From cd51281cee5c02facab208714d6295f51922b463 Mon Sep 17 00:00:00 2001 From: Dario Del Piano Date: Mon, 2 Mar 2026 14:29:59 +0100 Subject: [PATCH 1/5] bumping versions and neurondm up --- applications/composer/backend/requirements.txt | 2 +- applications/composer/backend/version.py | 2 +- applications/composer/frontend/package.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/applications/composer/backend/requirements.txt b/applications/composer/backend/requirements.txt index 3de48054..fe8472db 100644 --- a/applications/composer/backend/requirements.txt +++ b/applications/composer/backend/requirements.txt @@ -19,7 +19,7 @@ pyontutils==0.1.38 drf-react-template-framework==0.0.17 aiohttp==3.11.18 crossref-commons==0.0.7 -neurondm==0.1.8 +neurondm==0.1.10 django-cors-headers==4.3.1 django-debug-toolbar==4.3.0 django-sslserver-v2==1.0 diff --git a/applications/composer/backend/version.py b/applications/composer/backend/version.py index d8fc4261..0b3cde5a 100644 --- a/applications/composer/backend/version.py +++ b/applications/composer/backend/version.py @@ -1 +1 @@ -VERSION = "6.0.0" +VERSION = "6.0.1" diff --git a/applications/composer/frontend/package.json b/applications/composer/frontend/package.json index 37fccb9b..12f090d7 100644 --- a/applications/composer/frontend/package.json +++ b/applications/composer/frontend/package.json @@ -1,6 +1,6 @@ { "name": "frontend", - "version": "6.0.0", + "version": "6.0.1", "private": true, "main": "index.js", "proxy": "http://127.0.0.1:8000/", From cd1518e7d6cf00bfcf0aff04bb3acc28790a5b05 Mon Sep 17 00:00:00 2001 From: Dario Del Piano Date: Tue, 31 Mar 2026 14:26:53 +0200 Subject: [PATCH 2/5] switch reference uri to use http instead of https as per client request, plus migration --- .../0098_migrate_reference_uri_to_http.py | 51 +++++++++++++++++++ .../composer/backend/composer/utils.py | 4 +- 2 files changed, 52 insertions(+), 3 deletions(-) create mode 100644 applications/composer/backend/composer/migrations/0098_migrate_reference_uri_to_http.py diff --git a/applications/composer/backend/composer/migrations/0098_migrate_reference_uri_to_http.py b/applications/composer/backend/composer/migrations/0098_migrate_reference_uri_to_http.py new file mode 100644 index 00000000..c9e635df --- /dev/null +++ b/applications/composer/backend/composer/migrations/0098_migrate_reference_uri_to_http.py @@ -0,0 +1,51 @@ +# Generated by Django on 2025-03-04 + +from django.db import migrations + + +def convert_reference_uri_https_to_http(apps, schema_editor): + """ + Converts all reference_uri values from https to http. + """ + ConnectivityStatement = apps.get_model("composer", "ConnectivityStatement") + + # Get all statements with reference_uri starting with https:// + statements_with_https = ConnectivityStatement.objects.filter( + reference_uri__startswith="https://uri.interlex.org/composer/uris/set/" + ) + + # Update each statement to use http instead of https + for statement in statements_with_https: + statement.reference_uri = statement.reference_uri.replace("https://", "http://", 1) + statement.save(update_fields=["reference_uri"]) + + +def reverse_convert_reference_uri_http_to_https(apps, schema_editor): + """ + Reverse migration: Converts reference_uri values back from http to https. + """ + ConnectivityStatement = apps.get_model("composer", "ConnectivityStatement") + + # Get all statements with reference_uri starting with http:// + statements_with_http = ConnectivityStatement.objects.filter( + reference_uri__startswith="http://uri.interlex.org/composer/uris/set/" + ) + + # Update each statement to use https instead of http + for statement in statements_with_http: + statement.reference_uri = statement.reference_uri.replace("http://", "https://", 1) + statement.save(update_fields=["reference_uri"]) + + +class Migration(migrations.Migration): + + dependencies = [ + ("composer", "0097_relationship_custom_ingestion_code"), + ] + + operations = [ + migrations.RunPython( + convert_reference_uri_https_to_http, + reverse_code=reverse_convert_reference_uri_http_to_https + ), + ] diff --git a/applications/composer/backend/composer/utils.py b/applications/composer/backend/composer/utils.py index fc78649c..43f97f2b 100644 --- a/applications/composer/backend/composer/utils.py +++ b/applications/composer/backend/composer/utils.py @@ -15,7 +15,7 @@ def doi_uri(doi): def create_reference_uri(population_name, population_index): - return f"https://uri.interlex.org/composer/uris/set/{population_name}/{population_index}" + return f"http://uri.interlex.org/composer/uris/set/{population_name}/{population_index}" def join_entities(entities): # Joins entity names with commas, and 'and' before the last name @@ -45,5 +45,3 @@ def generate_connectivity_statement_curie_id_for_composer_statements(statement): if statement.population: return f"neuron type {statement.population.name} {statement.population_index}" return None - - From 34c2b57e344b55e607c7dc29162e542c90092ed6 Mon Sep 17 00:00:00 2001 From: Dario Del Piano Date: Tue, 31 Mar 2026 22:49:08 +0200 Subject: [PATCH 3/5] vulnerabilities upgrade --- applications/composer/backend/requirements.txt | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/applications/composer/backend/requirements.txt b/applications/composer/backend/requirements.txt index fe8472db..72ee538d 100644 --- a/applications/composer/backend/requirements.txt +++ b/applications/composer/backend/requirements.txt @@ -1,10 +1,10 @@ -packaging==21.3 -Django==4.2.26 +packaging>=22.0 +Django==4.2.29 uvicorn==0.20.0 starlette>=0.41.3 pillow>=11.0.0 psycopg2-binary==2.9.5 -djangorestframework==3.14.0 +djangorestframework==3.15.2 django-filter==23.5 django-fsm==2.8.1 django-fsm-admin@git+https://github.com/gadventures/django-fsm-admin@master @@ -14,7 +14,7 @@ django-jazzmin==2.6.0 drf-spectacular==0.25.1 drf-spectacular-sidecar==2022.12.1 drf-writable-nested==0.7.0 -social-auth-app-django==5.0.0 +social-auth-app-django==5.6.0 pyontutils==0.1.38 drf-react-template-framework==0.0.17 aiohttp==3.11.18 @@ -23,6 +23,9 @@ neurondm==0.1.10 django-cors-headers==4.3.1 django-debug-toolbar==4.3.0 django-sslserver-v2==1.0 -black==22.12.0 +black==26.3.1 pytest==8.3.3 python-dotenv==1.1.0 +aiohttp==3.13.3 +awscli==1.44.38 +pyasn1==0.6.3 From c9deebf19339567d3722c5301a5234034cee3b24 Mon Sep 17 00:00:00 2001 From: Dario Del Piano Date: Wed, 1 Apr 2026 10:36:51 +0200 Subject: [PATCH 4/5] fixing versions bumped --- applications/composer/backend/requirements.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/applications/composer/backend/requirements.txt b/applications/composer/backend/requirements.txt index 72ee538d..2fb1f8d1 100644 --- a/applications/composer/backend/requirements.txt +++ b/applications/composer/backend/requirements.txt @@ -14,10 +14,10 @@ django-jazzmin==2.6.0 drf-spectacular==0.25.1 drf-spectacular-sidecar==2022.12.1 drf-writable-nested==0.7.0 -social-auth-app-django==5.6.0 +social-auth-app-django==5.4.3 pyontutils==0.1.38 drf-react-template-framework==0.0.17 -aiohttp==3.11.18 +aiohttp==3.13.3 crossref-commons==0.0.7 neurondm==0.1.10 django-cors-headers==4.3.1 @@ -26,6 +26,5 @@ django-sslserver-v2==1.0 black==26.3.1 pytest==8.3.3 python-dotenv==1.1.0 -aiohttp==3.13.3 awscli==1.44.38 pyasn1==0.6.3 From f4eaa9c18841ea00ee592786ef292f9cc4f83f1e Mon Sep 17 00:00:00 2001 From: Dario Del Piano Date: Wed, 1 Apr 2026 11:50:48 +0200 Subject: [PATCH 5/5] orcid scope --- applications/composer/backend/backend/settings.py | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/composer/backend/backend/settings.py b/applications/composer/backend/backend/settings.py index ffc2bf20..129c0f34 100644 --- a/applications/composer/backend/backend/settings.py +++ b/applications/composer/backend/backend/settings.py @@ -396,6 +396,7 @@ SOCIAL_AUTH_ORCID_KEY = "APP-GRRGRZ5EZQLQ6WZT" SOCIAL_AUTH_ORCID_SECRET = "a1363a17-22b0-4a99-81fc-a1a86a371251" +SOCIAL_AUTH_ORCID_SCOPE = ["openid"] SOCIAL_AUTH_AUTHENTICATION_BACKENDS = ("social_core.backends.orcid.ORCIDOAuth2",) AUTHENTICATION_BACKENDS = (