Bump graphite-web from 1.0.2 to 1.1.10

[dependabot]

Bumps graphite-web from 1.0.2 to 1.1.10.

Release notes

Sourced from graphite-web's releases.

1.1.10

Graphite 1.1.10 is now available for usage.

Please note that this is a bugfix release for the stable Graphite 1.1.x branch and it's recommended for production usage

Highlights:

• Multiple bugfixes, especially for Graphite-web (see full list in changelog)
• Couple of new functions

Please see full Release Notes https://graphite.readthedocs.io/en/latest/releases/1_1_10.html or changelog https://github.com/graphite-project/graphite-web/blob/master/CHANGELOG.md

1.1.8

Graphite 1.1.8 is now available for usage.

Please note that this is a bugfix release for the stable Graphite 1.1.x branch and it's recommended for production usage.

Highlights:

• Excessive logging can be disabled (in graphite-web and carbon)
• Tagging can be disabled if not used in carbon (improves performance)
• New function aggregateSeriesLists() and aliases for diffSeriesLists(), sumSeriesLists(), multiplySeriesLists()
• Support for Aggregated-Consistent Hash in carbonate
• Multiple bugfixes, especially for Graphite-web (see full list below)

Please see full Release Notes https://graphite.readthedocs.io/en/latest/releases/1_1_8.html or changelog https://github.com/graphite-project/graphite-web/blob/master/CHANGELOG.md

1.1.7

Graphite 1.1.7 is now available for usage.

Please note that this is a bugfix release for the stable Graphite 1.1.x branch and it's recommended for production usage.

Highlights:

• New experimental Bucketmax write strategy (see #879 for details)
• Fixes for function parameters validation
• More fixes for better error handling
• Python 3.9 and Django 3.x support
• Python 3 fixes Carbon, Carbonate and Graphite-web
• Many flake8 fixes for Graphite-web

Please see full Release Notes https://graphite.readthedocs.io/en/latest/releases/1_1_7.html or changelog https://github.com/graphite-project/graphite-web/blob/master/CHANGELOG.md

1.1.6

Graphite 1.1.6 is now available for usage.

Please note that this is a bugfix / securityfix release for the stable Graphite 1.1.x branch and it's recommended for production usage.

Highlights: * Function parameters validation (disabled by default, can be enabled through ENFORCE_INPUT_VALIDATION variable) * Better error handling (return 4XX instead of 5XX in case of wrong function parameters) if input validation enabled

... (truncated)

Changelog

Sourced from graphite-web's changelog.

1.1.10

graphite-web

Bug Fixes

• Replace another missed instance of Infinity in JSON (#2737, @​bobemoe)
• Fix pyparsing > 3.0 compatibility issue. (#2727, @​parrotpock)
• Fix dependency issue for usage as Grafana data source (#2722, @​henkf)
• backporting "html-encode text passed to Ext.Msg" (#2719, @​DanCech)
• Depend on third-party scandir only for Python < 3.5 (#2706, @​neirbowj)
• fix shifting of moving* datapoints by one step into the future (#2682, @​zivillian)

Features / Enhancements

• maxStep in requestContext for Finder (#2724, @​deniszh)
• compressPeriodicGaps function (#2720, @​deniszh)
• Implement upper lower case functions (#2586, @​replay)

carbon

Bug Fixes

• Fixing git url in tests (#933, @​deniszh)
• Don't use git protocol for dependency (#929, @​tomdcc)

whisper

Features / Enhancements

• whisper-update takes values from stdin (#318, @​rowlap)

carbonate

Bug Fixes

• Refactor log lines to use native interpolation (#129, @​drawks)
• Resolves issue #127 - python3 safe stdout handling (#128, @​drawks)
• Changed mutable default argument in test_fill.py and test_sync.py (#126, @​aastha12)

1.1.8

graphite-web

Bug Fixes

• ensure that all tag values are strings (#2572, @​DanCech)
• Attempt to convert parameter types in validator (#2574, @​replay)
• accept deprecated params for bc (#2579, @​replay)
• Remote render fixes (#2582, @​piotr1212)
• render: only encodeHeader() for svg output (#2584, @​ploxiln)
• fix composer saved graphs target escaping (#2587, @​ploxiln)
• fix dashboard metric completion on backspace in Firefox (#2589, @​ploxiln)
• seriesList type validation was too permissive (#2593, @​replay)
• asPercent may be used as an aggregator (#2594, @​replay)
• Make nodes in group by nodes optional (#2597, @​replay)
• privatize linearRegressionAnalysis so it will not show in documentation (#2602, @​piotr1212)
• Revert symlink fix (#2604, @​piotr1212)
• Lock whitenoise dependency version (#2606, @​Carles-Figuerola)
• Prevent xss (#2620, @​StephenDsouza90)
• fix & improve docs for *WithWildcards functions (#2625, @​Dieterbe)

... (truncated)

Commits

• 6d5d845 Release 1.1.10 (#2755)
• 65e797a Preparing release 1.1.9 (#2753)
• 822c132 [1.1.x] raise exception when not recoverable | use exception subclass InputVa...
• 7405b85 fixing sphinx jinja dep
• 5e08c5e Replace another missed instance of Infinity in JSON (#2737) (#2739)
• f87aecb Preparing release 1.1.9 (#2729)
• 40a500d Merge pull request #2719 from deniszh/DZ-1.1.x-forgotten
• 0ddae51 html-encode text passed to Ext.Msg
• 9ab504d Merge pull request #2697 from deniszh/DZ-1.1.x-tests
• 1a37276 Adding tests, disabling deepsource
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.