ragflow

Commit-Graf

Upphovsman	SHA1	Meddelande	Datum
H	ce587cba56	Add GitHub, deepl, baidu-fanyi (#1857) ### What problem does this PR solve? #1739 ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com>	1 år sedan
黄腾	c7d00c2272	remove jina pack in requirement file to fix package conflict (#1867) ### What problem does this PR solve? #1824 #1822 remove jina pack in requirement file to fix package conflict ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) Co-authored-by: Zhedong Cen <cenzhedong2@126.com>	1 år sedan
黄腾	e34817c2a9	add support for cohere (#1849) ### What problem does this PR solve? _Briefly describe what this PR aims to solve. Include background context that will help reviewers understand the purpose of the PR._ ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Zhedong Cen <cenzhedong2@126.com>	1 år sedan
H	5d55e6a049	Add component google scholar (#1790) ### What problem does this PR solve? #1739 ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
黄腾	50e9df4c76	fix jina module not find bug (#1770) ### What problem does this PR solve? fix jina module not find bug ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) Co-authored-by: Zhedong Cen <cenzhedong2@126.com>	1 år sedan
H	6012f376ca	Add component google,Bing (#1737) ### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com>	1 år sedan
Kevin Hu	100b3165d8	pypdf2 to pypdf (#1684) ### What problem does this PR solve? pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character #59 ### Type of change - [x] Refactoring	1 år sedan
dependabot[bot]	71f2ba1452	build(deps): bump werkzeug from 3.0.1 to 3.0.3 (#1669) Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.1 to 3.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/werkzeug/releases">werkzeug's releases</a>.</em></p> <blockquote> <h2>3.0.3</h2> <p>This is the Werkzeug 3.0.3 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.</p> <p>PyPI: <a href="https://pypi.org/project/Werkzeug/3.0.3/">https://pypi.org/project/Werkzeug/3.0.3/</a> Changes: <a href="https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3">https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3</a> Milestone: <a href="https://github.com/pallets/werkzeug/milestone/35?closed=1">https://github.com/pallets/werkzeug/milestone/35?closed=1</a></p> <ul> <li>Only allow <code>localhost</code>, <code>.localhost</code>, <code>127.0.0.1</code>, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. GHSA-2g68-c3qc-8985</li> <li>Make reloader more robust when <code>""</code> is in <code>sys.path</code>. <a href="https://redirect.github.com/pallets/werkzeug/issues/2823">#2823</a></li> <li>Better TLS cert format with <code>adhoc</code> dev certs. <a href="https://redirect.github.com/pallets/werkzeug/issues/2891">#2891</a></li> <li>Inform Python < 3.12 how to handle <code>itms-services</code> URIs correctly, rather than using an overly-broad workaround in Werkzeug that caused some redirect URIs to be passed on without encoding. <a href="https://redirect.github.com/pallets/werkzeug/issues/2828">#2828</a></li> <li>Type annotation for <code>Rule.endpoint</code> and other uses of <code>endpoint</code> is <code>Any</code>. <a href="https://redirect.github.com/pallets/werkzeug/issues/2836">#2836</a></li> </ul> <h2>3.0.2</h2> <p>This is a fix release for the 3.0.x feature branch.</p> <ul> <li>Changes: <a href="https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-2">https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-2</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/werkzeug/blob/main/CHANGES.rst">werkzeug's changelog</a>.</em></p> <blockquote> <h2>Version 3.0.3</h2> <p>Released 2024-05-05</p> <ul> <li> <p>Only allow <code>localhost</code>, <code>.localhost</code>, <code>127.0.0.1</code>, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. :ghsa:<code>2g68-c3qc-8985</code></p> </li> <li> <p>Make reloader more robust when <code>""</code> is in <code>sys.path</code>. :pr:<code>2823</code></p> </li> <li> <p>Better TLS cert format with <code>adhoc</code> dev certs. :pr:<code>2891</code></p> </li> <li> <p>Inform Python < 3.12 how to handle <code>itms-services</code> URIs correctly, rather than using an overly-broad workaround in Werkzeug that caused some redirect URIs to be passed on without encoding. :issue:<code>2828</code></p> </li> <li> <p>Type annotation for <code>Rule.endpoint</code> and other uses of <code>endpoint</code> is <code>Any</code>. :issue:<code>2836</code></p> </li> <li> <p>Make reloader more robust when <code>""</code> is in <code>sys.path</code>. :pr:<code>2823</code></p> </li> </ul> <h2>Version 3.0.2</h2> <p>Released 2024-04-01</p> <ul> <li>Ensure setting <code>merge_slashes</code> to <code>False</code> results in <code>NotFound</code> for repeated-slash requests against single slash routes. :issue:<code>2834</code></li> <li>Fix handling of <code>TypeError</code> in <code>TypeConversionDict.get()</code> to match <code>ValueError</code>. :issue:<code>2843</code></li> <li>Fix <code>response_wrapper</code> type check in test client. :issue:<code>2831</code></li> <li>Make the return type of <code>MultiPartParser.parse</code> more precise. :issue:<code>2840</code></li> <li>Raise an error if converter arguments cannot be parsed. :issue:<code>2822</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`f9995e9679`"><code>f9995e9</code></a> release version 3.0.3</li> <li><a href="`3386395b24`"><code>3386395</code></a> Merge pull request from GHSA-2g68-c3qc-8985</li> <li><a href="`890b6b6263`"><code>890b6b6</code></a> only require trusted host for evalex</li> <li><a href="`71b69dfb7d`"><code>71b69df</code></a> restrict debugger trusted hosts</li> <li><a href="`d2d3869525`"><code>d2d3869</code></a> endpoint type is Any (<a href="https://redirect.github.com/pallets/werkzeug/issues/2895">#2895</a>)</li> <li><a href="`7080b55acd`"><code>7080b55</code></a> endpoint type is Any</li> <li><a href="`7555eff296`"><code>7555eff</code></a> remove iri_to_uri redirect workaround (<a href="https://redirect.github.com/pallets/werkzeug/issues/2894">#2894</a>)</li> <li><a href="`97fb2f7222`"><code>97fb2f7</code></a> remove _invalid_iri_to_uri workaround</li> <li><a href="`249527ff98`"><code>249527f</code></a> make cn field a valid single hostname, and use wildcard in SANs field. (<a href="https://redirect.github.com/pallets/werkzeug/issues/2892">#2892</a>)</li> <li><a href="`793be472c9`"><code>793be47</code></a> update adhoc tls dev cert format</li> <li>Additional commits viewable in <a href="https://github.com/pallets/werkzeug/compare/3.0.1...3.0.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=werkzeug&package-manager=pip&previous-version=3.0.1&new-version=3.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	1ec84a589e	build(deps): bump aiohttp from 3.9.3 to 3.9.4 (#1670) Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.3 to 3.9.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/releases">aiohttp's releases</a>.</em></p> <blockquote> <h2>3.9.4</h2> <h2>Bug fixes</h2> <ul> <li> <p>The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:<code>webknjaz</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8089">#8089</a>.</p> </li> <li> <p>Treated values of <code>Accept-Encoding</code> header as case-insensitive when checking for gzip files -- by :user:<code>steverep</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8104">#8104</a>.</p> </li> <li> <p>Improved the DNS resolution performance on cache hit -- by :user:<code>bdraco</code>.</p> <p>This is achieved by avoiding an :mod:<code>asyncio</code> task creation in this case.</p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8163">#8163</a>.</p> </li> <li> <p>Changed the type annotations to allow <code>dict</code> on :meth:<code>aiohttp.MultipartWriter.append</code>, :meth:<code>aiohttp.MultipartWriter.append_json</code> and :meth:<code>aiohttp.MultipartWriter.append_form</code> -- by :user:<code>cakemanny</code></p> <p><em>Related issues and pull requests on GitHub:</em> <a href="https://redirect.github.com/aio-libs/aiohttp/issues/7741">#7741</a>.</p> </li> <li> <p>Ensure websocket transport is closed when client does not close it -- by :user:<code>bdraco</code>.</p> <p>The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst">aiohttp's changelog</a>.</em></p> <blockquote> <h1>3.9.4 (2024-04-11)</h1> <h2>Bug fixes</h2> <ul> <li> <p>The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:<code>webknjaz</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8089</code>.</p> </li> <li> <p>Treated values of <code>Accept-Encoding</code> header as case-insensitive when checking for gzip files -- by :user:<code>steverep</code>.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8104</code>.</p> </li> <li> <p>Improved the DNS resolution performance on cache hit -- by :user:<code>bdraco</code>.</p> <p>This is achieved by avoiding an :mod:<code>asyncio</code> task creation in this case.</p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>8163</code>.</p> </li> <li> <p>Changed the type annotations to allow <code>dict</code> on :meth:<code>aiohttp.MultipartWriter.append</code>, :meth:<code>aiohttp.MultipartWriter.append_json</code> and :meth:<code>aiohttp.MultipartWriter.append_form</code> -- by :user:<code>cakemanny</code></p> <p><em>Related issues and pull requests on GitHub:</em> :issue:<code>7741</code>.</p> </li> <li> <p>Ensure websocket transport is closed when client does not close it -- by :user:<code>bdraco</code>.</p> <p>The transport could remain open if the client did not close it. This change ensures the transport is closed when the client does not close it.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`b3397c7ac4`"><code>b3397c7</code></a> Release v3.9.4 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8201">#8201</a>)</li> <li><a href="`a7e240a9f6`"><code>a7e240a</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8320">#8320</a>/9ba9a4e5 backport][3.9] Fix Python parser to mark responses without...</li> <li><a href="`28335525d1`"><code>2833552</code></a> Escape filenames and paths in HTML when generating index pages (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8317">#8317</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8319">#8319</a>)</li> <li><a href="`ed43040613`"><code>ed43040</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8309">#8309</a>/c29945a1 backport][3.9] Improve reliability of run_app test (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8315">#8315</a>)</li> <li><a href="`ec2be0500e`"><code>ec2be05</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8299">#8299</a>/28d026eb backport][3.9] Create marker for internal tests (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8307">#8307</a>)</li> <li><a href="`292d961f4e`"><code>292d961</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8304">#8304</a>/88c80c14 backport][3.9] Check for backports in CI (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8305">#8305</a>)</li> <li><a href="`cebe526b9c`"><code>cebe526</code></a> Fix handling of multipart/form-data (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8280">#8280</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8302">#8302</a>)</li> <li><a href="`270ae9cf6a`"><code>270ae9c</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8297">#8297</a>/d15f07cf backport][3.9] Upgrade to llhttp 9.2.1 (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8292">#8292</a>) (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8298">#8298</a>)</li> <li><a href="`bb231059b1`"><code>bb23105</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8283">#8283</a>/54e13b0a backport][3.9] Fix blocking I/O in the event loop while pr...</li> <li><a href="`3f79241bcb`"><code>3f79241</code></a> [PR <a href="https://redirect.github.com/aio-libs/aiohttp/issues/8286">#8286</a>/28f1fd88 backport][3.9] docs: remove repetitive word in comment (<a href="https://redirect.github.com/aio-libs/aiohttp/issues/8">#8</a>...</li> <li>Additional commits viewable in <a href="https://github.com/aio-libs/aiohttp/compare/v3.9.3...v3.9.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.9.3&new-version=3.9.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	eb40377700	build(deps): bump scikit-learn from 1.4.1.post1 to 1.5.0 (#1671) Bumps [scikit-learn](https://github.com/scikit-learn/scikit-learn) from 1.4.1.post1 to 1.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/scikit-learn/scikit-learn/releases">scikit-learn's releases</a>.</em></p> <blockquote> <h2>Scikit-learn 1.5.0</h2> <p>We're happy to announce the 1.5.0 release.</p> <p>You can read the release highlights under <a href="https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html">https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html</a> and the long version of the change log under <a href="https://scikit-learn.org/stable/whats_new/v1.5.html">https://scikit-learn.org/stable/whats_new/v1.5.html</a></p> <p>This version supports Python versions 3.9 to 3.12.</p> <p>You can upgrade with pip as usual:</p> <pre><code>pip install -U scikit-learn </code></pre> <p>The conda-forge builds can be installed using:</p> <pre><code>conda install -c conda-forge scikit-learn </code></pre> <h2>Scikit-learn 1.4.2</h2> <p>We're happy to announce the 1.4.2 release.</p> <p>This release only includes support for numpy 2.</p> <p>This version supports Python versions 3.9 to 3.12.</p> <p>You can upgrade with pip as usual:</p> <pre><code>pip install -U scikit-learn </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`b51d0c9648`"><code>b51d0c9</code></a> trigger whell builder [cd build]</li> <li><a href="`919ae9bf72`"><code>919ae9b</code></a> MAINT Reoder what's new for 1.5 (<a href="https://redirect.github.com/scikit-learn/scikit-learn/issues/29039">#29039</a>)</li> <li><a href="`0ac28ade87`"><code>0ac28ad</code></a> DOC Release highlights 1.5 (<a href="https://redirect.github.com/scikit-learn/scikit-learn/issues/29007">#29007</a>)</li> <li><a href="`729b54d5af`"><code>729b54d</code></a> test py3.12 against numpy 2 [cd build]</li> <li><a href="`1e50434f18`"><code>1e50434</code></a> set version</li> <li><a href="`ffbe4ab45b`"><code>ffbe4ab</code></a> DOC remove obsolete SVM example (<a href="https://redirect.github.com/scikit-learn/scikit-learn/issues/27108">#27108</a>)</li> <li><a href="`4647729e5e`"><code>4647729</code></a> DOC Fix time complexity of MLP (<a href="https://redirect.github.com/scikit-learn/scikit-learn/issues/28592">#28592</a>)</li> <li><a href="`9bd7047b4a`"><code>9bd7047</code></a> FIX convergence criterion of MeanShift (<a href="https://redirect.github.com/scikit-learn/scikit-learn/issues/28951">#28951</a>)</li> <li><a href="`b79420f1c2`"><code>b79420f</code></a> FIX add long long for int32/int64 windows compat in NumPy 2.0 (<a href="https://redirect.github.com/scikit-learn/scikit-learn/issues/29029">#29029</a>)</li> <li><a href="`37f544db78`"><code>37f544d</code></a> DOC replace pandas with Polars in examples/gaussian_process/plot_gpr_co2.py (...</li> <li>Additional commits viewable in <a href="https://github.com/scikit-learn/scikit-learn/compare/1.4.1.post1...1.5.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=scikit-learn&package-manager=pip&previous-version=1.4.1.post1&new-version=1.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	bbf9d6d786	build(deps): bump urllib3 from 2.2.1 to 2.2.2 (#1672) Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.1 to 2.2.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.2.2</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li> <li>Allowed passing negative integers as <code>amt</code> to read methods of <code>http.client.HTTPResponse</code> as an alternative to <code>None</code>. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3122">#3122</a>)</li> <li>Fixed return types representing copying actions to use <code>typing.Self</code>. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3363">#3363</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2">https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.2.2 (2024-06-17)</h1> <ul> <li>Added the <code>Proxy-Authorization</code> header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via <code>Retry.remove_headers_on_redirect</code>.</li> <li>Allowed passing negative integers as <code>amt</code> to read methods of <code>http.client.HTTPResponse</code> as an alternative to <code>None</code>. (<code>[#3122](https://github.com/urllib3/urllib3/issues/3122) <https://github.com/urllib3/urllib3/issues/3122></code>__)</li> <li>Fixed return types representing copying actions to use <code>typing.Self</code>. (<code>[#3363](https://github.com/urllib3/urllib3/issues/3363) <https://github.com/urllib3/urllib3/issues/3363></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`27e2a5c5a7`"><code>27e2a5c</code></a> Release 2.2.2 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3406">#3406</a>)</li> <li><a href="`accff72ecc`"><code>accff72</code></a> Merge pull request from GHSA-34jh-p97f-mpxf</li> <li><a href="`34be4a57e5`"><code>34be4a5</code></a> Pin CFFI to a new release candidate instead of a Git commit (<a href="https://redirect.github.com/urllib3/urllib3/issues/3398">#3398</a>)</li> <li><a href="`da410581b6`"><code>da41058</code></a> Bump browser-actions/setup-chrome from 1.6.0 to 1.7.1 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3399">#3399</a>)</li> <li><a href="`b07a669bd9`"><code>b07a669</code></a> Bump github/codeql-action from 2.13.4 to 3.25.6 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3396">#3396</a>)</li> <li><a href="`b8589ec9f8`"><code>b8589ec</code></a> Measure coverage with v4 of artifact actions (<a href="https://redirect.github.com/urllib3/urllib3/issues/3394">#3394</a>)</li> <li><a href="`f3bdc55851`"><code>f3bdc55</code></a> Allow triggering CI manually (<a href="https://redirect.github.com/urllib3/urllib3/issues/3391">#3391</a>)</li> <li><a href="`52392654b3`"><code>5239265</code></a> Fix HTTP version in debug log (<a href="https://redirect.github.com/urllib3/urllib3/issues/3316">#3316</a>)</li> <li><a href="`b34619f94e`"><code>b34619f</code></a> Bump actions/checkout to 4.1.4 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3387">#3387</a>)</li> <li><a href="`9961d14de7`"><code>9961d14</code></a> Bump browser-actions/setup-chrome from 1.5.0 to 1.6.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3386">#3386</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.2.1&new-version=2.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	8c2b91d3db	build(deps): bump requests from 2.31.0 to 2.32.2 (#1673) Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.32.2</h2> <h2>2.32.2 (2024-05-21)</h2> <p><strong>Deprecations</strong></p> <ul> <li> <p>To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed <code>_get_connection</code> to a new public API, <code>get_connection_with_tls_context</code>. Existing custom HTTPAdapters will need to migrate their code to use this new API. <code>get_connection</code> is considered deprecated in all versions of Requests>=2.32.0.</p> <p>A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (<a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a>)</p> </li> </ul> <h2>v2.32.1</h2> <h2>2.32.1 (2024-05-20)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Add missing test certs to the sdist distributed on PyPI.</li> </ul> <h2>v2.32.0</h2> <h2>2.32.0 (2024-05-20)</h2> <h2>🐍 PYCON US 2024 EDITION 🐍</h2> <p><strong>Security</strong></p> <ul> <li>Fixed an issue where setting <code>verify=False</code> on the first request from a Session will cause subsequent requests to the <em>same origin</em> to also ignore cert verification, regardless of the value of <code>verify</code>. (<a href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li> </ul> <p><strong>Improvements</strong></p> <ul> <li><code>verify=True</code> now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li>Requests now supports optional use of character detection (<code>chardet</code> or <code>charset_normalizer</code>) when repackaged or vendored. This enables <code>pip</code> and other projects to minimize their vendoring surface area. The <code>Response.text()</code> and <code>apparent_encoding</code> APIs will default to <code>utf-8</code> if neither library is present. (<a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (<a href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li> <li>Fixed deserialization bug in JSONDecodeError. (<a href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li> <li>Fixed bug where an extra leading <code>/</code> (path separator) could lead urllib3 to unnecessarily reparse the request URI. (<a href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.32.2 (2024-05-21)</h2> <p><strong>Deprecations</strong></p> <ul> <li> <p>To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed <code>_get_connection</code> to a new public API, <code>get_connection_with_tls_context</code>. Existing custom HTTPAdapters will need to migrate their code to use this new API. <code>get_connection</code> is considered deprecated in all versions of Requests>=2.32.0.</p> <p>A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (<a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a>)</p> </li> </ul> <h2>2.32.1 (2024-05-20)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Add missing test certs to the sdist distributed on PyPI.</li> </ul> <h2>2.32.0 (2024-05-20)</h2> <p><strong>Security</strong></p> <ul> <li>Fixed an issue where setting <code>verify=False</code> on the first request from a Session will cause subsequent requests to the <em>same origin</em> to also ignore cert verification, regardless of the value of <code>verify</code>. (<a href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li> </ul> <p><strong>Improvements</strong></p> <ul> <li><code>verify=True</code> now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li>Requests now supports optional use of character detection (<code>chardet</code> or <code>charset_normalizer</code>) when repackaged or vendored. This enables <code>pip</code> and other projects to minimize their vendoring surface area. The <code>Response.text()</code> and <code>apparent_encoding</code> APIs will default to <code>utf-8</code> if neither library is present. (<a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (<a href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li> <li>Fixed deserialization bug in JSONDecodeError. (<a href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li> <li>Fixed bug where an extra leading <code>/</code> (path separator) could lead urllib3 to unnecessarily reparse the request URI. (<a href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li> </ul> <p><strong>Deprecations</strong></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`88dce9d854`"><code>88dce9d</code></a> v2.32.2</li> <li><a href="`c98e4d133e`"><code>c98e4d1</code></a> Merge pull request <a href="https://redirect.github.com/psf/requests/issues/6710">#6710</a> from nateprewitt/api_rename</li> <li><a href="`92075b330a`"><code>92075b3</code></a> Add deprecation warning</li> <li><a href="`aa1461b68a`"><code>aa1461b</code></a> Move _get_connection to get_connection_with_tls_context</li> <li><a href="`970e8cec98`"><code>970e8ce</code></a> v2.32.1</li> <li><a href="`d6ebc4a2f1`"><code>d6ebc4a</code></a> v2.32.0</li> <li><a href="`9a40d12778`"><code>9a40d12</code></a> Avoid reloading root certificates to improve concurrent performance (<a href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li> <li><a href="`0c030f78d2`"><code>0c030f7</code></a> Merge pull request <a href="https://redirect.github.com/psf/requests/issues/6702">#6702</a> from nateprewitt/no_char_detection</li> <li><a href="`555b870eb1`"><code>555b870</code></a> Allow character detection dependencies to be optional in post-packaging steps</li> <li><a href="`d6dded3f00`"><code>d6dded3</code></a> Merge pull request <a href="https://redirect.github.com/psf/requests/issues/6700">#6700</a> from franekmagiera/update-redirect-to-invalid-uri-test</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.31.0...v2.32.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.31.0&new-version=2.32.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	55028b2db7	build(deps): bump jinja2 from 3.1.3 to 3.1.4 (#1674) [//]: # (dependabot-start) ⚠️ Dependabot is rebasing this PR ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/releases">jinja2's releases</a>.</em></p> <blockquote> <h2>3.1.4</h2> <p>This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.</p> <p>PyPI: <a href="https://pypi.org/project/Jinja2/3.1.4/">https://pypi.org/project/Jinja2/3.1.4/</a> Changes: <a href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4</a></p> <ul> <li>The <code>xmlattr</code> filter does not allow keys with <code>/</code> solidus, <code>></code> greater-than sign, or <code>=</code> equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/blob/main/CHANGES.rst">jinja2's changelog</a>.</em></p> <blockquote> <h2>Version 3.1.4</h2> <p>Released 2024-05-05</p> <ul> <li>The <code>xmlattr</code> filter does not allow keys with <code>/</code> solidus, <code>></code> greater-than sign, or <code>=</code> equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:<code>h75v-3vvj-5mfj</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`dd4a8b5466`"><code>dd4a8b5</code></a> release version 3.1.4</li> <li><a href="`0668239dc6`"><code>0668239</code></a> Merge pull request from GHSA-h75v-3vvj-5mfj</li> <li><a href="`d655030770`"><code>d655030</code></a> disallow invalid characters in keys to xmlattr filter</li> <li><a href="`a7863ba9d3`"><code>a7863ba</code></a> add ghsa links</li> <li><a href="`b5c98e78c2`"><code>b5c98e7</code></a> start version 3.1.4</li> <li><a href="`da3a9f0b80`"><code>da3a9f0</code></a> update project files (<a href="https://redirect.github.com/pallets/jinja/issues/1968">#1968</a>)</li> <li><a href="`0ee5eb41d1`"><code>0ee5eb4</code></a> satisfy formatter, linter, and strict mypy</li> <li><a href="`20477c6357`"><code>20477c6</code></a> update project files (<a href="https://redirect.github.com/pallets/jinja/issues/5457">#5457</a>)</li> <li><a href="`e491223739`"><code>e491223</code></a> update pyyaml dev dependency</li> <li><a href="`36f98854c7`"><code>36f9885</code></a> fix pr link</li> <li>Additional commits viewable in <a href="https://github.com/pallets/jinja/compare/3.1.3...3.1.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jinja2&package-manager=pip&previous-version=3.1.3&new-version=3.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	daf86dbf74	build(deps): bump flask-cors from 4.0.0 to 4.0.1 (#1675) Bumps [flask-cors](https://github.com/corydolphin/flask-cors) from 4.0.0 to 4.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/corydolphin/flask-cors/releases">flask-cors's releases</a>.</em></p> <blockquote> <h2>4.0.1</h2> <h2>What's Changed</h2> <ul> <li>Fix Read the Docs builds by <a href="https://github.com/kurtmckee"><code>@kurtmckee</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/345">corydolphin/flask-cors#345</a></li> <li>Update extension.py to clean request.path before logging it by <a href="https://github.com/aneshujevic"><code>@aneshujevic</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/351">corydolphin/flask-cors#351</a></li> <li>Update CI to include Python 3.12 and flask 3.0.3 by <a href="https://github.com/corydolphin"><code>@corydolphin</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/354">corydolphin/flask-cors#354</a></li> <li>Release 4.0.1 by <a href="https://github.com/corydolphin"><code>@corydolphin</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/353">corydolphin/flask-cors#353</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kurtmckee"><code>@kurtmckee</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/345">corydolphin/flask-cors#345</a></li> <li><a href="https://github.com/aneshujevic"><code>@aneshujevic</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/351">corydolphin/flask-cors#351</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corydolphin/flask-cors/compare/4.0.0...4.0.1">https://github.com/corydolphin/flask-cors/compare/4.0.0...4.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md">flask-cors's changelog</a>.</em></p> <blockquote> <h2>4.0.1</h2> <h3>Security</h3> <ul> <li>Address <a href="https://github.com/advisories/GHSA-84pr-m4jr-85g5">CVE-2024-1681</a> which is a log injection vulnerability when the log level is set to debug by <a href="https://github.com/aneshujevic"><code>@aneshujevic</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/351">corydolphin/flask-cors#351</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`1df178ccc0`"><code>1df178c</code></a> Release 0.4.1 (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/353">#353</a>)</li> <li><a href="`5090b4a43f`"><code>5090b4a</code></a> Update CI to include Python 3.12 and flask 3.0.3 (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/354">#354</a>)</li> <li><a href="`6172c2000d`"><code>6172c20</code></a> Update extension.py to clean request.path before logging it (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/351">#351</a>)</li> <li><a href="`cadade9403`"><code>cadade9</code></a> Fix Read the Docs builds (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/345">#345</a>)</li> <li>See full diff in <a href="https://github.com/corydolphin/flask-cors/compare/4.0.0...4.0.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flask-cors&package-manager=pip&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	b2ef6a05a1	build(deps): bump idna from 3.6 to 3.7 (#1676) Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/releases">idna's releases</a>.</em></p> <blockquote> <h2>v3.7</h2> <h2>What's Changed</h2> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's changelog</a>.</em></p> <blockquote> <p>3.7 (2024-04-11) ++++++++++++++++</p> <ul> <li>Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]</li> </ul> <p>Thanks to Guido Vranken for reporting the issue.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`1d365e17e1`"><code>1d365e1</code></a> Release v3.7</li> <li><a href="`c1b3154939`"><code>c1b3154</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/172">#172</a> from kjd/optimize-contextj</li> <li><a href="`0394ec76ff`"><code>0394ec7</code></a> Merge branch 'master' into optimize-contextj</li> <li><a href="`cd58a23173`"><code>cd58a23</code></a> Merge pull request <a href="https://redirect.github.com/kjd/idna/issues/152">#152</a> from elliotwutingfeng/dev</li> <li><a href="`5beb28b9dd`"><code>5beb28b</code></a> More efficient resolution of joiner contexts</li> <li><a href="`1b121483ed`"><code>1b12148</code></a> Update ossf/scorecard-action to v2.3.1</li> <li><a href="`d516b874c3`"><code>d516b87</code></a> Update Github actions/checkout to v4</li> <li><a href="`c095c75943`"><code>c095c75</code></a> Merge branch 'master' into dev</li> <li><a href="`60a0a4cb61`"><code>60a0a4c</code></a> Fix typo in GitHub Actions workflow key</li> <li><a href="`5918a0ef80`"><code>5918a0e</code></a> Merge branch 'master' into dev</li> <li>Additional commits viewable in <a href="https://github.com/kjd/idna/compare/v3.6...v3.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=3.6&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	6bc3a2d58a	build(deps): bump pillow from 10.2.0 to 10.3.0 (#1677) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.2.0 to 10.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python-pillow/Pillow/releases">pillow's releases</a>.</em></p> <blockquote> <h2>10.3.0</h2> <p><a href="https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html">https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html</a></p> <h2>Changes</h2> <ul> <li>CVE-2024-28219: Use strncpy to avoid buffer overflow <a href="https://redirect.github.com/python-pillow/Pillow/issues/7928">#7928</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> <li>Use <code>functools.lru_cache</code> for <code>hopper()</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/7912">#7912</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> <li>Raise ValueError if seeking to greater than offset-sized integer in TIFF <a href="https://redirect.github.com/python-pillow/Pillow/issues/7883">#7883</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Improve speed of loading QOI images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7925">#7925</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Added RGB to I;16N conversion <a href="https://redirect.github.com/python-pillow/Pillow/issues/7920">#7920</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Add --report argument to <strong>main</strong>.py to omit supported formats <a href="https://redirect.github.com/python-pillow/Pillow/issues/7818">#7818</a> [<a href="https://github.com/nulano"><code>@nulano</code></a>]</li> <li>Added RGB to I;16, I;16L and I;16B conversion <a href="https://redirect.github.com/python-pillow/Pillow/issues/7918">#7918</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fix editable installation with custom build backend and configuration options <a href="https://redirect.github.com/python-pillow/Pillow/issues/7658">#7658</a> [<a href="https://github.com/nulano"><code>@nulano</code></a>]</li> <li>Fix putdata() for I;16N on big-endian <a href="https://redirect.github.com/python-pillow/Pillow/issues/7209">#7209</a> [<a href="https://github.com/Yay295"><code>@Yay295</code></a>]</li> <li>Determine MPO size from markers, not EXIF data <a href="https://redirect.github.com/python-pillow/Pillow/issues/7884">#7884</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Improved conversion from RGB to RGBa, LA and La <a href="https://redirect.github.com/python-pillow/Pillow/issues/7888">#7888</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Support FITS images with GZIP_1 compression <a href="https://redirect.github.com/python-pillow/Pillow/issues/7894">#7894</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use I;16 mode for 9-bit JPEG 2000 images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7900">#7900</a> [<a href="https://github.com/scaramallion"><code>@scaramallion</code></a>]</li> <li>Raise ValueError if kmeans is negative <a href="https://redirect.github.com/python-pillow/Pillow/issues/7891">#7891</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Remove TIFF tag OSUBFILETYPE when saving using libtiff <a href="https://redirect.github.com/python-pillow/Pillow/issues/7893">#7893</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Raise ValueError for negative values when loading P1-P3 PPM images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7882">#7882</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Added reading of JPEG2000 palettes <a href="https://redirect.github.com/python-pillow/Pillow/issues/7870">#7870</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Added alpha_quality argument when saving WebP images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7872">#7872</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions <a href="https://redirect.github.com/python-pillow/Pillow/issues/7881">#7881</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Removed Python and NumPy pinning on Cygwin <a href="https://redirect.github.com/python-pillow/Pillow/issues/7880">#7880</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Update UnidentifiedImageError and <strong>version</strong> imports <a href="https://redirect.github.com/python-pillow/Pillow/issues/7644">#7644</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Stop reading EPS image at EOF marker <a href="https://redirect.github.com/python-pillow/Pillow/issues/7753">#7753</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>PSD layer co-ordinates may be negative <a href="https://redirect.github.com/python-pillow/Pillow/issues/7706">#7706</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer <a href="https://redirect.github.com/python-pillow/Pillow/issues/7791">#7791</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>When saving GIF frame that restores to background color, do not fill identical pixels <a href="https://redirect.github.com/python-pillow/Pillow/issues/7788">#7788</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fixed reading PNG iCCP compression method <a href="https://redirect.github.com/python-pillow/Pillow/issues/7823">#7823</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Allow writing IFDRational to UNDEFINED tag <a href="https://redirect.github.com/python-pillow/Pillow/issues/7840">#7840</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fix logged tag name when loading Exif data <a href="https://redirect.github.com/python-pillow/Pillow/issues/7842">#7842</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use maximum frame size in IHDR chunk when saving APNG images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7821">#7821</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Prevent opening P TGA images without a palette <a href="https://redirect.github.com/python-pillow/Pillow/issues/7797">#7797</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use palette when loading ICO images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7798">#7798</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Use consistent arguments for load_read and load_seek <a href="https://redirect.github.com/python-pillow/Pillow/issues/7713">#7713</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Turn off nullability warnings for macOS SDK <a href="https://redirect.github.com/python-pillow/Pillow/issues/7827">#7827</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fix shift-sign issue in Convert.c <a href="https://redirect.github.com/python-pillow/Pillow/issues/7838">#7838</a> [<a href="https://github.com/r-barnes"><code>@r-barnes</code></a>]</li> <li>winbuild: Refactor dependency versions into constants <a href="https://redirect.github.com/python-pillow/Pillow/issues/7843">#7843</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> <li>Build macOS arm64 wheels natively <a href="https://redirect.github.com/python-pillow/Pillow/issues/7852">#7852</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Fixed typo <a href="https://redirect.github.com/python-pillow/Pillow/issues/7855">#7855</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Open 16-bit grayscale PNGs as I;16 <a href="https://redirect.github.com/python-pillow/Pillow/issues/7849">#7849</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Handle truncated chunks at the end of PNG images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7709">#7709</a> [<a href="https://github.com/lajiyuan"><code>@lajiyuan</code></a>]</li> <li>Match mask size to pasted image size in GifImagePlugin <a href="https://redirect.github.com/python-pillow/Pillow/issues/7779">#7779</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Changed SupportsGetMesh protocol to be public <a href="https://redirect.github.com/python-pillow/Pillow/issues/7841">#7841</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Release GIL while calling <code>WebPAnimDecoderGetNext</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/7782">#7782</a> [<a href="https://github.com/evanmiller"><code>@evanmiller</code></a>]</li> <li>Fixed reading FLI/FLC images with a prefix chunk <a href="https://redirect.github.com/python-pillow/Pillow/issues/7804">#7804</a> [<a href="https://github.com/twolife"><code>@twolife</code></a>]</li> <li>Updated package name for Tidelift <a href="https://redirect.github.com/python-pillow/Pillow/issues/7810">#7810</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> <li>Removed unused code <a href="https://redirect.github.com/python-pillow/Pillow/issues/7744">#7744</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst">pillow's changelog</a>.</em></p> <blockquote> <h2>10.3.0 (2024-04-01)</h2> <ul> <li> <p>CVE-2024-28219: Use <code>strncpy</code> to avoid buffer overflow <a href="https://redirect.github.com/python-pillow/Pillow/issues/7928">#7928</a> [radarhere, hugovk]</p> </li> <li> <p>Deprecate <code>eval()</code>, replacing it with <code>lambda_eval()</code> and <code>unsafe_eval()</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/7927">#7927</a> [radarhere, hugovk]</p> </li> <li> <p>Raise <code>ValueError</code> if seeking to greater than offset-sized integer in TIFF <a href="https://redirect.github.com/python-pillow/Pillow/issues/7883">#7883</a> [radarhere]</p> </li> <li> <p>Add <code>--report</code> argument to <code>__main__.py</code> to omit supported formats <a href="https://redirect.github.com/python-pillow/Pillow/issues/7818">#7818</a> [nulano, radarhere, hugovk]</p> </li> <li> <p>Added RGB to I;16, I;16L, I;16B and I;16N conversion <a href="https://redirect.github.com/python-pillow/Pillow/issues/7918">#7918</a>, <a href="https://redirect.github.com/python-pillow/Pillow/issues/7920">#7920</a> [radarhere]</p> </li> <li> <p>Fix editable installation with custom build backend and configuration options <a href="https://redirect.github.com/python-pillow/Pillow/issues/7658">#7658</a> [nulano, radarhere]</p> </li> <li> <p>Fix putdata() for I;16N on big-endian <a href="https://redirect.github.com/python-pillow/Pillow/issues/7209">#7209</a> [Yay295, hugovk, radarhere]</p> </li> <li> <p>Determine MPO size from markers, not EXIF data <a href="https://redirect.github.com/python-pillow/Pillow/issues/7884">#7884</a> [radarhere]</p> </li> <li> <p>Improved conversion from RGB to RGBa, LA and La <a href="https://redirect.github.com/python-pillow/Pillow/issues/7888">#7888</a> [radarhere]</p> </li> <li> <p>Support FITS images with GZIP_1 compression <a href="https://redirect.github.com/python-pillow/Pillow/issues/7894">#7894</a> [radarhere]</p> </li> <li> <p>Use I;16 mode for 9-bit JPEG 2000 images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7900">#7900</a> [scaramallion, radarhere]</p> </li> <li> <p>Raise ValueError if kmeans is negative <a href="https://redirect.github.com/python-pillow/Pillow/issues/7891">#7891</a> [radarhere]</p> </li> <li> <p>Remove TIFF tag OSUBFILETYPE when saving using libtiff <a href="https://redirect.github.com/python-pillow/Pillow/issues/7893">#7893</a> [radarhere]</p> </li> <li> <p>Raise ValueError for negative values when loading P1-P3 PPM images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7882">#7882</a> [radarhere]</p> </li> <li> <p>Added reading of JPEG2000 palettes <a href="https://redirect.github.com/python-pillow/Pillow/issues/7870">#7870</a> [radarhere]</p> </li> <li> <p>Added alpha_quality argument when saving WebP images <a href="https://redirect.github.com/python-pillow/Pillow/issues/7872">#7872</a> [radarhere]</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`5c89d88eee`"><code>5c89d88</code></a> 10.3.0 version bump</li> <li><a href="`63cbfcfdea`"><code>63cbfcf</code></a> Update CHANGES.rst [ci skip]</li> <li><a href="`2776126aa9`"><code>2776126</code></a> Merge pull request <a href="https://redirect.github.com/python-pillow/Pillow/issues/7928">#7928</a> from python-pillow/lcms</li> <li><a href="`aeb51cbb16`"><code>aeb51cb</code></a> Merge branch 'main' into lcms</li> <li><a href="`5beb0b6664`"><code>5beb0b6</code></a> Update CHANGES.rst [ci skip]</li> <li><a href="`cac6ffa7b3`"><code>cac6ffa</code></a> Merge pull request <a href="https://redirect.github.com/python-pillow/Pillow/issues/7927">#7927</a> from python-pillow/imagemath</li> <li><a href="`f5eeeacf75`"><code>f5eeeac</code></a> Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval</li> <li><a href="`facf3af93d`"><code>facf3af</code></a> Added release notes</li> <li><a href="`2a93aba5cf`"><code>2a93aba</code></a> Use strncpy to avoid buffer overflow</li> <li><a href="`a670597bc3`"><code>a670597</code></a> Update CHANGES.rst [ci skip]</li> <li>Additional commits viewable in <a href="https://github.com/python-pillow/Pillow/compare/10.2.0...10.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pillow&package-manager=pip&previous-version=10.2.0&new-version=10.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	d69f4ec829	build(deps): bump certifi from 2024.2.2 to 2024.7.4 (#1680) Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.2.2 to 2024.7.4. <details> <summary>Commits</summary> <ul> <li><a href="`bd8153872e`"><code>bd81538</code></a> 2024.07.04 (<a href="https://redirect.github.com/certifi/python-certifi/issues/295">#295</a>)</li> <li><a href="`06a2cbf21f`"><code>06a2cbf</code></a> Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/294">#294</a>)</li> <li><a href="`13bba02b72`"><code>13bba02</code></a> Bump actions/checkout from 4.1.6 to 4.1.7 (<a href="https://redirect.github.com/certifi/python-certifi/issues/293">#293</a>)</li> <li><a href="`e8abcd0e62`"><code>e8abcd0</code></a> Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/292">#292</a>)</li> <li><a href="`124f4adf17`"><code>124f4ad</code></a> 2024.06.02 (<a href="https://redirect.github.com/certifi/python-certifi/issues/291">#291</a>)</li> <li><a href="`c2196ce5d6`"><code>c2196ce</code></a> --- (<a href="https://redirect.github.com/certifi/python-certifi/issues/290">#290</a>)</li> <li><a href="`fefdeec758`"><code>fefdeec</code></a> Bump actions/checkout from 4.1.4 to 4.1.5 (<a href="https://redirect.github.com/certifi/python-certifi/issues/289">#289</a>)</li> <li><a href="`3c5fb1560b`"><code>3c5fb15</code></a> Bump actions/download-artifact from 4.1.6 to 4.1.7 (<a href="https://redirect.github.com/certifi/python-certifi/issues/286">#286</a>)</li> <li><a href="`4a9569a3eb`"><code>4a9569a</code></a> Bump actions/checkout from 4.1.2 to 4.1.4 (<a href="https://redirect.github.com/certifi/python-certifi/issues/287">#287</a>)</li> <li><a href="`1fc808626a`"><code>1fc8086</code></a> Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (<a href="https://redirect.github.com/certifi/python-certifi/issues/288">#288</a>)</li> <li>Additional commits viewable in <a href="https://github.com/certifi/python-certifi/compare/2024.02.02...2024.07.04">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=certifi&package-manager=pip&previous-version=2024.2.2&new-version=2024.7.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	ef45526700	build(deps): bump tqdm from 4.66.2 to 4.66.3 (#1681) Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.66.2 to 4.66.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tqdm/tqdm/releases">tqdm's releases</a>.</em></p> <blockquote> <h2>tqdm v4.66.3 stable</h2> <ul> <li><code>cli</code>: <code>eval</code> safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`4e613f84ed`"><code>4e613f8</code></a> Merge pull request from GHSA-g7vv-2v7x-gj9p</li> <li><a href="`b53348c730`"><code>b53348c</code></a> cli: eval safety</li> <li>See full diff in <a href="https://github.com/tqdm/tqdm/compare/v4.66.2...v4.66.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tqdm&package-manager=pip&previous-version=4.66.2&new-version=4.66.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
dependabot[bot]	79034bd194	build(deps): bump pymysql from 1.1.0 to 1.1.1 (#1664) Bumps [pymysql](https://github.com/PyMySQL/PyMySQL) from 1.1.0 to 1.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/PyMySQL/PyMySQL/releases">pymysql's releases</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <blockquote> <p>[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.</p> <p>If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.</p> </blockquote> <h2>What's Changed</h2> <ul> <li>Prohibit dict parameter for <code>Cursor.execute()</code>. It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)</li> <li>Added ssl_key_password param by <a href="https://github.com/svaskov"><code>@svaskov</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1145">PyMySQL/PyMySQL#1145</a></li> </ul> <h2>Merged PRs</h2> <ul> <li>Add support for Python 3.12 by <a href="https://github.com/hugovk"><code>@hugovk</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1134">PyMySQL/PyMySQL#1134</a></li> <li>chore(deps): update actions/checkout action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1136">PyMySQL/PyMySQL#1136</a></li> <li>Update codecov/codecov-action action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1137">PyMySQL/PyMySQL#1137</a></li> <li>ci: use codecov@v3 by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1142">PyMySQL/PyMySQL#1142</a></li> <li>chore(deps): update dessant/lock-threads action to v5 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1141">PyMySQL/PyMySQL#1141</a></li> <li>doc: use rtd theme by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1143">PyMySQL/PyMySQL#1143</a></li> <li>use Ruff as formatter by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1144">PyMySQL/PyMySQL#1144</a></li> <li>chore(deps): update dependency sphinx-rtd-theme to v2 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1147">PyMySQL/PyMySQL#1147</a></li> <li>chore(deps): update actions/setup-python action to v5 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1152">PyMySQL/PyMySQL#1152</a></li> <li>chore(deps): update github/codeql-action action to v3 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1154">PyMySQL/PyMySQL#1154</a></li> <li>chore(deps): update codecov/codecov-action action to v4 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1158">PyMySQL/PyMySQL#1158</a></li> <li>Support error packet without sqlstate by <a href="https://github.com/methane"><code>@methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1160">PyMySQL/PyMySQL#1160</a></li> <li>test json - mariadb without JSON type by <a href="https://github.com/grooverdan"><code>@grooverdan</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1165">PyMySQL/PyMySQL#1165</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hugovk"><code>@hugovk</code></a> made their first contribution in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1134">PyMySQL/PyMySQL#1134</a></li> <li><a href="https://github.com/svaskov"><code>@svaskov</code></a> made their first contribution in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1145">PyMySQL/PyMySQL#1145</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1">https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyMySQL/PyMySQL/blob/main/CHANGELOG.md">pymysql's changelog</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <p>Release date: 2024-05-21</p> <blockquote> <p>[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.</p> <p>If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.</p> </blockquote> <ul> <li>Prohibit dict parameter for <code>Cursor.execute()</code>. It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)</li> <li>Added ssl_key_password param. <a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1145">#1145</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`2cab9ecc64`"><code>2cab9ec</code></a> v1.1.1</li> <li><a href="`521e40050c`"><code>521e400</code></a> forbid dict parameter</li> <li><a href="`7f032a699d`"><code>7f032a6</code></a> remove coveralls from requirements</li> <li><a href="`69f6c7439b`"><code>69f6c74</code></a> ruff format</li> <li><a href="`b4ed6884a1`"><code>b4ed688</code></a> test json - mariadb without JSON type (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1165">#1165</a>)</li> <li><a href="`bbd049f40d`"><code>bbd049f</code></a> Support error packet without sqlstate (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1160">#1160</a>)</li> <li><a href="`9694747ae6`"><code>9694747</code></a> pyupgrade</li> <li><a href="`1f0b7856de`"><code>1f0b785</code></a> chore(deps): update codecov/codecov-action action to v4 (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1158">#1158</a>)</li> <li><a href="`1e28be81c2`"><code>1e28be8</code></a> chore(deps): update github/codeql-action action to v3 (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1154">#1154</a>)</li> <li><a href="`f13f054abc`"><code>f13f054</code></a> chore(deps): update actions/setup-python action to v5 (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1152">#1152</a>)</li> <li>Additional commits viewable in <a href="https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pymysql&package-manager=pip&previous-version=1.1.0&new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/infiniflow/ragflow/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	1 år sedan
H	4da3ee400b	Add component arxiv (#1587) ### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
H	f8602b5286	Add component pubmed (#1586) ### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
H	258a10fb74	Add component Wikipedia (#1513) ### What problem does this PR solve? ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
paresh2806	ddeac9ab3d	added SVG for Groq model model providers (#1470) #1432 #1447 This PR adds support for the GROQ LLM (Large Language Model). Groq is an AI solutions company delivering ultra-low latency inference with the first-ever LPU™ Inference Engine. The Groq API enables developers to integrate state-of-the-art LLMs, such as Llama-2 and llama3-70b-8192, into low latency applications with the request limits specified below. Learn more at [groq.com](https://groq.com/). Supported Models \| ID \| Requests per Minute \| Requests per Day \| Tokens per Minute \| \|----------------------\|---------------------\|------------------\|-------------------\| \| gemma-7b-it \| 30 \| 14,400 \| 15,000 \| \| gemma2-9b-it \| 30 \| 14,400 \| 15,000 \| \| llama3-70b-8192 \| 30 \| 14,400 \| 6,000 \| \| llama3-8b-8192 \| 30 \| 14,400 \| 30,000 \| \| mixtral-8x7b-32768 \| 30 \| 14,400 \| 5,000 \| --------- Co-authored-by: paresh0628 <paresh.tuvoc@gmail.com> Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com>	1 år sedan
黄腾	3e9f444e6b	add support for Gemini (#1465) ### What problem does this PR solve? #1036 ### Type of change - [x] New Feature (non-breaking change which adds functionality) Co-authored-by: Zhedong Cen <cenzhedong2@126.com>	1 år sedan
H	6144a109ab	Add Support for AWS Bedrock (#1408) ### What problem does this PR solve? #308 ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: KevinHuSh <kevinhu.sh@gmail.com>	1 år sedan
H	f4674ae9d0	add Duckduckgo pkg (#1392) ### What problem does this PR solve? #918 ### Type of change - [x] Documentation Update	1 år sedan
Zhedong Cen	b75bb1d8d3	Support displaying tables in the chunks of pdf file when using QA parser (#1263) ### What problem does this PR solve? Support displaying tables in the chunks of pdf file when using QA parser ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
KevinHuSh	f73f7b969c	Update requirements_dev.txt	1 år sedan
Zhedong Cen	90975460af	Add pdf support for QA parser (#1155) ### What problem does this PR solve? Support extracting questions and answers from PDF files ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
KevinHuSh	b6980d8a16	add version to package volcengine (#1062) ### What problem does this PR solve? #992 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	1 år sedan
Zhedong Cen	8dd45459be	Add support for HTML file (#973) ### What problem does this PR solve? Add support for HTML file ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
KevinHuSh	7eee193956	fix #917 #915 (#946) ### What problem does this PR solve? #917 #915 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	1 år sedan
KevinHuSh	46454362d7	fix raptor bugs (#928) ### What problem does this PR solve? #922 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	1 år sedan
dashi6174	9e3a0e4d03	The fasttext library is missing, and it is used in the operators.py file. (#925) ### What problem does this PR solve? _Briefly describe what this PR aims to solve. Include background context that will help reviewers understand the purpose of the PR._ ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	1 år sedan
KevinHuSh	04a9e95161	let file in knowledgebases visible in file manager (#714) ### What problem does this PR solve? Let file in knowledgebases visible in file manager. #162 ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
Fakai Zhao	de839fc3f0	optimize srv broker and executor logic (#630) ### What problem does this PR solve? Optimize task broker and executor for reduce memory usage and deployment complexity. ### Type of change - [x] Performance Improvement - [x] Refactoring ### Change Log - Enhance redis utils for message queue(use stream) - Modify task broker logic via message queue (1.get parse event from message queue 2.use ThreadPoolExecutor async executor ) - Modify the table column name of document and task (process_duation -> process_duration maybe just a spelling mistake) - Reformat some code style(just what i see) - Add requirement_dev.txt for developer - Add redis container on docker compose --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com>	1 år sedan
Moonlit	c89f3c3cdb	Fix missing 'ollama' package in requirements.txt (#621) ### What problem does this PR solve? This commit resolves an issue where the 'ollama' package was inadvertently omitted from the requirements.txt file. The package has now been added to ensure all dependencies are correctly installed for the project. ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	1 år sedan
Moonlit	5d7f573379	Fix: missing 'redis' package in requirements.txt (#622) ### What problem does this PR solve? This commit resolves an issue where the 'redis' package was inadvertently omitted from the requirements.txt file. The package has now been added to ensure all dependencies are correctly installed for the project. ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	1 år sedan
KevinHuSh	cab274f560	remove PyMuPDF (#618) ### What problem does this PR solve? #613 ### Type of change - [x] Other (please describe):	1 år sedan
chrysanthemum-boy	72384b191d	Add `.doc` file parser. (#497) ### What problem does this PR solve? Add `.doc` file parser, using tika. ``` pip install tika ``` ``` from tika import parser from io import BytesIO def extract_text_from_doc_bytes(doc_bytes): file_like_object = BytesIO(doc_bytes) parsed = parser.from_buffer(file_like_object) return parsed["content"] ``` ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: chrysanthemum-boy <fannc@qq.com>	1 år sedan
KevinHuSh	890561703b	Add bce-embedding and fastembed (#383) ### What problem does this PR solve? Issue link:#326 ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
jie yang	a7be5d4e8b	build ragflow image from scratch (#376) ### What problem does this PR solve? issue: #205 ### Type of change - [x] New Feature (non-breaking change which adds functionality)	1 år sedan
Anush	826ad6a33a	feat: FastEmbed embedding support (#291) ### Description Following up on https://github.com/infiniflow/ragflow/pull/275, this PR adds support for FastEmbed model configurations. The options are not exhaustive. You can find the full list [here](https://qdrant.github.io/fastembed/examples/Supported_Models/). P.S. I ran into OOM issues when building the image. ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: KevinHuSh <kevinhu.sh@gmail.com>	1 år sedan
KevinHuSh	71fe314955	refine page ranges (#147)	1 år sedan

36 Incheckningar (a3a5a9966f23dd67ecf6f9076cf4ced108e57ca3)