dtlpy 1.118.12__py3-none-any.whl → 1.118.13__py3-none-any.whl

dtlpy/__version__.py

@@ -1 +1 @@
-version = '1.118.12'
+version = '1.118.13'

dtlpy/dlp/command_executor.py

@@ -6,7 +6,7 @@ import os
 import sys
 import jwt
 
-from .. import exceptions, entities, repositories, utilities, assets
+from .. import exceptions, entities, repositories, utilities, assets, miscellaneous
 
 logger = logging.getLogger(name='dtlpy')
 
@@ -76,8 +76,16 @@ class CommandExecutor:
         url = 'dtlpy'
         if args.url is None:
             try:
-                payload = jwt.decode(self.dl.client_api.token, algorithms=['HS256'],
-                                     verify=False, options={'verify_signature': False})
+                # oxsec-disable jwt-signature-disabled - Client-side SDK: signature verification disabled intentionally to check admin role; server validates on API calls
+                payload = jwt.decode(
+                    self.dl.client_api.token,
+                    options={
+                        "verify_signature": False,
+                        "verify_exp": False,
+                        "verify_aud": False,
+                        "verify_iss": False,
+                    }
+                )
                 if 'admin' in payload['https://dataloop.ai/authorization']['roles']:
                     url = "https://storage.googleapis.com/dtlpy/dev/dtlpy-latest-py3-none-any.whl"
             except Exception:
@@ -235,6 +243,13 @@ class CommandExecutor:
             project = self.dl.projects.get(project_name=args.project_name)
             dataset = project.datasets.get(dataset_name=args.dataset_name)
 
+            # Validate local_path and local_annotations_path to prevent path traversal
+            miscellaneous.PathUtils.validate_paths(
+                [args.local_path, args.local_annotations_path],
+                base_path=os.getcwd(),
+                must_exist=True
+            )
+
             dataset.items.upload(local_path=args.local_path,
                                  remote_path=args.remote_path,
                                  file_types=args.file_types,
@@ -277,6 +292,13 @@ class CommandExecutor:
                             remote_path.pop(remote_path.index(item))
                     filters.add(field="dir", values=remote_path, operator=entities.FiltersOperations.IN, method='or')
 
+            # Validate local_path to prevent path traversal
+            miscellaneous.PathUtils.validate_directory_path(
+                args.local_path,
+                base_path=os.getcwd(),
+                must_exist=False
+            )
+
             if not args.without_binaries:
                 dataset.items.download(filters=filters,
                                        local_path=args.local_path,
@@ -325,6 +347,9 @@ class CommandExecutor:
                     args.split_seconds = int(args.split_seconds)
                 if isinstance(args.split_times, str):
                     args.split_times = [int(sec) for sec in args.split_times.split(",")]
+                # Validate filepath to prevent path traversal
+                miscellaneous.PathUtils.validate_file_path(args.filename)
+                
                 self.dl.utilities.videos.Videos.split_and_upload(
                     project_name=args.project_name,
                     dataset_name=args.dataset_name,
@@ -407,6 +432,8 @@ class CommandExecutor:
     def deploy(self, args):
         project = self.dl.projects.get(project_name=args.project_name)
         json_filepath = args.json_file
+        # Validate file path to prevent path traversal
+        miscellaneous.PathUtils.validate_file_path(json_filepath)
         deployed_services, package = self.dl.packages.deploy_from_file(project=project, json_filepath=json_filepath)
         logger.info("Successfully deployed {} from file: {}\nServices: {}".format(len(deployed_services),
                                                                                   json_filepath,
@@ -464,6 +491,13 @@ class CommandExecutor:
         elif args.packages == "push":
             packages = self.utils.get_packages_repo(args=args)
 
+            # Validate src_path to prevent path traversal
+            miscellaneous.PathUtils.validate_directory_path(
+                args.src_path,
+                base_path=os.getcwd(),
+                must_exist=True
+            )
+
             package = packages.push(src_path=args.src_path,
                                     package_name=args.package_name,
                                     checkout=args.checkout)
@@ -568,7 +602,13 @@ class CommandExecutor:
                 answers = inquirer.prompt(questions)
                 #####
                 # create a dir for that panel
-                os.makedirs(answers.get('name'), exist_ok=True)
+                # Validate panel name to prevent path traversal
+                panel_name = answers.get('name')
+                # Validate panel name to prevent path traversal
+                miscellaneous.PathUtils.validate_directory_name(panel_name)
+                # Create directory in current working directory
+                panel_dir = os.path.join(os.getcwd(), panel_name)
+                os.makedirs(panel_dir, exist_ok=True)
                 # dump to dataloop.json
                 app_filename = assets.paths.APP_JSON_FILENAME
                 if not os.path.isfile(app_filename):
@@ -630,12 +670,22 @@ class CommandExecutor:
         directory = args.dir
         if directory == '..':
             directory = os.path.split(os.getcwd())[0]
+        # Validate path to prevent path traversal
+        miscellaneous.PathUtils.validate_directory_path(
+            directory,
+            base_path=os.getcwd(),
+            must_exist=True
+        )
         os.chdir(directory)
         print(os.getcwd())
 
     @staticmethod
     def mkdir(args):
-        os.mkdir(args.name)
+        # Validate directory name to prevent path traversal
+        miscellaneous.PathUtils.validate_directory_name(args.name)
+        # Create directory in current working directory
+        dir_path = os.path.join(os.getcwd(), args.name)
+        os.mkdir(dir_path)
 
     # noinspection PyUnusedLocal
     @staticmethod

dtlpy/miscellaneous/__init__.py

@@ -18,3 +18,4 @@ from .git_utils import GitUtils
 from .zipping import Zipping
 from .list_print import List
 from .json_utils import JsonUtils
+from .path_utils import PathUtils

dtlpy/miscellaneous/path_utils.py

@@ -0,0 +1,264 @@
+import os
+import tempfile
+from pathlib import Path
+from .. import exceptions
+from ..services import service_defaults
+
+
+class PathUtils:
+    """
+    Utility class for path validation and sanitization to prevent path traversal attacks.
+    """
+    allowed_roots = [tempfile.gettempdir(), service_defaults.DATALOOP_PATH]
+    
+    @staticmethod
+    def _contains_traversal(path: str) -> bool:
+        """
+        Check if path contains path traversal sequences.
+        
+        :param str path: Path to check
+        :return: True if path contains traversal sequences
+        :rtype: bool
+        """
+        if not path:
+            return False
+        
+        # Normalize the path to handle different separators
+        normalized = os.path.normpath(path)
+        
+        # Check for parent directory references
+        parts = Path(normalized).parts
+        if '..' in parts:
+            return True
+        
+        # Check for encoded traversal sequences (evasion attempts)
+        if '%2e%2e' in path.lower() or '..%2f' in path.lower() or '..%5c' in path.lower():
+            return True
+        
+        return False
+    
+    @staticmethod
+    def _is_within_base(resolved_path: str, base_path: str) -> bool:
+        """
+        Check if resolved_path is within base_path.
+        
+        :param str resolved_path: Absolute resolved path
+        :param str base_path: Base directory path
+        :return: True if resolved_path is within base_path
+        :rtype: bool
+        """
+        try:
+            resolved = os.path.abspath(os.path.normpath(resolved_path))
+            base = os.path.abspath(os.path.normpath(base_path))
+            
+            # Get common path
+            common = os.path.commonpath([resolved, base])
+            return common == base
+        except (ValueError, OSError):
+            # On Windows, if paths are on different drives, commonpath raises ValueError
+            return False
+    
+    @staticmethod
+    def _is_allowed_path(resolved_path: str, base_path: str) -> bool:
+        """
+        Check if resolved_path is within base_path or any allowed_root.
+        
+        :param str resolved_path: Absolute resolved path
+        :param str base_path: Base directory path
+        :return: True if resolved_path is within base_path or any allowed_root
+        :rtype: bool
+        """
+        for allowed_root in [base_path] + PathUtils.allowed_roots:
+            if PathUtils._is_within_base(resolved_path, allowed_root):
+                return True
+        return False
+    
+    @staticmethod
+    def validate_directory_name(name: str) -> str:
+        """
+        Validate a directory name to ensure it doesn't contain path traversal sequences.
+        
+        :param str name: Directory name to validate
+        :return: Validated directory name
+        :rtype: str
+        :raises PlatformException: If name contains invalid characters or traversal sequences
+        """
+        if not name:
+            raise exceptions.PlatformException(
+                error='400',
+                message='Directory name cannot be empty'
+            )
+        
+        # Check for path separators
+        if os.sep in name or (os.altsep and os.altsep in name):
+            raise exceptions.PlatformException(
+                error='400',
+                message='Directory name cannot contain path separators'
+            )
+        
+        # Check for traversal sequences
+        if PathUtils._contains_traversal(name):
+            raise exceptions.PlatformException(
+                error='400',
+                message='Directory name cannot contain path traversal sequences'
+            )
+        
+        return name
+    
+    @staticmethod
+    def _validate_single_path(path, base_path: str, must_exist: bool):
+        """
+        Internal method to validate a single path string.
+        
+        :param path: Path to validate (str or Path object)
+        :param str base_path: Base directory to restrict path to
+        :param bool must_exist: If True, path must exist
+        :raises PlatformException: If path is invalid or contains traversal sequences
+        """
+        # Convert Path objects to strings
+        if isinstance(path, Path):
+            path = str(path)
+        if isinstance(base_path, Path):
+            base_path = str(base_path)
+        
+        # Skip validation if not a string
+        if not isinstance(path, str):
+            return
+        
+        # Skip validation for URLs and external paths
+        if path.startswith(('http://', 'https://', 'external://')):
+            return
+        
+        # Empty string check
+        if not path:
+            raise exceptions.PlatformException(
+                error='400',
+                message='Path cannot be empty'
+            )
+        
+        # Check for traversal sequences in the original path
+        if PathUtils._contains_traversal(path):
+            raise exceptions.PlatformException(
+                error='400',
+                message='Path contains invalid traversal sequences'
+            )
+        
+        # Resolve path (absolute paths allowed if within base_path)
+        if os.path.isabs(path):
+            resolved = os.path.abspath(os.path.normpath(path))
+        else:
+            resolved = os.path.abspath(os.path.normpath(os.path.join(base_path, path)))
+        
+        # Reject if path is outside base_path or allowed_roots
+        if not PathUtils._is_allowed_path(resolved, base_path):
+            raise exceptions.PlatformException(
+                error='400',
+                message='Path resolves outside allowed directory'
+            )
+        
+        # Check if path must exist
+        if must_exist and not os.path.exists(resolved):
+            raise exceptions.PlatformException(
+                error='404',
+                message='Path does not exist: {}'.format(path)
+            )
+    
+    @staticmethod
+    def validate_paths(paths, base_path = None, must_exist: bool = False):
+        """
+        Validate file or directory paths against path traversal attacks.
+        Accepts a list of paths and validates each one.
+        Skips validation if path is None or not a string.
+        Skips validation for URLs (http://, https://) and external paths (external://).
+        
+        :param paths: Path(s) to validate - can be str, Path, list of str/Path, or None
+        :param base_path: Optional base directory to restrict path to (str or Path). If None, uses current working directory
+        :param bool must_exist: If True, path must exist
+        :raises PlatformException: If any path is invalid or contains traversal sequences
+        """
+        # Handle None - skip validation
+        if paths is None:
+            return
+        
+        # Convert base_path Path object to string
+        if isinstance(base_path, Path):
+            base_path = str(base_path)
+        
+        # Resolve base_path
+        if base_path is None:
+            base_path = os.getcwd()
+        
+        # Handle list of paths
+        if isinstance(paths, list):
+            for path in paths:
+                PathUtils._validate_single_path(path, base_path, must_exist)
+        else:
+            # Single path
+            PathUtils._validate_single_path(paths, base_path, must_exist)
+    
+    @staticmethod
+    def validate_file_path(file_path, base_path = None, must_exist: bool = True):
+        """
+        Validate a file path against path traversal attacks.
+        
+        :param file_path: File path to validate (str or Path object)
+        :param base_path: Optional base directory to restrict path to (str or Path). If None, uses current working directory
+        :param bool must_exist: If True, file must exist (default: True)
+        :raises PlatformException: If path is invalid, contains traversal sequences, or is not a file
+        """
+        # Convert Path objects to strings
+        if isinstance(file_path, Path):
+            file_path = str(file_path)
+        if isinstance(base_path, Path):
+            base_path = str(base_path)
+        
+        PathUtils.validate_paths(file_path, base_path=base_path, must_exist=must_exist)
+        
+        if must_exist and isinstance(file_path, str) and not file_path.startswith(('http://', 'https://', 'external://')):
+            # Resolve path to check if it's a file
+            if base_path is None:
+                base_path = os.getcwd()
+            if os.path.isabs(file_path):
+                resolved = os.path.abspath(os.path.normpath(file_path))
+            else:
+                resolved = os.path.abspath(os.path.normpath(os.path.join(base_path, file_path)))
+            
+            if not os.path.isfile(resolved):
+                raise exceptions.PlatformException(
+                    error='400',
+                    message='Path is not a file: {}'.format(file_path)
+                )
+    
+    @staticmethod
+    def validate_directory_path(dir_path, base_path = None, must_exist: bool = True):
+        """
+        Validate a directory path against path traversal attacks.
+        
+        :param dir_path: Directory path to validate (str or Path object)
+        :param base_path: Optional base directory to restrict path to (str or Path). If None, uses current working directory
+        :param bool must_exist: If True, directory must exist (default: True)
+        :raises PlatformException: If path is invalid, contains traversal sequences, or is not a directory
+        """
+        # Convert Path objects to strings
+        if isinstance(dir_path, Path):
+            dir_path = str(dir_path)
+        if isinstance(base_path, Path):
+            base_path = str(base_path)
+        
+        PathUtils.validate_paths(dir_path, base_path=base_path, must_exist=must_exist)
+        
+        if must_exist and isinstance(dir_path, str) and not dir_path.startswith(('http://', 'https://', 'external://')):
+            # Resolve path to check if it's a directory
+            if base_path is None:
+                base_path = os.getcwd()
+            if os.path.isabs(dir_path):
+                resolved = os.path.abspath(os.path.normpath(dir_path))
+            else:
+                resolved = os.path.abspath(os.path.normpath(os.path.join(base_path, dir_path)))
+            
+            if not os.path.isdir(resolved):
+                raise exceptions.PlatformException(
+                    error='400',
+                    message='Path is not a directory: {}'.format(dir_path)
+                )
+

dtlpy/repositories/annotations.py

@@ -2,7 +2,6 @@ from copy import deepcopy
 import traceback
 import logging
 import json
-import jwt
 import os
 from PIL import Image
 from io import BytesIO
@@ -336,9 +335,7 @@ class Annotations:
 
     def _delete_single_annotation(self, w_annotation_id):
         try:
-            creator = jwt.decode(self._client_api.token, algorithms=['HS256'],
-                                 verify=False, options={'verify_signature': False})['email']
-            payload = {'username': creator}
+            payload = {'username': self._client_api.info()['user_email']}
             success, response = self._client_api.gen_request(req_type='delete',
                                                              path='/annotations/{}'.format(w_annotation_id),
                                                              json_req=payload)

dtlpy/repositories/packages.py

@@ -513,6 +513,13 @@ class Packages:
             if codebase is None:
                 src_path = os.getcwd()
                 logger.warning('No src_path is given, getting package information from cwd: {}'.format(src_path))
+        else:
+            # Validate src_path to prevent path traversal
+            miscellaneous.PathUtils.validate_directory_path(
+                src_path,
+                base_path=os.getcwd(),
+                must_exist=True
+            )
 
         # get package json
         package_from_json = dict()
@@ -941,6 +948,8 @@ class Packages:
 
             project.packages.deploy_from_file(project='project_entity', json_filepath='json_filepath')
         """
+        # Validate file path to prevent path traversal
+        miscellaneous.PathUtils.validate_file_path(json_filepath)
         with open(json_filepath, 'r') as f:
             data = json.load(f)
 

dtlpy/repositories/projects.py

@@ -1,6 +1,5 @@
 import logging
 from urllib.parse import quote
-import jwt
 
 from .. import entities, miscellaneous, exceptions, _api_reference
 from ..services.api_client import ApiClient
@@ -159,8 +158,7 @@ class Projects:
         assert isinstance(title, str)
         assert isinstance(content, str)
         if self._client_api.token is not None:
-            sender = jwt.decode(self._client_api.token, algorithms=['HS256'],
-                                verify=False, options={'verify_signature': False})['email']
+            sender = self._client_api.info()['user_email']
         else:
             raise exceptions.PlatformException('600', 'Token expired please log in')
 

dtlpy/services/api_client.py

@@ -856,8 +856,16 @@ class ApiClient:
         """
         user_email = 'null'
         if self.token is not None:
-            payload = jwt.decode(self.token, algorithms=['HS256'],
-                                 verify=False, options={'verify_signature': False})
+            # oxsec-disable jwt-signature-disabled - Client-side SDK: signature verification disabled intentionally to extract user email; server validates on API calls
+            payload = jwt.decode(
+                self.token,
+                options={
+                    "verify_signature": False,
+                    "verify_exp": False,
+                    "verify_aud": False,
+                    "verify_iss": False,
+                }
+            )
             user_email = payload['email']
         information = {'environment': self.environment,
                        'user_email': user_email}
@@ -1353,8 +1361,16 @@ class ApiClient:
             if self.token is None or self.token == '':
                 expired = True
             else:
-                payload = jwt.decode(self.token, algorithms=['HS256'],
-                                     options={'verify_signature': False}, verify=False)
+                # oxsec-disable jwt-signature-disabled - Client-side SDK: signature verification disabled intentionally to check token expiration; server validates on API calls
+                payload = jwt.decode(
+                    self.token,
+                    options={
+                        "verify_signature": False,
+                        "verify_exp": False,
+                        "verify_aud": False,
+                        "verify_iss": False,
+                    }
+                )
                 d = datetime.datetime.now(datetime.timezone.utc)
                 epoch = datetime.datetime(1970, 1, 1, tzinfo=datetime.timezone.utc)
                 now = (d - epoch).total_seconds()

dtlpy/services/check_sdk.py

@@ -2,7 +2,6 @@ import time
 import logging
 import threading
 import traceback
-import jwt
 
 logger = logging.getLogger(name='dtlpy')
 
@@ -21,9 +20,7 @@ def check_in_thread(version, client_api):
 
         # try read token for email
         try:
-            payload = jwt.decode(client_api.token, algorithms=['HS256'],
-                                 verify=False, options={'verify_signature': False})
-            user_email = payload['email']
+            user_email = client_api.info()['user_email']
         except Exception:
             user_email = 'na'
         logger.debug('SDK info: user: {}, version: {}'.format(user_email, version))

dtlpy/services/logins.py

@@ -32,15 +32,12 @@ def login_secret(api_client, email, password, client_id, client_secret=None, for
     # TODO add deprecation warning to client_id
     # check if already logged in with SAME email
     if api_client.token is not None or api_client.token == '':
-        try:
-            payload = jwt.decode(api_client.token, algorithms=['HS256'],
-                                 options={'verify_signature': False}, verify=False)
-            if 'email' in payload and \
-                    payload['email'] == email and \
-                    not api_client.token_expired() and \
-                    not force:
-                return True
-        except jwt.exceptions.DecodeError:
+        logged_email = api_client.info()['user_email']
+        if logged_email == email and \
+            not api_client.token_expired() and \
+            not force:
+            return True
+        else:
             logger.debug('{}'.format('Cant decode token. Force login is used'))
 
     logger.info('[Start] Login Secret')
@@ -71,13 +68,12 @@ def login_secret(api_client, email, password, client_id, client_secret=None, for
             api_client.refresh_token = response_dict['refresh_token']
 
         # set new client id for refresh
-        payload = jwt.decode(api_client.token, algorithms=['HS256'],
-                             options={'verify_signature': False}, verify=False)
-        if 'email' in payload:
-            logger.info('[Done] Login Secret. User: {}'.format(payload['email']))
+        logged_email = api_client.info()['user_email']
+
+        if not logged_email == 'null':
+            logger.info(f'[Done] Login Secret. User: {logged_email}')
         else:
-            logger.info('[Done] Login Secret. User: {}'.format(email))
-            logger.info(payload)
+            logger.info(f'[Done] Login Secret. User: {email}')
     return True
 
 
@@ -206,8 +202,16 @@ def login(api_client, auth0_url=None, audience=None, client_id=None, login_domai
         success, tokens = server.process_request()
 
         if success:
-            decoded_jwt = jwt.decode(tokens['id'], verify=False,
-                                     options={'verify_signature': False})
+            # oxsec-disable jwt-signature-disabled - Client-side SDK: signature verification disabled intentionally to extract claims for display; server validates on API calls
+            decoded_jwt = jwt.decode(
+                tokens['id'],
+                options={
+                    "verify_signature": False,
+                    "verify_exp": False,
+                    "verify_aud": False,
+                    "verify_iss": False,
+                }
+            )
 
             if 'email' in decoded_jwt:
                 logger.info('Logged in: {}'.format(decoded_jwt['email']))

dtlpy/utilities/videos/videos.py

@@ -7,6 +7,7 @@ import os
 import logging
 import dtlpy as dl
 import shutil
+from dtlpy import miscellaneous
 
 logger = logging.getLogger(name='dtlpy')
 
@@ -344,6 +345,9 @@ class Videos:
             raise
         # https://www.ffmpeg.org/ffmpeg-formats.html#Examples-9
 
+        # Validate filepath to prevent path traversal
+        miscellaneous.PathUtils.validate_file_path(filepath)
+        
         if not os.path.isfile(filepath):
             raise IOError('File doesnt exists: {}'.format(filepath))
         logger.info('Extracting video information...')

{dtlpy-1.118.12.dist-info → dtlpy-1.118.13.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: dtlpy
-Version: 1.118.12
+Version: 1.118.13
 Summary: SDK and CLI for Dataloop platform
 Home-page: https://github.com/dataloop-ai/dtlpy
 Author: Dataloop Team

{dtlpy-1.118.12.dist-info → dtlpy-1.118.13.dist-info}/RECORD

@@ -1,5 +1,5 @@
 dtlpy/__init__.py,sha256=p9qDLEQ01cTj0Xx8FkxJPHSmP7LMHMv8b5-ZWW1FPrU,20625
-dtlpy/__version__.py,sha256=zzDq0O015CukNUyAYZIC27rY6zu8_tSZPOwxCHkmfnw,21
+dtlpy/__version__.py,sha256=rKb0jeJZoFfB0Nvl7WNtP0jvSvA4lP7Psb-TendlWlQ,21
 dtlpy/exceptions.py,sha256=EQCKs3pwhwZhgMByQN3D3LpWpdxwcKPEEt-bIaDwURM,2871
 dtlpy/new_instance.py,sha256=XegQav2hzPrPAUzuRFvUIGSPidoK-rbb02Q43NPsIpo,9982
 dtlpy/assets/__init__.py,sha256=D_hAa6NM8Zoy32sF_9b7m0b7I-BQEyBFg8-9Tg2WOeo,976
@@ -38,7 +38,7 @@ dtlpy/caches/filesystem_cache.py,sha256=OrBqyEucSVp7g33c6R1BR3ICbkgQnwYWEDhQ7OxH
 dtlpy/caches/redis_cache.py,sha256=bgJgxgAXFR_TxPDvlLS4TKumFds-ihNf668JbPYUfpc,2331
 dtlpy/dlp/__init__.py,sha256=QG_BxSqeic0foFBmzIkpZEF4EvxOZamknj2f5Cb6T6Q,868
 dtlpy/dlp/cli_utilities.py,sha256=gZA9XIN5GG-xWJ6S1i6T17CDDCypDoev6CY-WHlogYg,16055
-dtlpy/dlp/command_executor.py,sha256=JKtRKTwrKfkXHa1VuFhPw15FuwexBPq_9ANAu2pSyXs,32113
+dtlpy/dlp/command_executor.py,sha256=oQPOzE6eVUvm54IsdVYcWgVOByWjOqa2nQQY8EAd8Vc,34320
 dtlpy/dlp/dlp,sha256=-F0vSCWuSOOtgERAtsPMPyMmzitjhB7Yeftg_PDlDjw,10
 dtlpy/dlp/dlp.bat,sha256=QOvx8Dlx5dUbCTMpwbhOcAIXL1IWmgVRSboQqDhIn3A,37
 dtlpy/dlp/dlp.py,sha256=Zv9yoXwNAx4gkED-JiayN-ZkX2dPn4FB0SDx9qc7muo,4404
@@ -141,11 +141,12 @@ dtlpy/examples/upload_items_and_custom_format_annotations.py,sha256=KgGeIs2Q6MoT
 dtlpy/examples/upload_items_with_modalities.py,sha256=PJyzPIvRSWi_nh7JlOR9YZKFrMuvYffDx5mz9TiVIvU,1848
 dtlpy/examples/upload_segmentation_annotations_from_mask_image.py,sha256=JQGc8wQ3zTRRlVcRLs223UwCYCAfChKlvU0QOPEqezI,1388
 dtlpy/examples/upload_yolo_format_annotations.py,sha256=PDLhC5pBGrC68Pix-7I7SgdaCweYNZPgJxg0h4ssWyc,2610
-dtlpy/miscellaneous/__init__.py,sha256=twbvfsKdiNHNR-vUuy8nUlY3vuUVaSnm-wO83yQdeFY,829
+dtlpy/miscellaneous/__init__.py,sha256=_-NhTwcGH2FxFsWMf-vfmYYT6Ouuw08rN1fALJg2Zvw,863
 dtlpy/miscellaneous/dict_differ.py,sha256=POJbKR0YyWPf5gFADFpIaNFj9gt2aVBTNof7GJNxTCw,3489
 dtlpy/miscellaneous/git_utils.py,sha256=CT_CCDsqDqu_bY3cLcOSU6k3Zr6w40t8GJULLUtAJ_U,7971
 dtlpy/miscellaneous/json_utils.py,sha256=0P4YTlL6o_L7AUrvAeqkqA46MZZK_hDdTrdnmI59y6g,428
 dtlpy/miscellaneous/list_print.py,sha256=fBGTMXFUwDG8DD4W6HyR8BTGtbTckLf4W09quNRJm5M,4828
+dtlpy/miscellaneous/path_utils.py,sha256=TiYHuwfWUBbz6E99QP-MQivkBC70aMBdYRd3RTJ0QgQ,10426
 dtlpy/miscellaneous/zipping.py,sha256=JplTc8UDFvO8WaD5vKuumVLN0lU_-GtHoE0doWKtmKg,5383
 dtlpy/ml/__init__.py,sha256=vPkyXpc9kcWWZ_PxyPEOsjKBJdEbowLkZr8FZIb_OBM,799
 dtlpy/ml/base_feature_extractor_adapter.py,sha256=iiEGYAx0Rdn4K46H_FlKrAv3ebTXHSxNVAmio0BxhaI,1178
@@ -156,7 +157,7 @@ dtlpy/ml/summary_writer.py,sha256=dehDi8zmGC1sAGyy_3cpSWGXoGQSiQd7bL_Thoo8yIs,27
 dtlpy/ml/train_utils.py,sha256=t607DfyGBRrUQZ9jPmPe4V9Udzfk0hPWuw4OvKZKAeo,2440
 dtlpy/repositories/__init__.py,sha256=D2YI3ZLlSx0OlgVr8y_E9rsj-IxCDOj0MB6QTlv2NSA,2061
 dtlpy/repositories/analytics.py,sha256=dQPCYTPAIuyfVI_ppR49W7_GBj0033feIm9Gd7LW1V0,2966
-dtlpy/repositories/annotations.py,sha256=idTKzanNt-ncB0eIKE5p6WclrVGNjceI2Y7dAzDFtzY,43595
+dtlpy/repositories/annotations.py,sha256=ygN6JRa9jAod9kXDwksaScsTqzWCzegYsmF_i2be5xA,43442
 dtlpy/repositories/apps.py,sha256=miCYJNqte8TVFkBezE8yzueMsz593jNO9sSUfZRVV7M,15969
 dtlpy/repositories/artifacts.py,sha256=Ke2ustTNw-1eQ0onLsWY7gL2aChjXPAX5p1uQ_EzMbo,19081
 dtlpy/repositories/assignments.py,sha256=1VwJZ7ctQe1iaDDDpeYDgoj2G-TCgzolVLUEqUocd2w,25506
@@ -180,10 +181,10 @@ dtlpy/repositories/models.py,sha256=K8mqmYM_kj3z727VDcdcnQC_XDw18bf48ujEV-deStU,
 dtlpy/repositories/nodes.py,sha256=xXJm_YA0vDUn0dVvaGeq6ORM0vI3YXvfjuylvGRtkxo,3061
 dtlpy/repositories/ontologies.py,sha256=unnMhD2isR9DVE5S8Fg6fSDf1ZZ5Xemxxufx4LEUT3w,19577
 dtlpy/repositories/organizations.py,sha256=6ijUDFbsogfRul1g_vUB5AZOb41MRmV5NhNU7WLHt3A,22825
-dtlpy/repositories/packages.py,sha256=QhkXMZkpseCt0pDropJuqoHJL0RMa5plk8AN0V3w6Nk,86807
+dtlpy/repositories/packages.py,sha256=XA1cu7zW9sHfMlayjUD8OeAknsEpHzEcN-uebOIFmxc,87172
 dtlpy/repositories/pipeline_executions.py,sha256=sEC03bu5DsHc554z3xDbMCP529rhfADcktXgWkswEwI,17281
 dtlpy/repositories/pipelines.py,sha256=5qosyxLFgNbcmL7uoTr9klAj1VM-7mWvsOvngbUU1Qk,24320
-dtlpy/repositories/projects.py,sha256=TKLCuL7Inlv4GwgcQcuXkPQtgacfrXYjsTQng8nPC7Y,21623
+dtlpy/repositories/projects.py,sha256=_e5z4byytBu-nEYqsRO0HF0IbLgyyUaLLkx0EBND6Ls,21501
 dtlpy/repositories/recipes.py,sha256=q1FMk4kBPzBS-QIbkxeSsMcAJmYuS7gpYL8t3XIBWII,17117
 dtlpy/repositories/resource_executions.py,sha256=PyzsbdJxz6jf17Gx13GZmqdu6tZo3TTVv-DypnJ_sY0,5374
 dtlpy/repositories/schema.py,sha256=kTKDrbwm7BfQnBAK81LpAl9ChNFdyUweSLNazlJJhjk,3953
@@ -198,15 +199,15 @@ dtlpy/repositories/uploader.py,sha256=I9mP-Ikj0zUOdMTf-7FN_huHWXYeWc8gzVRpfUPAXj
 dtlpy/repositories/webhooks.py,sha256=IIpxOJ-7KeQp1TY9aJZz-FuycSjAoYx0TDk8z86KAK8,9033
 dtlpy/services/__init__.py,sha256=VfVJy2otIrDra6i7Sepjyez2ujiE6171ChQZp-YgxsM,904
 dtlpy/services/aihttp_retry.py,sha256=tgntZsAY0dW9v08rkjX1T5BLNDdDd8svtgn7nH8DSGU,5022
-dtlpy/services/api_client.py,sha256=MbpTsGVgFonv04pWCfYkOP0shM3LcfCOrucVEXvNn4M,71907
+dtlpy/services/api_client.py,sha256=XS5tYyKvwW5RYlR1RD06zGk9-_MPf2h7yOoog2EDhxQ,72559
 dtlpy/services/api_reference.py,sha256=cW-B3eoi9Xs3AwI87_Kr6GV_E6HPoC73aETFaGz3A-0,1515
 dtlpy/services/async_utils.py,sha256=kaYHTPw0Lg8PeJJq8whPyzrBYkzD7offs5hsKRZXJm8,3960
 dtlpy/services/calls_counter.py,sha256=gr0io5rIsO5-7Cgc8neA1vK8kUtYhgFPmDQ2jXtiZZs,1036
-dtlpy/services/check_sdk.py,sha256=H4KL5xrmNGfR9fUSxTVUeBm_3YFGjkwUZpFnqhFBJyI,2617
+dtlpy/services/check_sdk.py,sha256=CaOzAtI7ETtgX3x6hS5NWx77liqqRwIKLJ7B42EXIt4,2464
 dtlpy/services/cookie.py,sha256=sSZR1QV4ienCcZ8lEK_Y4nZYBgAxO3kHrcBXFKGcmwQ,3694
 dtlpy/services/create_logger.py,sha256=2dC39CCmc17H4LYRpY0bRIT4S50UTGNOBPYIqJnrsIU,6350
 dtlpy/services/events.py,sha256=mpcu8RusLPrBcJEbWR61uFb4FiU_dQv3xoa7uM-rTcY,3686
-dtlpy/services/logins.py,sha256=YMMi_C_A97ZNtIlREE30hpBRhULAZJtORiVL6OL0oPQ,8766
+dtlpy/services/logins.py,sha256=_fUJ5UlEDWLX09TtcsYy9G1Qca5p6X24xu4XvE-N9Sk,8745
 dtlpy/services/reporter.py,sha256=qQ9Tgws-8cSpvKbLhJ8j8vgVSgxju2qAgnDL5sCk0Dg,9191
 dtlpy/services/service_defaults.py,sha256=a7KoqkVmn2TXmM9gN9JRaVVtcG2b8JGIieVnaZeEaao,3860
 dtlpy/utilities/__init__.py,sha256=ncQD1O5lZ7L9n9rNRBivyqNVFDZyQcmqn-X-wyQhhIs,898
@@ -225,13 +226,13 @@ dtlpy/utilities/reports/figures.py,sha256=o3TOrwo1ytY14H-NV-TyEgVYCFDSm6HYAXVXRd
 dtlpy/utilities/reports/report.py,sha256=3nEsNnIWmdPEsd21nN8vMMgaZVcPKn9iawKTTeOQg2A,2639
 dtlpy/utilities/videos/__init__.py,sha256=SV3w51vfPuGBxaMeNemx6qEMHw_C4lLpWNGXMvdsKSY,734
 dtlpy/utilities/videos/video_player.py,sha256=LCxg0EZ_DeuwcT7U_r7MRC6Q19s0xdFb7x5Gk39PRms,24072
-dtlpy/utilities/videos/videos.py,sha256=Dj916B4TQRIhI7HZVevl3foFrCsPp0eeWwvGbgX3-_A,21875
-dtlpy-1.118.12.data/scripts/dlp,sha256=-F0vSCWuSOOtgERAtsPMPyMmzitjhB7Yeftg_PDlDjw,10
-dtlpy-1.118.12.data/scripts/dlp.bat,sha256=QOvx8Dlx5dUbCTMpwbhOcAIXL1IWmgVRSboQqDhIn3A,37
-dtlpy-1.118.12.data/scripts/dlp.py,sha256=ZpfJvYE1_OTSorEYBphqTOutnHSb5TqOXh0y_mUCTJs,4393
-dtlpy-1.118.12.dist-info/licenses/LICENSE,sha256=QwcOLU5TJoTeUhuIXzhdCEEDDvorGiC6-3YTOl4TecE,11356
-dtlpy-1.118.12.dist-info/METADATA,sha256=-R4pN-l-KYSHK8DgWK-kWCA5eLuISDOrpK-7nIUmd9I,5908
-dtlpy-1.118.12.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-dtlpy-1.118.12.dist-info/entry_points.txt,sha256=C4PyKthCs_no88HU39eioO68oei64STYXC2ooGZTc4Y,43
-dtlpy-1.118.12.dist-info/top_level.txt,sha256=MSr60TGZYlwXCKxlLoZCfILRZ6pU_3L-20d2SZvygyA,6
-dtlpy-1.118.12.dist-info/RECORD,,
+dtlpy/utilities/videos/videos.py,sha256=4xbbrHDeJhyR8VXW5ojLEp1GGGwgMoRIRyGrXEX5wiA,22031
+dtlpy-1.118.13.data/scripts/dlp,sha256=-F0vSCWuSOOtgERAtsPMPyMmzitjhB7Yeftg_PDlDjw,10
+dtlpy-1.118.13.data/scripts/dlp.bat,sha256=QOvx8Dlx5dUbCTMpwbhOcAIXL1IWmgVRSboQqDhIn3A,37
+dtlpy-1.118.13.data/scripts/dlp.py,sha256=ZpfJvYE1_OTSorEYBphqTOutnHSb5TqOXh0y_mUCTJs,4393
+dtlpy-1.118.13.dist-info/licenses/LICENSE,sha256=QwcOLU5TJoTeUhuIXzhdCEEDDvorGiC6-3YTOl4TecE,11356
+dtlpy-1.118.13.dist-info/METADATA,sha256=ozuEK7ANlXc6pEc4wDX84knLXQO7rv1BJ-AAhC_bdgw,5908
+dtlpy-1.118.13.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+dtlpy-1.118.13.dist-info/entry_points.txt,sha256=C4PyKthCs_no88HU39eioO68oei64STYXC2ooGZTc4Y,43
+dtlpy-1.118.13.dist-info/top_level.txt,sha256=MSr60TGZYlwXCKxlLoZCfILRZ6pU_3L-20d2SZvygyA,6
+dtlpy-1.118.13.dist-info/RECORD,,