geovisio 2.9.0__py3-none-any.whl → 2.11.0__py3-none-any.whl

geovisio/web/users.py

@@ -3,6 +3,7 @@ from uuid import UUID
 import flask
 from flask import request, current_app, session, url_for
 from flask_babel import gettext as _
+from dataclasses import dataclass
 from pydantic import BaseModel, ConfigDict, ValidationError, computed_field
 from geovisio.utils import auth, db
 from geovisio import errors
@@ -15,6 +16,7 @@ from geovisio.utils.params import validation_error
 from geovisio.web import stac
 from geovisio.web.auth import NEXT_URL_KEY
 from geovisio.web.utils import get_root_link
+from geovisio.web.params import Visibility, check_visibility
 
 bp = flask.Blueprint("user", __name__, url_prefix="/api/users")
 
@@ -45,10 +47,17 @@ class UserInfo(BaseModel):
     tos_accepted: Optional[bool] = None
     """True means the user has accepted the terms of service (tos). Can only be seen by the user itself"""
 
+    tos_latest_change_read: Optional[bool] = None
+    """True means the user has read the latest changes to the terms of service (tos). Can only be seen by the user itself"""
+
     permissions: Optional[Permissions] = None
     """The user role and permissions. Can only be seen by the user itself"""
 
-    model_config = ConfigDict(use_attribute_docstrings=True)
+    default_visibility: Optional[Visibility] = None
+    """Default visibility for all upload_sets/sequences/pictures of the user. The visibility can be overriden at the upload_set/sequence/picture level.
+    If not set, the default visibility of the instance will be used."""
+
+    model_config = ConfigDict(use_attribute_docstrings=True, use_enum_values=True)
 
     @computed_field
     @property
@@ -71,13 +80,43 @@ class UserInfo(BaseModel):
         ]
 
 
+@dataclass
+class AdditionalUserInfo:
+    default_visibility: Visibility
+    tos_latest_change_read: bool
+
+
+def get_additional_user_info(account: auth.Account) -> AdditionalUserInfo:
+    """Get additional information about the user, like the default visibility"""
+    u = db.fetchone(
+        current_app,
+        """SELECT 
+    COALESCE(default_visibility, (SELECT default_visibility FROM configurations LIMIT 1)) AS default_visibility,
+    CASE WHEN 
+        tos_latest_change_read_at IS NULL THEN FALSE 
+        ELSE COALESCE(tos_latest_change_read_at >= (SELECT MAX(updated_at) FROM pages WHERE name = 'terms-of-service'), TRUE)
+    END AS tos_latest_change_read
+FROM accounts WHERE id = %s""",
+        [account.id],
+        row_factory=dict_row,
+    )
+    return AdditionalUserInfo(default_visibility=u["default_visibility"], tos_latest_change_read=u["tos_latest_change_read"])
+
+
 def _get_user_info(account: auth.Account):
     user_info = UserInfo(id=account.id, name=account.name, collaborative_metadata=account.collaborative_metadata)
     logged_account = auth.get_current_account()
-    if logged_account is not None and account.id == logged_account.id:
+    if logged_account is not None and (account.id == logged_account.id or logged_account.can_see_all()):
         # we show the term of service acceptance only if the user is the logged user and if ToS are mandatory
+        # we also show all fields to the admins
         if flask.current_app.config["API_ENFORCE_TOS_ACCEPTANCE"]:
             user_info.tos_accepted = account.tos_accepted
+
+        # same, we only show the default visibility if the user is the logged user
+        additional_info = get_additional_user_info(account)
+        user_info.default_visibility = additional_info.default_visibility
+        user_info.tos_latest_change_read = additional_info.tos_latest_change_read
+
         user_info.permissions = Permissions(
             role=account.role,
             can_check_reports=account.can_check_reports(),
@@ -91,13 +130,13 @@ def _get_user_info(account: auth.Account):
 @bp.route("/me")
 @auth.login_required_with_redirect()
 def getMyUserInfo(account):
-    """Get current logged user informations
+    """Get current logged user information
     ---
     tags:
         - Users
     responses:
         200:
-            description: Information about the logged account
+            description: Information about the logged in account
             content:
                 application/json:
                     schema:
@@ -108,7 +147,7 @@ def getMyUserInfo(account):
 
 @bp.route("/<uuid:userId>")
 def getUserInfo(userId):
-    """Get user informations
+    """Get user information
     ---
     tags:
         - Users
@@ -152,7 +191,7 @@ def getMyCatalog(account):
     deprecated: true
     responses:
         200:
-            description: the Catalog listing all sequences associated to given user. Note that it's similar to the user's colletion, but with less metadata since a STAC collection is an enhanced STAC catalog.
+            description: the Catalog listing all sequences associated to given user. Note that it's similar to the user's collection, but with less metadata since a STAC collection is an enhanced STAC catalog.
             content:
                 application/json:
                     schema:
@@ -350,9 +389,22 @@ class UserConfiguration(BaseModel):
     
     If not set, it will default to the instance default collaborative editing policy."""
 
+    default_visibility: Optional[Visibility] = None
+    """Default visibility for all upload_sets/sequences/pictures of the user. The visibility can be overriden at the upload_set/sequence/picture level.
+    If not set, the default visibility of the instance will be used."""
+
     def has_override(self) -> bool:
         return bool(self.model_fields_set)
 
+    def validate(self):
+        if self.default_visibility and not check_visibility(self.default_visibility):
+            raise errors.InvalidAPIUsage(
+                _("The logged-only visibility is not allowed on this instance since anybody can create an account"),
+                status_code=400,
+            )
+
+    model_config = ConfigDict(use_enum_values=True, use_attribute_docstrings=True)
+
 
 @bp.route("/me", methods=["PATCH"])
 @auth.login_required()
@@ -387,8 +439,11 @@ def patchUserConfiguration(account):
 
     if not metadata:
         return _get_user_info(account)
-    params = get_db_params_and_values(metadata)
+
+    metadata.validate()
+
     if metadata.has_override():
+        params = get_db_params_and_values(metadata)
 
         fields = params.fields_for_set_list()
 
@@ -421,7 +476,9 @@ def accept_tos(account: auth.Account):
     # Note: accepting twice does not change the accepted_at date
     account = db.fetchone(
         current_app,
-        SQL("UPDATE accounts SET tos_accepted_at = COALESCE(tos_accepted_at, NOW()) WHERE id = %(account_id)s RETURNING *"),
+        SQL(
+            "UPDATE accounts SET tos_accepted_at = COALESCE(tos_accepted_at, NOW()), tos_latest_change_read_at = NOW() WHERE id = %(account_id)s RETURNING *"
+        ),
         {"account_id": account.id},
         row_factory=class_row(auth.Account),
     )
@@ -431,3 +488,27 @@ def accept_tos(account: auth.Account):
     session.permanent = True
 
     return _get_user_info(account)
+
+
+@bp.route("/me/tos_read", methods=["POST"])
+@auth.login_required()
+def tos_read(account: auth.Account):
+    """
+    Mark the new terms of service changes as read.
+    ---
+    tags:
+        - Auth
+    responses:
+        200:
+            description: Successfully marked the terms of service as read
+            content:
+                application/json: {}
+    """
+    account = db.fetchone(
+        current_app,
+        SQL("UPDATE accounts SET tos_latest_change_read_at = NOW() WHERE id = %(account_id)s RETURNING *"),
+        {"account_id": account.id},
+        row_factory=class_row(auth.Account),
+    )
+
+    return "", 200

geovisio/web/utils.py

@@ -7,6 +7,7 @@ from geovisio import errors
 from geovisio.utils import db
 from flask import current_app, url_for
 from flask_babel import gettext as _
+from psycopg.rows import dict_row
 from geovisio import __version__
 import subprocess
 
@@ -14,12 +15,12 @@ STAC_VERSION = "1.0.0"
 
 
 def removeNoneInDict(val):
-    """Removes empty values from dictionnary"""
+    """Removes empty values from dictionary"""
     return {k: v for k, v in val.items() if v is not None}
 
 
 def cleanNoneInDict(val):
-    """Removes empty values from dictionnary, and return None if dict is empty"""
+    """Removes empty values from dictionary, and return None if dict is empty"""
     res = removeNoneInDict(val)
     return res if len(res) > 0 else None
 
@@ -42,14 +43,31 @@ def cleanNoneInList(val: typing.List) -> typing.List:
     return list(filter(lambda e: e is not None, val))
 
 
-def accountIdOrDefault(account):
-    # Get default account ID
+def get_default_account():
+    from geovisio.utils import auth
+
+    r = db.fetchone(current_app, "SELECT id, name, role FROM accounts WHERE is_default", row_factory=dict_row)
+    if not r:
+        return None
+    return auth.Account(
+        id=r["id"],
+        name=r["name"],
+        role=auth.AccountRole(r["role"]),
+    )
+
+
+def accountOrDefault(account):
+    # Get default account
     if account is not None:
-        return account.id
-    accountId = db.fetchone(current_app, "SELECT id FROM accounts WHERE is_default")
-    if accountId is None:
+        return account
+    if current_app.config["API_FORCE_AUTH_ON_UPLOAD"]:
+        # if the API forces login on upload, we do not return the default account
+        return None
+    # if the API authorizes anonymous upload, we get the default account ID
+    def_account = get_default_account()
+    if def_account is None:
         raise errors.InternalError(_("No default account defined, please contact your instance administrator"))
-    return str(accountId[0])
+    return def_account
 
 
 def get_license_link():

geovisio/workers/runner_pictures.py

@@ -17,7 +17,7 @@ from typing import Any, Dict, Optional
 import threading
 from uuid import UUID
 from croniter import croniter
-from datetime import datetime, timezone
+from datetime import datetime, timezone, timedelta
 import geovisio.utils.filesystems
 
 log = logging.getLogger("geovisio.runner_pictures")
@@ -58,6 +58,7 @@ class ProcessTask(str, Enum):
     delete = "delete"
     dispatch = "dispatch"
     finalize = "finalize"
+    read_metadata = "read_metadata"
 
 
 @dataclass
@@ -65,6 +66,7 @@ class DbPicture:
     id: UUID
     metadata: dict
     skip_blurring: bool
+    orientation: str
 
     def blurred_by_author(self):
         return self.metadata.get("blurredByAuthor", False)
@@ -90,6 +92,8 @@ class DbJob:
     seq: Optional[DbSequence]
 
     task: ProcessTask
+    args: Optional[Dict[Any, Any]] = None
+    warning: Optional[str] = None
 
     def label(self):
         impacted_object = ""
@@ -105,7 +109,7 @@ class DbJob:
         return f"{self.task} for {impacted_object}"
 
 
-def store_detection_semantics(pic: DbPicture, metadata: Dict[str, Any], store_id: bool):
+def store_detection_semantics(job: DbJob, metadata: Dict[str, Any], store_id: bool):
     """store the detection returned by the blurring API in the database.
 
     The semantics part is stored as annotations, linked to the default account.
@@ -120,13 +124,13 @@ def store_detection_semantics(pic: DbPicture, metadata: Dict[str, Any], store_id
 
     tags = metadata.pop("annotations", [])
 
-    with db.conn(current_app) as conn, conn.cursor() as cursor:
+    with job.reporting_conn.cursor() as cursor:
         blurring_id = metadata.get("blurring_id")
         if blurring_id and store_id:
             # we store the blurring id to be able to unblur the picture later
             cursor.execute(
                 "UPDATE pictures SET blurring_id = %(blurring_id)s WHERE id = %(id)s",
-                {"blurring_id": blurring_id, "id": pic.id},
+                {"blurring_id": blurring_id, "id": job.pic.id},
             )
 
         if not tags:
@@ -140,21 +144,48 @@ def store_detection_semantics(pic: DbPicture, metadata: Dict[str, Any], store_id
         # we want to remove all the tags added by the same bluring api previously
         # it's especially usefull when a picture is blurred multiple times
         # and if the detection model has been updated between the blurrings
-        semantics.delete_annotation_tags_from_service(conn, pic.id, service_name="SGBlur", account=default_account_id)
+        semantics.delete_annotation_tags_from_service(job.reporting_conn, job.pic.id, service_name="SGBlur", account=default_account_id)
     try:
         annotations_to_create = [
-            annotations.AnnotationCreationParameter(**t, account_id=default_account_id, picture_id=pic.id) for t in tags
+            annotations.AnnotationCreationParameter(**t, account_id=default_account_id, picture_id=job.pic.id) for t in tags
         ]
+        for a in annotations_to_create:
+            annotations.creation_annotation(a, job.reporting_conn)
     except Exception as e:
         # if the detections are not in the correct format, we skip them
         msg = errors.getMessageFromException(e)
-        log.error(f"impossible to save blurring detections, skipping it for picture {pic.id}: {msg}")
+        if hasattr(e, "payload"):
+            msg += f": {e.payload}"
+        log.error(f"impossible to save blurring detections, skipping it for picture {job.pic.id}: {msg}")
+        job.warning = msg
+
+
+def update_picture_orientation(conn: psycopg.Connection, db_pic: DbPicture, picturePillow: Image):
+    """if the picture is side oriented, we need to check if the blurring API has rotated the picture, and update its size"""
+    if db_pic.orientation not in ("6", "8"):
         return
-    for a in annotations_to_create:
-        annotations.creation_annotation(a)
+
+    new_size = utils.pictures.getPictureSizing(picturePillow)
+    if new_size["width"] != db_pic.metadata["width"] or new_size["height"] != db_pic.metadata["height"]:
+        with conn.cursor() as cursor:
+            # update the new X/Y dimensions and reset the orientation, to tell that it's no longer side oriented
+            cursor.execute(
+                """UPDATE pictures SET
+exif = exif - 'Exif.Image.Orientation' || jsonb_build_object('Exif.Photo.PixelXDimension', %(width)s, 'Exif.Photo.PixelYDimension', %(height)s),
+metadata = metadata || jsonb_build_object('width', %(width)s, 'height', %(height)s, 'cols', %(cols)s, 'rows', %(rows)s)
+WHERE id = %(id)s
+""",
+                {
+                    "width": new_size["width"],
+                    "height": new_size["height"],
+                    "id": db_pic.id,
+                    "cols": new_size["cols"],
+                    "rows": new_size["rows"],
+                },
+            )
 
 
-def processPictureFiles(pic: DbPicture, config):
+def processPictureFiles(job: DbJob, config):
     """Generates the files associated with a sequence picture.
 
     If needed the image is blurred before the tiles and thumbnail are generated.
@@ -168,6 +199,7 @@ def processPictureFiles(pic: DbPicture, config):
     config : dict
             Flask app.config (passed as param to allow using ThreadPoolExecutor)
     """
+    pic = job.pic
     skipBlur = pic.skip_blurring or config.get("API_BLUR_URL") is None
     fses = config["FILESYSTEMS"]
     fs = fses.permanent if skipBlur else fses.tmp
@@ -206,8 +238,12 @@ def processPictureFiles(pic: DbPicture, config):
                     picture = None
                 else:
                     picture = res.image
+
+                    if pic.orientation in ("6", "8"):
+                        update_picture_orientation(job.reporting_conn, pic, picture)
+
                     if res.metadata:
-                        store_detection_semantics(pic, res.metadata, store_id=config["PICTURE_PROCESS_KEEP_UNBLURRED_PARTS"])
+                        store_detection_semantics(job, res.metadata, store_id=config["PICTURE_PROCESS_KEEP_UNBLURRED_PARTS"])
 
                 # Delete original unblurred file
                 geovisio.utils.filesystems.removeFsEvenNotFound(fses.tmp, picHdPath)
@@ -287,7 +323,9 @@ class PictureProcessor:
                     if self.app.pool.closed and self.stop:
                         # in some tests, the pool is closed before the worker is stopped, we check this here
                         return
-                    self.check_periodic_tasks()
+                    if not self.stop:
+                        # periodic tasks are only checked by permanent workers
+                        self.check_periodic_tasks()
                     r = process_next_job(self.app)
                     if not r:
                         if self.stop:
@@ -308,7 +346,7 @@ class PictureProcessor:
         signal.signal(signal.SIGTERM, self._graceful_shutdown)
 
     def _graceful_shutdown(self, *args):
-        log.info("Stoping worker, waiting for last picture processing to finish...")
+        log.info("Stopping worker, waiting for last picture processing to finish...")
         self.stop = True
 
     def check_periodic_tasks(self):
@@ -364,16 +402,19 @@ def process_next_job(app):
                     span.set_data("pic_id", job.pic.id)
                     with utils.time.log_elapsed(f"Processing picture {job.pic.id}"):
                         # open another connection for reporting and queries
-                        processPictureFiles(job.pic, app.config)
+                        processPictureFiles(job, app.config)
             elif job.task == ProcessTask.delete and job.pic:
                 with sentry_sdk.start_span(description="Deleting picture") as span:
                     span.set_data("pic_id", job.pic.id)
                     with utils.time.log_elapsed(f"Deleting picture {job.pic.id}"):
-                        _delete_picture(job.pic)
+                        _delete_picture(job.reporting_conn, job.pic)
+            elif job.task == ProcessTask.read_metadata and job.pic:
+                with utils.time.log_elapsed(f"Reading metadata of picture {job.pic.id}"):
+                    _read_picture_metadata(job.pic, **(job.args or {}))
             elif job.task == ProcessTask.dispatch and job.upload_set:
                 with utils.time.log_elapsed(f"Dispatching upload set {job.upload_set.id}"):
                     try:
-                        upload_set.dispatch(job.upload_set.id)
+                        upload_set.dispatch(job.reporting_conn, job.upload_set.id)
                     except Exception as e:
                         log.exception(f"impossible to dispatch upload set {job.upload_set.id}")
                         raise RecoverableProcessException("Upload set dispatch error: " + errors.getMessageFromException(e)) from e
@@ -399,7 +440,7 @@ def _get_next_job(app):
     with app.pool.connection() as locking_transaction:
         with locking_transaction.transaction(), locking_transaction.cursor(row_factory=dict_row) as cursor:
             r = cursor.execute(
-                """SELECT j.id, j.picture_id, j.upload_set_id, j.sequence_id, j.task, j.picture_to_delete_id, p.metadata, j.args
+                """SELECT j.id, j.picture_id, j.upload_set_id, j.sequence_id, j.task, j.picture_to_delete_id, p.metadata, j.args, p.exif->'Exif.Image.Orientation' as orientation
                 FROM job_queue j
                 LEFT JOIN pictures p ON p.id = j.picture_id
                 ORDER by
@@ -418,7 +459,12 @@ def _get_next_job(app):
                 # (and it will not a foreign key since the picture's row will already have been deleted from the db)
                 pic_id = r["picture_id"] or r["picture_to_delete_id"]
                 db_pic = (
-                    DbPicture(id=pic_id, metadata=r["metadata"], skip_blurring=(r["args"] or {}).get("skip_blurring", False))
+                    DbPicture(
+                        id=pic_id,
+                        metadata=r["metadata"],
+                        skip_blurring=(r["args"] or {}).get("skip_blurring", False),
+                        orientation=r["orientation"],
+                    )
                     if pic_id is not None
                     else None
                 )
@@ -466,7 +512,7 @@ def _get_next_job(app):
                         _finalize_sequence(job)
                         error = e
 
-    # we raise an error after the transaction has been comited to be sure to have the state persisted in the database
+    # we raise an error after the transaction has been committed to be sure to have the state persisted in the database
     if error:
         raise error
 
@@ -507,9 +553,16 @@ def _finalize_job(conn, job: DbJob):
             f"The job {job.job_history_id} ({job.label()}) has likely been deleted during the process (it can happen if the picture/upload_set/sequence has been deleted by another process), we don't need to finalize it"
         )
         return
+
+    params = {"id": job.job_history_id}
+    fields = [SQL("finished_at = CURRENT_TIMESTAMP")]
+    if job.warning:
+        fields.append(SQL("warning = %(warn)s"))
+        params["warn"] = job.warning
+
     job.reporting_conn.execute(
-        "UPDATE job_history SET finished_at = CURRENT_TIMESTAMP WHERE id = %(id)s",
-        {"id": job.job_history_id},
+        SQL("UPDATE job_history SET {fields} WHERE id = %(id)s").format(fields=SQL(", ").join(fields)),
+        params,
     )
     if job.task == ProcessTask.prepare and job.pic:
         # Note: the status is slowly been deprecated by replacing it with more precise status, and in the end it will be removed
@@ -544,7 +597,7 @@ def _initialize_job(
             "pic_to_delete": db_pic.id if db_pic and task == ProcessTask.delete else None,
             "us_id": db_upload_set.id if db_upload_set else None,
             "task": task.value,
-            "args": Jsonb(args),
+            "args": Jsonb(args) if args else None,
         },
     ).fetchone()
 
@@ -559,6 +612,7 @@ def _initialize_job(
         upload_set=db_upload_set,
         task=task,
         job_history_id=r[0],
+        args=args,
     )
 
 
@@ -608,7 +662,58 @@ def _mark_process_as_error(
         conn.execute("DELETE FROM job_queue WHERE id = %(id)s", {"id": job.job_queue_id})
 
 
-def _delete_picture(pic: DbPicture):
+def _delete_picture(conn: psycopg.Connection, pic: DbPicture):
     """Delete a picture from the filesystem"""
     log.debug(f"Deleting picture files {pic.id}")
+
+    def check_if_no_workers_preparing():
+        try:
+            # We try to check if there at some workers preparing this picture, if it's the case, we wait a bit and retry.
+            # after some time, if the lock is still not released, we raise a RetryLaterProcessException, to reschedule the whole job later
+            conn.execute(
+                "SELECT id FROM job_queue WHERE picture_id = %(id)s and task = 'prepare' FOR UPDATE NOWAIT",
+                {"id": pic.id},
+            )
+            return True
+        except psycopg.errors.LockNotAvailable:
+            logging.debug(f"The picture {pic.id} is being processed, we'll retry later")
+            return False
+
+    _retry_for(check_if_no_workers_preparing, error=f"Picture {pic.id} is being processed")
+
+    # Delete the row if needed (note that it can have already been deleted (for example if a whole upload_set has been deleted, the `ON DELETE CASCADE` deletes all the pictures's row (but the files still need to be deleted)))
+    conn.execute("DELETE FROM pictures WHERE id = %(id)s", {"id": pic.id})
+
     utils.pictures.removeAllFiles(pic.id)
+
+
+def _retry_for(func, error, timeout=timedelta(minutes=1), sleep=timedelta(seconds=5)):
+    import time
+
+    cur_duration = timedelta(seconds=0)
+    while cur_duration < timeout:
+        r = func()
+        if r:
+            return
+        cur_duration += sleep
+        time.sleep(sleep.total_seconds())
+
+    raise RetryLaterProcessException(error)
+
+
+def _read_picture_metadata(picture: DbPicture, read_file=False):
+    """Reread the picture metadata.
+
+    Normally the picture's metadata are read during upload, but sometimes (mainly when the geopic-tag-reader library has been updated),
+    we need to read the metadata again.
+
+    Parameters
+    ----------
+    picture_id : UUID
+        The ID of the picture to read the metadata from
+    read_file : bool
+        If True, the picture's raw metadata will be read again, else the Exif tools stored in the database will be used (way faster).
+    """
+
+    with db.conn(current_app) as conn:
+        utils.pictures.update_picture_metadata(conn, picture.id, read_file)

{geovisio-2.9.0.dist-info → geovisio-2.11.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: geovisio
-Version: 2.9.0
+Version: 2.11.0
 Summary: GeoVisio API - Main
 Author-email: Adrien PAVIE <panieravide@riseup.net>, Antoine Desbordes <antoine.desbordes@gmail.com>
 Requires-Python: >=3.10
@@ -11,7 +11,7 @@ Requires-Dist: Flask ~= 3.1
 Requires-Dist: psycopg[pool] ~= 3.2
 Requires-Dist: flasgger ~= 0.9.7
 Requires-Dist: Pillow ~= 11.1
-Requires-Dist: Flask-Cors ~= 5.0
+Requires-Dist: Flask-Cors ~= 6.0
 Requires-Dist: fs ~= 2.4
 Requires-Dist: fs-s3fs-forked ~= 1.1.4
 Requires-Dist: flask-compress ~= 1.14
@@ -19,38 +19,39 @@ Requires-Dist: requests ~= 2.31
 Requires-Dist: yoyo-migrations ~= 9.0
 Requires-Dist: psycopg-binary ~= 3.2
 Requires-Dist: python-dotenv ~= 1.1
-Requires-Dist: authlib ~= 1.5
+Requires-Dist: authlib ~= 1.6
 Requires-Dist: Flask-Executor ~= 1.0
-Requires-Dist: geopic-tag-reader[write-exif] == 1.4.2
+Requires-Dist: geopic-tag-reader[write-exif] ~= 1.8.0
 Requires-Dist: rfeed ~= 1.1.1
 Requires-Dist: sentry-sdk[flask] ~= 2.24
 Requires-Dist: pygeofilter[backend-native] ~= 0.3.1
 Requires-Dist: python-dateutil ~= 2.9.0
 Requires-Dist: tzdata ~= 2025.2
 Requires-Dist: croniter ~= 6.0.0
-Requires-Dist: pydantic ~= 2.11
+Requires-Dist: pydantic ~= 2.12
 Requires-Dist: pydantic-extra-types ~= 2.7
 Requires-Dist: flask-babel ~= 4.0.0
-Requires-Dist: geojson-pydantic ~= 1.2.0
+Requires-Dist: geojson-pydantic ~= 2.0.0
 Requires-Dist: email-validator ~= 2.2.0
 Requires-Dist: multipart>=1.2.1
+Requires-Dist: gunicorn ~= 23.0.0
 Requires-Dist: flit ~= 3.9.0 ; extra == "build"
-Requires-Dist: coverage ~= 7.7 ; extra == "dev"
-Requires-Dist: protobuf ~= 4.21 ; extra == "dev"
-Requires-Dist: mapbox-vector-tile ~= 2.0 ; extra == "dev"
+Requires-Dist: coverage ~= 7.9 ; extra == "dev"
+Requires-Dist: protobuf ~= 5.26 ; extra == "dev"
+Requires-Dist: mapbox-vector-tile ~= 2.1 ; extra == "dev"
 Requires-Dist: pystac ~= 1.9 ; extra == "dev"
-Requires-Dist: pytest ~= 8.3 ; extra == "dev"
-Requires-Dist: pytest-datafiles ~= 2.0 ; extra == "dev"
+Requires-Dist: pytest ~= 8.4 ; extra == "dev"
+Requires-Dist: pytest-datafiles ~= 3.0 ; extra == "dev"
 Requires-Dist: pyexiv2 ~= 2.15 ; extra == "dev"
-Requires-Dist: testcontainers ~= 4.1 ; extra == "dev"
+Requires-Dist: testcontainers ~= 4.10 ; extra == "dev"
 Requires-Dist: requests-mock ~= 1.11 ; extra == "dev"
 Requires-Dist: black ~= 25.1 ; extra == "dev"
 Requires-Dist: pre-commit ~= 4.2 ; extra == "dev"
 Requires-Dist: pyyaml ~= 6.0 ; extra == "dev"
 Requires-Dist: openapi-spec-validator ~= 0.7 ; extra == "dev"
 Requires-Dist: stac-api-validator ~= 0.6.4 ; extra == "dev"
-Requires-Dist: mkdocs-material ~= 9.6.9 ; extra == "docs"
-Requires-Dist: mkdocs-swagger-ui-tag ~= 0.6.11 ; extra == "docs"
+Requires-Dist: mkdocs-material ~= 9.6.14 ; extra == "docs"
+Requires-Dist: mkdocs-swagger-ui-tag ~= 0.7.1 ; extra == "docs"
 Project-URL: Home, https://gitlab.com/panoramax/server/api
 Project-URL: Source Code, https://gitlab.com/panoramax/server/api
 Provides-Extra: build