMessageHtmlLink":"Add server migration checklist (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2257487992\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2222\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2222/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2222\">#2222</a>)"}},{"before":null,"after":"45e709efc81b2a89b3fc5d9e9102f411f3a891bb","ref":"refs/heads/bm/migration-checklist","pushedAt":"2024-04-22T21:15:01.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"Add server migration checklist.\n\nThis document lists the numerous steps required to make an orderly\nmigration from one server to another.\n\nDetailed reference documentation for how to perform these steps is, of\ncourse, still needed.","shortMessageHtmlLink":"Add server migration checklist."}},{"before":"d26f2fded538a9495a89538c577b31762d4b78ac","after":"1b0cf1f8de6152b743ad2e8018d7d024ad6856db","ref":"refs/heads/dev","pushedAt":"2024-04-19T13:57:55.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Added the environment variable in the example file (#2213)\n\nThis PR is a followup to #2204 where the access policies are getting\r\nrestricted. This adds the configuration setting to the .env.example with\r\nusage instructions and it's effects on the platform.","shortMessageHtmlLink":"Added the environment variable in the example file (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2219411951\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2213\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2213/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2213\">#2213</a>)"}},{"before":"b7020fa57e7b1a9348694b8214e2012c83ed5187","after":"d26f2fded538a9495a89538c577b31762d4b78ac","ref":"refs/heads/staging","pushedAt":"2024-04-18T17:10:13.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"Configurable production database name and credentials (#2219)\n\nAllow configuring the production database name (and username and\r\nhostname) by bringing these old settings modules in line with the new\r\nstyle config variables used by physionet.settings.settings.\r\n\r\n(All these variables *should* already be set correctly on all our\r\nservers, but of course we should check before deploying.)","shortMessageHtmlLink":"Configurable production database name and credentials (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2249263616\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2219\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2219/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2219\">#2219</a>)"}},{"before":"b7020fa57e7b1a9348694b8214e2012c83ed5187","after":"d26f2fded538a9495a89538c577b31762d4b78ac","ref":"refs/heads/production","pushedAt":"2024-04-18T17:10:02.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"Configurable production database name and credentials (#2219)\n\nAllow configuring the production database name (and username and\r\nhostname) by bringing these old settings modules in line with the new\r\nstyle config variables used by physionet.settings.settings.\r\n\r\n(All these variables *should* already be set correctly on all our\r\nservers, but of course we should check before deploying.)","shortMessageHtmlLink":"Configurable production database name and credentials (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2249263616\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2219\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2219/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2219\">#2219</a>)"}},{"before":"7ee035e14bf5efb53de75ec5aba1d442cd65db4a","after":null,"ref":"refs/heads/bm/db-config","pushedAt":"2024-04-17T21:10:04.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"}},{"before":"b7020fa57e7b1a9348694b8214e2012c83ed5187","after":"d26f2fded538a9495a89538c577b31762d4b78ac","ref":"refs/heads/dev","pushedAt":"2024-04-17T21:10:02.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Configurable production database name and credentials (#2219)\n\nAllow configuring the production database name (and username and\r\nhostname) by bringing these old settings modules in line with the new\r\nstyle config variables used by physionet.settings.settings.\r\n\r\n(All these variables *should* already be set correctly on all our\r\nservers, but of course we should check before deploying.)","shortMessageHtmlLink":"Configurable production database name and credentials (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2249263616\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2219\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2219/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2219\">#2219</a>)"}},{"before":null,"after":"7ee035e14bf5efb53de75ec5aba1d442cd65db4a","ref":"refs/heads/bm/db-config","pushedAt":"2024-04-17T21:00:03.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"bemoody","name":null,"path":"/bemoody","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7748246?s=80&v=4"},"commit":{"message":"install-pn-test-server: set the DB_PASSWORD variable.\n\nThe physionet.settings.staging module should now use DB_PASSWORD\ninstead of the old DATABASES_PASSWORD.","shortMessageHtmlLink":"install-pn-test-server: set the DB_PASSWORD variable."}},{"before":"89b0964b3866a7e8e900799f23d6437c67a24529","after":"b7020fa57e7b1a9348694b8214e2012c83ed5187","ref":"refs/heads/production","pushedAt":"2024-04-16T04:17:52.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Bump sqlparse from 0.4.4 to 0.5.0 (#2216)\n\nBumps [sqlparse](https://github.com/andialbrecht/sqlparse) from 0.4.4 to\r\n0.5.0.\r\n<details>\r\n<summary>Changelog</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG\">sqlparse's\r\nchangelog</a>.</em></p>\r\n<blockquote>\r\n<h2>Release 0.5.0 (Apr 13, 2024)</h2>\r\n<p>Notable Changes</p>\r\n<ul>\r\n<li>Drop support for Python 3.5, 3.6, and 3.7.</li>\r\n<li>Python 3.12 is now supported (pr725, by hugovk).</li>\r\n<li>IMPORTANT: Fixes a potential denial of service attack (DOS) due to\r\nrecursion\r\nerror for deeply nested statements. Instead of recursion error a generic\r\nSQLParseError is raised. See the security advisory for details:\r\n<a\r\nhref=\"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg\">https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg</a>\r\nThe vulnerability was discovered by <a\r\nhref=\"https://github.com/uriyay-jfrog\"><code>@​uriyay-jfrog</code></a>.\r\nThanks for reporting!</li>\r\n</ul>\r\n<p>Enhancements:</p>\r\n<ul>\r\n<li>Splitting statements now allows to remove the semicolon at the end.\r\nSome database backends love statements without semicolon\r\n(issue742).</li>\r\n<li>Support TypedLiterals in get_parameters (pr649, by Khrol).</li>\r\n<li>Improve splitting of Transact SQL when using GO keyword\r\n(issue762).</li>\r\n<li>Support for some JSON operators (issue682).</li>\r\n<li>Improve formatting of statements containing JSON operators\r\n(issue542).</li>\r\n<li>Support for BigQuery and Snowflake keywords (pr699, by\r\ngriffatrasgo).</li>\r\n<li>Support parsing of OVER clause (issue701, pr768 by r33s3n6).</li>\r\n</ul>\r\n<p>Bug Fixes</p>\r\n<ul>\r\n<li>Ignore dunder attributes when creating Tokens (issue672).</li>\r\n<li>Allow operators to precede dollar-quoted strings (issue763).</li>\r\n<li>Fix parsing of nested order clauses (issue745, pr746 by\r\njohn-bodley).</li>\r\n<li>Thread-safe initialization of Lexer class (issue730).</li>\r\n<li>Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords (based on\r\npr719\r\nby josuc1, thanks for bringing this up!).</li>\r\n<li>Fix parsing of PRIMARY KEY (issue740).</li>\r\n</ul>\r\n<p>Other</p>\r\n<ul>\r\n<li>Optimize performance of matching function (pr799, by\r\nadmachainz).</li>\r\n</ul>\r\n</blockquote>\r\n</details>\r\n<details>\r\n<summary>Commits</summary>\r\n<ul>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/ddbd0ec3592545c914fe71e47118c04582d8bfb0\"><code>ddbd0ec</code></a>\r\nBump version.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/29f2e0a6609ddc1fa248faef1bc41616043c544e\"><code>29f2e0a</code></a>\r\nRaise recursion limit for tests.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03\"><code>b4a39d9</code></a>\r\nRaise SQLParseError instead of RecursionError.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/f1bcf2f8a7ddf6854c99990c56ff5394f4981d58\"><code>f1bcf2f</code></a>\r\nUpdate AUHTORS and Changelog.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/e03b74e608b71dd06824c2cb42421c0d790248e3\"><code>e03b74e</code></a>\r\nFix Function.get_parameters(), add Funtion.get_window()</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/617b8f6cd3c55bacf2c80130901508518753f7e1\"><code>617b8f6</code></a>\r\nAdd OVER clause, and group it into Function (fixes <a\r\nhref=\"https://redirect.github.com/andialbrecht/sqlparse/issues/701\">#701</a>)</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/d8f81471cfc2c39ac43128e2a0c8cc67c313cc40\"><code>d8f8147</code></a>\r\nUpdate AUHTORS and Changelog.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/012c9f10c8ddfa47ccf17ead28122492155cf6fc\"><code>012c9f1</code></a>\r\nOptimize sqlparse.utils.imt().</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/46971e5a804b29e7dbd437155a8ceffab8ef1cd5\"><code>46971e5</code></a>\r\nFix parsing of PRIMARY KEY (fixes <a\r\nhref=\"https://redirect.github.com/andialbrecht/sqlparse/issues/740\">#740</a>).</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/fc4b0beab89c5598d556572cb6db0165affb017b\"><code>fc4b0be</code></a>\r\nCode cleanup.</li>\r\n<li>Additional commits viewable in <a\r\nhref=\"https://github.com/andialbrecht/sqlparse/compare/0.4.4...0.5.0\">compare\r\nview</a></li>\r\n</ul>\r\n</details>\r\n<br />\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sqlparse&package-manager=pip&previous-version=0.4.4&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n<details>\r\n<summary>Dependabot commands and options</summary>\r\n<br />\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show <dependency name> ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/MIT-LCP/physionet-build/network/alerts).\r\n\r\n</details>","shortMessageHtmlLink":"Bump sqlparse from 0.4.4 to 0.5.0 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2244777685\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2216\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2216/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2216\">#2216</a>)"}},{"before":"89b0964b3866a7e8e900799f23d6437c67a24529","after":"b7020fa57e7b1a9348694b8214e2012c83ed5187","ref":"refs/heads/staging","pushedAt":"2024-04-16T04:17:19.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Bump sqlparse from 0.4.4 to 0.5.0 (#2216)\n\nBumps [sqlparse](https://github.com/andialbrecht/sqlparse) from 0.4.4 to\r\n0.5.0.\r\n<details>\r\n<summary>Changelog</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG\">sqlparse's\r\nchangelog</a>.</em></p>\r\n<blockquote>\r\n<h2>Release 0.5.0 (Apr 13, 2024)</h2>\r\n<p>Notable Changes</p>\r\n<ul>\r\n<li>Drop support for Python 3.5, 3.6, and 3.7.</li>\r\n<li>Python 3.12 is now supported (pr725, by hugovk).</li>\r\n<li>IMPORTANT: Fixes a potential denial of service attack (DOS) due to\r\nrecursion\r\nerror for deeply nested statements. Instead of recursion error a generic\r\nSQLParseError is raised. See the security advisory for details:\r\n<a\r\nhref=\"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg\">https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg</a>\r\nThe vulnerability was discovered by <a\r\nhref=\"https://github.com/uriyay-jfrog\"><code>@​uriyay-jfrog</code></a>.\r\nThanks for reporting!</li>\r\n</ul>\r\n<p>Enhancements:</p>\r\n<ul>\r\n<li>Splitting statements now allows to remove the semicolon at the end.\r\nSome database backends love statements without semicolon\r\n(issue742).</li>\r\n<li>Support TypedLiterals in get_parameters (pr649, by Khrol).</li>\r\n<li>Improve splitting of Transact SQL when using GO keyword\r\n(issue762).</li>\r\n<li>Support for some JSON operators (issue682).</li>\r\n<li>Improve formatting of statements containing JSON operators\r\n(issue542).</li>\r\n<li>Support for BigQuery and Snowflake keywords (pr699, by\r\ngriffatrasgo).</li>\r\n<li>Support parsing of OVER clause (issue701, pr768 by r33s3n6).</li>\r\n</ul>\r\n<p>Bug Fixes</p>\r\n<ul>\r\n<li>Ignore dunder attributes when creating Tokens (issue672).</li>\r\n<li>Allow operators to precede dollar-quoted strings (issue763).</li>\r\n<li>Fix parsing of nested order clauses (issue745, pr746 by\r\njohn-bodley).</li>\r\n<li>Thread-safe initialization of Lexer class (issue730).</li>\r\n<li>Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords (based on\r\npr719\r\nby josuc1, thanks for bringing this up!).</li>\r\n<li>Fix parsing of PRIMARY KEY (issue740).</li>\r\n</ul>\r\n<p>Other</p>\r\n<ul>\r\n<li>Optimize performance of matching function (pr799, by\r\nadmachainz).</li>\r\n</ul>\r\n</blockquote>\r\n</details>\r\n<details>\r\n<summary>Commits</summary>\r\n<ul>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/ddbd0ec3592545c914fe71e47118c04582d8bfb0\"><code>ddbd0ec</code></a>\r\nBump version.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/29f2e0a6609ddc1fa248faef1bc41616043c544e\"><code>29f2e0a</code></a>\r\nRaise recursion limit for tests.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03\"><code>b4a39d9</code></a>\r\nRaise SQLParseError instead of RecursionError.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/f1bcf2f8a7ddf6854c99990c56ff5394f4981d58\"><code>f1bcf2f</code></a>\r\nUpdate AUHTORS and Changelog.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/e03b74e608b71dd06824c2cb42421c0d790248e3\"><code>e03b74e</code></a>\r\nFix Function.get_parameters(), add Funtion.get_window()</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/617b8f6cd3c55bacf2c80130901508518753f7e1\"><code>617b8f6</code></a>\r\nAdd OVER clause, and group it into Function (fixes <a\r\nhref=\"https://redirect.github.com/andialbrecht/sqlparse/issues/701\">#701</a>)</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/d8f81471cfc2c39ac43128e2a0c8cc67c313cc40\"><code>d8f8147</code></a>\r\nUpdate AUHTORS and Changelog.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/012c9f10c8ddfa47ccf17ead28122492155cf6fc\"><code>012c9f1</code></a>\r\nOptimize sqlparse.utils.imt().</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/46971e5a804b29e7dbd437155a8ceffab8ef1cd5\"><code>46971e5</code></a>\r\nFix parsing of PRIMARY KEY (fixes <a\r\nhref=\"https://redirect.github.com/andialbrecht/sqlparse/issues/740\">#740</a>).</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/fc4b0beab89c5598d556572cb6db0165affb017b\"><code>fc4b0be</code></a>\r\nCode cleanup.</li>\r\n<li>Additional commits viewable in <a\r\nhref=\"https://github.com/andialbrecht/sqlparse/compare/0.4.4...0.5.0\">compare\r\nview</a></li>\r\n</ul>\r\n</details>\r\n<br />\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sqlparse&package-manager=pip&previous-version=0.4.4&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n<details>\r\n<summary>Dependabot commands and options</summary>\r\n<br />\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show <dependency name> ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/MIT-LCP/physionet-build/network/alerts).\r\n\r\n</details>","shortMessageHtmlLink":"Bump sqlparse from 0.4.4 to 0.5.0 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2244777685\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2216\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2216/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2216\">#2216</a>)"}},{"before":"4795b4e11e6bf4445845bf4d36bbad5a3e8ccfa6","after":"89b0964b3866a7e8e900799f23d6437c67a24529","ref":"refs/heads/production","pushedAt":"2024-04-16T04:17:07.000Z","pushType":"push","commitsCount":8,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Bump idna from 2.10 to 3.7 (#2215)\n\nBumps [idna](https://github.com/kjd/idna) from 2.10 to 3.7.\r\n<details>\r\n<summary>Release notes</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/kjd/idna/releases\">idna's\r\nreleases</a>.</em></p>\r\n<blockquote>\r\n<h2>v3.7</h2>\r\n<h2>What's Changed</h2>\r\n<ul>\r\n<li>Fix issue where specially crafted inputs to encode() could take\r\nexceptionally long amount of time to process. [CVE-2024-3651]</li>\r\n</ul>\r\n<p>Thanks to Guido Vranken for reporting the issue.</p>\r\n<p><strong>Full Changelog</strong>: <a\r\nhref=\"https://github.com/kjd/idna/compare/v3.6...v3.7\">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>\r\n</blockquote>\r\n</details>\r\n<details>\r\n<summary>Changelog</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\">idna's\r\nchangelog</a>.</em></p>\r\n<blockquote>\r\n<p>3.7 (2024-04-11)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Fix issue where specially crafted inputs to encode() could\r\ntake exceptionally long amount of time to process. [CVE-2024-3651]</li>\r\n</ul>\r\n<p>Thanks to Guido Vranken for reporting the issue.</p>\r\n<p>3.6 (2023-11-25)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Fix regression to include tests in source distribution.</li>\r\n</ul>\r\n<p>3.5 (2023-11-24)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Update to Unicode 15.1.0</li>\r\n<li>String codec name is now &quot;idna2008&quot; as overriding the\r\nsystem codec\r\n&quot;idna&quot; was not working.</li>\r\n<li>Fix typing error for codec encoding</li>\r\n<li>&quot;setup.cfg&quot; has been added for this release due to some\r\ndownstream\r\nlack of adherence to PEP 517. Should be removed in a future release\r\nso please prepare accordingly.</li>\r\n<li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to\r\ncomport\r\nwith PEP 517 and the Python Packaging User Guide for sdist\r\narchives.</li>\r\n<li>Added security reporting protocol for project</li>\r\n</ul>\r\n<p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for\r\ncontributions\r\nto this release.</p>\r\n<p>3.4 (2022-09-14)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Update to Unicode 15.0.0</li>\r\n<li>Migrate to pyproject.toml for build information (PEP 621)</li>\r\n<li>Correct another instance where generic exception was raised instead\r\nof\r\nIDNAError for malformed input</li>\r\n<li>Source distribution uses zeroized file ownership for improved\r\nreproducibility</li>\r\n</ul>\r\n<p>Thanks to Seth Michael Larson for contributions to this release.</p>\r\n<p>3.3 (2021-10-13)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Update to Unicode 14.0.0</li>\r\n<li>Update to in-line type annotations</li>\r\n<li>Throw IDNAError exception correctly for some malformed input</li>\r\n<li>Advertise support for Python 3.10</li>\r\n<li>Improve testing regime on Github</li>\r\n</ul>\r\n<!-- raw HTML omitted -->\r\n</blockquote>\r\n<p>... (truncated)</p>\r\n</details>\r\n<details>\r\n<summary>Commits</summary>\r\n<ul>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"><code>1d365e1</code></a>\r\nRelease v3.7</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"><code>c1b3154</code></a>\r\nMerge pull request <a\r\nhref=\"https://redirect.github.com/kjd/idna/issues/172\">#172</a> from\r\nkjd/optimize-contextj</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"><code>0394ec7</code></a>\r\nMerge branch 'master' into optimize-contextj</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"><code>cd58a23</code></a>\r\nMerge pull request <a\r\nhref=\"https://redirect.github.com/kjd/idna/issues/152\">#152</a> from\r\nelliotwutingfeng/dev</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"><code>5beb28b</code></a>\r\nMore efficient resolution of joiner contexts</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"><code>1b12148</code></a>\r\nUpdate ossf/scorecard-action to v2.3.1</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"><code>d516b87</code></a>\r\nUpdate Github actions/checkout to v4</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"><code>c095c75</code></a>\r\nMerge branch 'master' into dev</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"><code>60a0a4c</code></a>\r\nFix typo in GitHub Actions workflow key</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"><code>5918a0e</code></a>\r\nMerge branch 'master' into dev</li>\r\n<li>Additional commits viewable in <a\r\nhref=\"https://github.com/kjd/idna/compare/v2.10...v3.7\">compare\r\nview</a></li>\r\n</ul>\r\n</details>\r\n<br />\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=2.10&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n<details>\r\n<summary>Dependabot commands and options</summary>\r\n<br />\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show <dependency name> ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/MIT-LCP/physionet-build/network/alerts).\r\n\r\n</details>","shortMessageHtmlLink":"Bump idna from 2.10 to 3.7 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2238703152\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2215\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2215/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2215\">#2215</a>)"}},{"before":"84398e6ba2d8aba7552203b63810bdc0187c9a52","after":null,"ref":"refs/heads/dependabot/pip/sqlparse-0.5.0","pushedAt":"2024-04-16T04:16:56.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"}},{"before":"89b0964b3866a7e8e900799f23d6437c67a24529","after":"b7020fa57e7b1a9348694b8214e2012c83ed5187","ref":"refs/heads/dev","pushedAt":"2024-04-16T04:16:53.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Bump sqlparse from 0.4.4 to 0.5.0 (#2216)\n\nBumps [sqlparse](https://github.com/andialbrecht/sqlparse) from 0.4.4 to\r\n0.5.0.\r\n<details>\r\n<summary>Changelog</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG\">sqlparse's\r\nchangelog</a>.</em></p>\r\n<blockquote>\r\n<h2>Release 0.5.0 (Apr 13, 2024)</h2>\r\n<p>Notable Changes</p>\r\n<ul>\r\n<li>Drop support for Python 3.5, 3.6, and 3.7.</li>\r\n<li>Python 3.12 is now supported (pr725, by hugovk).</li>\r\n<li>IMPORTANT: Fixes a potential denial of service attack (DOS) due to\r\nrecursion\r\nerror for deeply nested statements. Instead of recursion error a generic\r\nSQLParseError is raised. See the security advisory for details:\r\n<a\r\nhref=\"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg\">https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg</a>\r\nThe vulnerability was discovered by <a\r\nhref=\"https://github.com/uriyay-jfrog\"><code>@​uriyay-jfrog</code></a>.\r\nThanks for reporting!</li>\r\n</ul>\r\n<p>Enhancements:</p>\r\n<ul>\r\n<li>Splitting statements now allows to remove the semicolon at the end.\r\nSome database backends love statements without semicolon\r\n(issue742).</li>\r\n<li>Support TypedLiterals in get_parameters (pr649, by Khrol).</li>\r\n<li>Improve splitting of Transact SQL when using GO keyword\r\n(issue762).</li>\r\n<li>Support for some JSON operators (issue682).</li>\r\n<li>Improve formatting of statements containing JSON operators\r\n(issue542).</li>\r\n<li>Support for BigQuery and Snowflake keywords (pr699, by\r\ngriffatrasgo).</li>\r\n<li>Support parsing of OVER clause (issue701, pr768 by r33s3n6).</li>\r\n</ul>\r\n<p>Bug Fixes</p>\r\n<ul>\r\n<li>Ignore dunder attributes when creating Tokens (issue672).</li>\r\n<li>Allow operators to precede dollar-quoted strings (issue763).</li>\r\n<li>Fix parsing of nested order clauses (issue745, pr746 by\r\njohn-bodley).</li>\r\n<li>Thread-safe initialization of Lexer class (issue730).</li>\r\n<li>Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords (based on\r\npr719\r\nby josuc1, thanks for bringing this up!).</li>\r\n<li>Fix parsing of PRIMARY KEY (issue740).</li>\r\n</ul>\r\n<p>Other</p>\r\n<ul>\r\n<li>Optimize performance of matching function (pr799, by\r\nadmachainz).</li>\r\n</ul>\r\n</blockquote>\r\n</details>\r\n<details>\r\n<summary>Commits</summary>\r\n<ul>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/ddbd0ec3592545c914fe71e47118c04582d8bfb0\"><code>ddbd0ec</code></a>\r\nBump version.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/29f2e0a6609ddc1fa248faef1bc41616043c544e\"><code>29f2e0a</code></a>\r\nRaise recursion limit for tests.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03\"><code>b4a39d9</code></a>\r\nRaise SQLParseError instead of RecursionError.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/f1bcf2f8a7ddf6854c99990c56ff5394f4981d58\"><code>f1bcf2f</code></a>\r\nUpdate AUHTORS and Changelog.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/e03b74e608b71dd06824c2cb42421c0d790248e3\"><code>e03b74e</code></a>\r\nFix Function.get_parameters(), add Funtion.get_window()</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/617b8f6cd3c55bacf2c80130901508518753f7e1\"><code>617b8f6</code></a>\r\nAdd OVER clause, and group it into Function (fixes <a\r\nhref=\"https://redirect.github.com/andialbrecht/sqlparse/issues/701\">#701</a>)</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/d8f81471cfc2c39ac43128e2a0c8cc67c313cc40\"><code>d8f8147</code></a>\r\nUpdate AUHTORS and Changelog.</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/012c9f10c8ddfa47ccf17ead28122492155cf6fc\"><code>012c9f1</code></a>\r\nOptimize sqlparse.utils.imt().</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/46971e5a804b29e7dbd437155a8ceffab8ef1cd5\"><code>46971e5</code></a>\r\nFix parsing of PRIMARY KEY (fixes <a\r\nhref=\"https://redirect.github.com/andialbrecht/sqlparse/issues/740\">#740</a>).</li>\r\n<li><a\r\nhref=\"https://github.com/andialbrecht/sqlparse/commit/fc4b0beab89c5598d556572cb6db0165affb017b\"><code>fc4b0be</code></a>\r\nCode cleanup.</li>\r\n<li>Additional commits viewable in <a\r\nhref=\"https://github.com/andialbrecht/sqlparse/compare/0.4.4...0.5.0\">compare\r\nview</a></li>\r\n</ul>\r\n</details>\r\n<br />\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sqlparse&package-manager=pip&previous-version=0.4.4&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n<details>\r\n<summary>Dependabot commands and options</summary>\r\n<br />\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show <dependency name> ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/MIT-LCP/physionet-build/network/alerts).\r\n\r\n</details>","shortMessageHtmlLink":"Bump sqlparse from 0.4.4 to 0.5.0 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2244777685\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2216\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2216/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2216\">#2216</a>)"}},{"before":"4795b4e11e6bf4445845bf4d36bbad5a3e8ccfa6","after":"89b0964b3866a7e8e900799f23d6437c67a24529","ref":"refs/heads/staging","pushedAt":"2024-04-16T04:16:29.000Z","pushType":"push","commitsCount":8,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Bump idna from 2.10 to 3.7 (#2215)\n\nBumps [idna](https://github.com/kjd/idna) from 2.10 to 3.7.\r\n<details>\r\n<summary>Release notes</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/kjd/idna/releases\">idna's\r\nreleases</a>.</em></p>\r\n<blockquote>\r\n<h2>v3.7</h2>\r\n<h2>What's Changed</h2>\r\n<ul>\r\n<li>Fix issue where specially crafted inputs to encode() could take\r\nexceptionally long amount of time to process. [CVE-2024-3651]</li>\r\n</ul>\r\n<p>Thanks to Guido Vranken for reporting the issue.</p>\r\n<p><strong>Full Changelog</strong>: <a\r\nhref=\"https://github.com/kjd/idna/compare/v3.6...v3.7\">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>\r\n</blockquote>\r\n</details>\r\n<details>\r\n<summary>Changelog</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\">idna's\r\nchangelog</a>.</em></p>\r\n<blockquote>\r\n<p>3.7 (2024-04-11)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Fix issue where specially crafted inputs to encode() could\r\ntake exceptionally long amount of time to process. [CVE-2024-3651]</li>\r\n</ul>\r\n<p>Thanks to Guido Vranken for reporting the issue.</p>\r\n<p>3.6 (2023-11-25)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Fix regression to include tests in source distribution.</li>\r\n</ul>\r\n<p>3.5 (2023-11-24)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Update to Unicode 15.1.0</li>\r\n<li>String codec name is now &quot;idna2008&quot; as overriding the\r\nsystem codec\r\n&quot;idna&quot; was not working.</li>\r\n<li>Fix typing error for codec encoding</li>\r\n<li>&quot;setup.cfg&quot; has been added for this release due to some\r\ndownstream\r\nlack of adherence to PEP 517. Should be removed in a future release\r\nso please prepare accordingly.</li>\r\n<li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to\r\ncomport\r\nwith PEP 517 and the Python Packaging User Guide for sdist\r\narchives.</li>\r\n<li>Added security reporting protocol for project</li>\r\n</ul>\r\n<p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for\r\ncontributions\r\nto this release.</p>\r\n<p>3.4 (2022-09-14)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Update to Unicode 15.0.0</li>\r\n<li>Migrate to pyproject.toml for build information (PEP 621)</li>\r\n<li>Correct another instance where generic exception was raised instead\r\nof\r\nIDNAError for malformed input</li>\r\n<li>Source distribution uses zeroized file ownership for improved\r\nreproducibility</li>\r\n</ul>\r\n<p>Thanks to Seth Michael Larson for contributions to this release.</p>\r\n<p>3.3 (2021-10-13)\r\n++++++++++++++++</p>\r\n<ul>\r\n<li>Update to Unicode 14.0.0</li>\r\n<li>Update to in-line type annotations</li>\r\n<li>Throw IDNAError exception correctly for some malformed input</li>\r\n<li>Advertise support for Python 3.10</li>\r\n<li>Improve testing regime on Github</li>\r\n</ul>\r\n<!-- raw HTML omitted -->\r\n</blockquote>\r\n<p>... (truncated)</p>\r\n</details>\r\n<details>\r\n<summary>Commits</summary>\r\n<ul>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"><code>1d365e1</code></a>\r\nRelease v3.7</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"><code>c1b3154</code></a>\r\nMerge pull request <a\r\nhref=\"https://redirect.github.com/kjd/idna/issues/172\">#172</a> from\r\nkjd/optimize-contextj</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"><code>0394ec7</code></a>\r\nMerge branch 'master' into optimize-contextj</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"><code>cd58a23</code></a>\r\nMerge pull request <a\r\nhref=\"https://redirect.github.com/kjd/idna/issues/152\">#152</a> from\r\nelliotwutingfeng/dev</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"><code>5beb28b</code></a>\r\nMore efficient resolution of joiner contexts</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"><code>1b12148</code></a>\r\nUpdate ossf/scorecard-action to v2.3.1</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"><code>d516b87</code></a>\r\nUpdate Github actions/checkout to v4</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"><code>c095c75</code></a>\r\nMerge branch 'master' into dev</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"><code>60a0a4c</code></a>\r\nFix typo in GitHub Actions workflow key</li>\r\n<li><a\r\nhref=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"><code>5918a0e</code></a>\r\nMerge branch 'master' into dev</li>\r\n<li>Additional commits viewable in <a\r\nhref=\"https://github.com/kjd/idna/compare/v2.10...v3.7\">compare\r\nview</a></li>\r\n</ul>\r\n</details>\r\n<br />\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=2.10&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n<details>\r\n<summary>Dependabot commands and options</summary>\r\n<br />\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show <dependency name> ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/MIT-LCP/physionet-build/network/alerts).\r\n\r\n</details>","shortMessageHtmlLink":"Bump idna from 2.10 to 3.7 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2238703152\" data-permission-text=\"Title is private\" data-url=\"https://github.com/MIT-LCP/physionet-build/issues/2215\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/MIT-LCP/physionet-build/pull/2215/hovercard\" href=\"https://github.com/MIT-LCP/physionet-build/pull/2215\">#2215</a>)"}},{"before":"4aa74d458ccefd7e2b0cd2e53c7c16bd26680c37","after":"84398e6ba2d8aba7552203b63810bdc0187c9a52","ref":"refs/heads/dependabot/pip/sqlparse-0.5.0","pushedAt":"2024-04-16T04:10:38.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tompollard","name":"Tom Pollard","path":"/tompollard","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/822601?s=80&v=4"},"commit":{"message":"Bump sqlparse from 0.4.4 to 0.5.0","shortMessageHtmlLink":"Bump sqlparse from 0.4.4 to 0.5.0"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAERN-cawA","startCursor":null,"endCursor":null}},"title":"Activity · MIT-LCP/physionet-build"}