* Replaced wget by curl
* Moved CI stuff into Dockerfile.ci
* Use docker-compose to run commnands inside docker (need environment variables)
* Added patool again (to support different archive formats)
* Roll back tensorflow version: 1.15 -> 1.13.1
Fixed https://github.com/opencv/cvat/issues/982
Fixed https://github.com/opencv/cvat/issues/1017
* datumaro install tensorflow 2.x now. It breaks automatic annotation
using TF.
* Follow redirects in curl (auto_segmentation)
* Added trivial login/logout/register
* Auth methods for REST API.
- api/v1/auth/login
- api/v1/auth/logout
For basic auth only:
- api/v1/auth/register
- api/v1/auth/password/*
* Add info about auth for REST API into CHANGELOG.md
* Add pylintrc for codacy, updated pylint and its dependecies.
* Add token authorization, renamed cvat.js to cvat-core in all places.
* Implemented register method in cvat-core
* Added first_name and last_name to RegisterSerializer.
* added tfrecord loader/dumper
* add comment
* remove unused import
* used the latest version of tensorflow(1.12.3) which supports cuda 9.0
updated cudnn library
install tensorflow by default and replace it by tensorflow-gpu in case
of cuda support is enabled
* Updated changelog
CVE-2019-12308 More information
moderate severity
Vulnerable versions: >= 2.1.0, < 2.1.9
Patched version: 2.1.9
An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.
WS-2019-0037 More information
moderate severity
Vulnerable versions: < 3.9.1
Patched version: 3.9.1
Django-Rest-Framework, before 3.9.1, has a XSS vulnerability caused by disabled autoescaping in the default DRF Browsable API view templates.
* Add revproxy dependency
* Fix formating of task.log, improve fields of server events.
* Mount kibana app into /analytics/*
* Add logs for revproxy and x-forwarded-user header.
* Added F3 shortcut for analytics/log-viewer.
* ELK stack to analyze logs from client and server
* Short-live container to configure kibana. Import kibana dashboards from export.json on startup.
* Client and server logging is working throw python-logstash
* Minor polishing of events and dashboards.
* Default is discover, new visualizations.
* Make comments more readable inside logger.js.
* Added a path for backups.
- changed Content-type for save_job request to application/json, object…
- Adopted public PR - PASCAL VOC converter
- Added convert_to_mask.py script
- Fixed player continue plaing at the end of video, lock for editable object broke the client
- Same colors for shapes and menus, ability to change color for label or group
- Undo redo
- Added license header for all files
- Added .gitattributes file (critical for bash scripts)
- Fixed "Don't delete tasks if a user is deleted"
- More strict check for 'checkbox' and 'number' values
- Added convert_to_coco.py script
- Job statistic were extended. Blowradius was removed
- More strict labels verification
- Drag polygons by requirement, norm stroke opacity, easy box dragging
- Drawing with mouse outside the image area
- Fixed 7z support
- Boundig box size in drawer, switcheable grid
- Split tracks feature
- Fix flip parsing
- Update color set & color by label feature
- Add point for polygons feature
- Added context menu
- Polyshapes
zhiltsov-max
Andrey Zhavoronkov
dependabot[bot]
Nikita Manovich
Reza Malek
Boris Sekachev
JADG14
Ben Hoff
Artyom Zankevich
Satoshi Oikawa
Julian Guarin
Nikita Manovich
Sebastian Yonekura
syonekura