aboutcode-org · tdruez · Mar 11, 2026 · Mar 11, 2026 · Mar 11, 2026
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -1,6 +1,47 @@
 Release notes
 =============
 
+### Version 5.7.0
+
+- Upgrade Python version to 3.14
+  https://github.com/aboutcode-org/dejacode/pull/465
+
+- Update Django to version 6.x
+  https://github.com/aboutcode-org/dejacode/pull/466
+
+- Fix parsing of str into timezone aware dates in reporting
+  https://github.com/aboutcode-org/dejacode/pull/461
+
+- Set usage policy from license profile
+  https://github.com/aboutcode-org/dejacode/pull/463
+
+- Add support for OpenDocument format in report export
+  https://github.com/aboutcode-org/dejacode/pull/478
+
+- Form validation on permission protected fields
+  https://github.com/aboutcode-org/dejacode/pull/479
+
+- Fix  stream scan results data instead of silencing timeouts
+  https://github.com/aboutcode-org/dejacode/pull/481
+
+- Fix upgrade RQ to fix a worker failure
+  https://github.com/aboutcode-org/dejacode/pull/483
+
+- Replace plain-text DRF token with PBKDF2-hashed API token
+  https://github.com/aboutcode-org/dejacode/pull/484
+
+- Fix rendering of the burger menu as offcanvas
+  https://github.com/aboutcode-org/dejacode/pull/486
+
+- Add ability to revoke an API key from profile view
+  https://github.com/aboutcode-org/dejacode/pull/491
+
+- Rework the pagination with per-model setting
+  https://github.com/aboutcode-org/dejacode/pull/494
+
+- Add generic views for API key management in `aboutcode.api_auth` module
+  https://github.com/aboutcode-org/dejacode/pull/500
+
 ### Version 5.6.0
 
 - feat: import vulnerability data from ScanCode.io
@@ -12,10 +53,10 @@ Release notes
 - feat: add package_content PurlDB field on Package model
   https://github.com/aboutcode-org/dejacode/issues/434
 
-- fix: exclude qualifiers and subpath for PURL comparison in get_purldb_entries
+- Fix exclude qualifiers and subpath for PURL comparison in get_purldb_entries
   https://github.com/aboutcode-org/dejacode/issues/453
 
-- fix: update the readthedocs.yml config to fix the build
+- Fix update the readthedocs.yml config to fix the build
   https://github.com/aboutcode-org/dejacode/issues/447
 
 - chore: upgrade Django and related libraries to latest version

diff --git a/dejacode/__init__.py b/dejacode/__init__.py
@@ -14,7 +14,7 @@
 
 import git
 
-VERSION = "5.6.0"
+VERSION = "5.7.0"
 
 PROJECT_DIR = Path(__file__).resolve().parent
 ROOT_DIR = PROJECT_DIR.parent

diff --git a/pyproject.toml b/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "dejacode"
-version = "5.6.0"
+version = "5.7.0"
 description = "Automate open source license compliance and ensure supply chain integrity"
 readme = "README.rst"
 requires-python = ">=3.14,<3.15"

diff --git a/thirdparty/dist/jsonschema_specifications-2025.9.1-py3-none-any.whl.ABOUT b/thirdparty/dist/jsonschema_specifications-2025.9.1-py3-none-any.whl.ABOUT
@@ -0,0 +1,38 @@
+about_resource: jsonschema_specifications-2025.9.1-py3-none-any.whl
+name: jsonschema-specifications
+version: 2025.9.1
+download_url: https://files.pythonhosted.org/packages/41/45/1a4ed80516f02155c51f51e8cedb3c1902296743db0bbc66608a0db2814f/jsonschema_specifications-2025.9.1-py3-none-any.whl
+description: |
+  The JSON Schema meta-schemas and vocabularies, exposed as a Registry
+  =============================
+  ``jsonschema-specifications``
+  =============================
+
+  |PyPI| |Pythons| |CI| |ReadTheDocs|
+
+  JSON support files from the `JSON Schema Specifications <https://json-schema.org/specification.html>`_ (metaschemas, vocabularies, etc.), packaged for runtime access from Python as a `referencing-based Schema Registry <https://referencing.readthedocs.io/en/stable/api/#referencing.Registry>`_.
+
+  .. |PyPI| image:: https://img.shields.io/pypi/v/jsonschema-specifications.svg
+    :alt: PyPI version
+    :target: https://pypi.org/project/jsonschema-specifications/
+
+  .. |Pythons| image:: https://img.shields.io/pypi/pyversions/jsonschema-specifications.svg
+    :alt: Supported Python versions
+    :target: https://pypi.org/project/jsonschema-specifications/
+
+  .. |CI| image:: https://github.com/python-jsonschema/jsonschema-specifications/workflows/CI/badge.svg
+    :alt: Build status
+    :target: https://github.com/python-jsonschema/jsonschema-specifications/actions?query=workflow%3ACI
+
+  .. |ReadTheDocs| image:: https://readthedocs.org/projects/jsonschema-specifications/badge/?version=stable&style=flat
+    :alt: ReadTheDocs status
+    :target: https://jsonschema-specifications.readthedocs.io/en/stable/
+package_url: pkg:pypi/jsonschema-specifications@2025.9.1
+license_expression: mit
+copyright: Copyright jsonschema-specifications project contributors
+attribute: yes
+checksum_md5: 3bc19f16b4b7bf78e337a39664d3d7ac
+licenses:
+  - key: mit
+    name: MIT License
+    file: mit.LICENSE
diff --git a/thirdparty/dist/pydantic_core-2.41.5.tar.gz.ABOUT b/thirdparty/dist/pydantic_core-2.41.5.tar.gz.ABOUT
@@ -0,0 +1,159 @@
+about_resource: pydantic_core-2.41.5.tar.gz
+name: pydantic-core
+version: 2.41.5
+download_url: https://files.pythonhosted.org/packages/71/70/23b021c950c2addd24ec408e9ab05d59b035b39d97cdc1130e1bce647bb6/pydantic_core-2.41.5.tar.gz
+description: |
+  Core functionality for Pydantic validation and serialization
+  # pydantic-core
+
+  [![CI](https://github.com/pydantic/pydantic-core/workflows/ci/badge.svg?event=push)](https://github.com/pydantic/pydantic-core/actions?query=event%3Apush+branch%3Amain+workflow%3Aci)
+  [![Coverage](https://codecov.io/gh/pydantic/pydantic-core/branch/main/graph/badge.svg)](https://codecov.io/gh/pydantic/pydantic-core)
+  [![pypi](https://img.shields.io/pypi/v/pydantic-core.svg)](https://pypi.python.org/pypi/pydantic-core)
+  [![versions](https://img.shields.io/pypi/pyversions/pydantic-core.svg)](https://github.com/pydantic/pydantic-core)
+  [![license](https://img.shields.io/github/license/pydantic/pydantic-core.svg)](https://github.com/pydantic/pydantic-core/blob/main/LICENSE)
+
+  This package provides the core functionality for [pydantic](https://docs.pydantic.dev) validation and serialization.
+
+  Pydantic-core is currently around 17x faster than pydantic V1.
+  See [`tests/benchmarks/`](./tests/benchmarks/) for details.
+
+  ## Example of direct usage
+
+  _NOTE: You should not need to use pydantic-core directly; instead, use pydantic, which in turn uses pydantic-core._
+
+  ```py
+  from pydantic_core import SchemaValidator, ValidationError
+
+
+  v = SchemaValidator(
+      {
+          'type': 'typed-dict',
+          'fields': {
+              'name': {
+                  'type': 'typed-dict-field',
+                  'schema': {
+                      'type': 'str',
+                  },
+              },
+              'age': {
+                  'type': 'typed-dict-field',
+                  'schema': {
+                      'type': 'int',
+                      'ge': 18,
+                  },
+              },
+              'is_developer': {
+                  'type': 'typed-dict-field',
+                  'schema': {
+                      'type': 'default',
+                      'schema': {'type': 'bool'},
+                      'default': True,
+                  },
+              },
+          },
+      }
+  )
+
+  r1 = v.validate_python({'name': 'Samuel', 'age': 35})
+  assert r1 == {'name': 'Samuel', 'age': 35, 'is_developer': True}
+
+  # pydantic-core can also validate JSON directly
+  r2 = v.validate_json('{"name": "Samuel", "age": 35}')
+  assert r1 == r2
+
+  try:
+      v.validate_python({'name': 'Samuel', 'age': 11})
+  except ValidationError as e:
+      print(e)
+      """
+      1 validation error for model
+      age
+        Input should be greater than or equal to 18
+        [type=greater_than_equal, context={ge: 18}, input_value=11, input_type=int]
+      """
+  ```
+
+  ## Getting Started
+
+  ### Prerequisites
+
+  You'll need:
+  1. **[Rust](https://rustup.rs/)** - Rust stable (or nightly for coverage)
+  2. **[uv](https://docs.astral.sh/uv/getting-started/installation/)** - Fast Python package manager (will install Python 3.9+ automatically)
+  3. **[git](https://git-scm.com/)** - For version control
+  4. **[make](https://www.gnu.org/software/make/)** - For running development commands (or use `nmake` on Windows)
+
+  ### Quick Start
+
+  ```bash
+  # Clone the repository (or from your fork)
+  git clone git@github.com:pydantic/pydantic-core.git
+  cd pydantic-core
+
+  # Install all dependencies using uv, setup pre-commit hooks, and build the development version
+  make install
+  ```
+
+  Verify your installation by running:
+
+  ```bash
+  make
+  ```
+
+  This runs a full development cycle: formatting, building, linting, and testing
+
+  ### Development Commands
+
+  Run `make help` to see all available commands, or use these common ones:
+
+  ```bash
+  make build-dev    # to build the package during development
+  make build-prod   # to perform an optimised build for benchmarking
+  make test         # to run the tests
+  make testcov      # to run the tests and generate a coverage report
+  make lint         # to run the linter
+  make format       # to format python and rust code
+  make all          # to run to run build-dev + format + lint + test
+  ```
+
+  ### Useful Resources
+
+  * [`python/pydantic_core/_pydantic_core.pyi`](./python/pydantic_core/_pydantic_core.pyi) - Python API types
+  * [`python/pydantic_core/core_schema.py`](./python/pydantic_core/core_schema.py) - Core schema definitions
+  * [`tests/`](./tests) - Comprehensive usage examples
+
+  ## Profiling
+
+  It's possible to profile the code using the [`flamegraph` utility from `flamegraph-rs`](https://github.com/flamegraph-rs/flamegraph). (Tested on Linux.) You can install this with `cargo install flamegraph`.
+
+  Run `make build-profiling` to install a release build with debugging symbols included (needed for profiling).
+
+  Once that is built, you can profile pytest benchmarks with (e.g.):
+
+  ```bash
+  flamegraph -- pytest tests/benchmarks/test_micro_benchmarks.py -k test_list_of_ints_core_py --benchmark-enable
+  ```
+  The `flamegraph` command will produce an interactive SVG at `flamegraph.svg`.
+
+  ## Releasing
+
+  1. Bump package version locally. Do not just edit `Cargo.toml` on Github, you need both `Cargo.toml` and `Cargo.lock` to be updated.
+  2. Make a PR for the version bump and merge it.
+  3. Go to https://github.com/pydantic/pydantic-core/releases and click "Draft a new release"
+  4. In the "Choose a tag" dropdown enter the new tag `v<the.new.version>` and select "Create new tag on publish" when the option appears.
+  5. Enter the release title in the form "v<the.new.version> <YYYY-MM-DD>"
+  6. Click Generate release notes button
+  7. Click Publish release
+  8. Go to https://github.com/pydantic/pydantic-core/actions and ensure that all build for release are done successfully.
+  9. Go to https://pypi.org/project/pydantic-core/ and ensure that the latest release is published.
+  10. Done 🎉
+homepage_url: https://github.com/pydantic/pydantic-core
+package_url: pkg:pypi/pydantic-core@2.41.5
+license_expression: mit
+copyright: Copyright Samuel Colvin
+attribute: yes
+checksum_md5: 54a367c4549ec48a8b3a63d38e821506
+licenses:
+  - key: mit
+    name: MIT License
+    file: mit.LICENSE
diff --git a/thirdparty/dist/typing_inspection-0.4.2-py3-none-any.whl.ABOUT b/thirdparty/dist/typing_inspection-0.4.2-py3-none-any.whl.ABOUT
@@ -0,0 +1,38 @@
+about_resource: typing_inspection-0.4.2-py3-none-any.whl
+name: typing-inspection
+version: 0.4.2
+download_url: https://files.pythonhosted.org/packages/dc/9b/47798a6c91d8bdb567fe2698fe81e0c6b7cb7ef4d13da4114b41d239f65d/typing_inspection-0.4.2-py3-none-any.whl
+description: |
+  Runtime typing introspection tools
+  # typing-inspection
+
+  [![CI](https://img.shields.io/github/actions/workflow/status/pydantic/typing-inspection/ci.yml?branch=main&logo=github&label=CI)](https://github.com/pydantic/typing-inspection/actions?query=event%3Apush+branch%3Amain+workflow%3ACI)
+  [![Coverage](https://coverage-badge.samuelcolvin.workers.dev/pydantic/typing-inspection.svg)](https://coverage-badge.samuelcolvin.workers.dev/redirect/pydantic/typing-inspection)
+  [![PyPI](https://img.shields.io/pypi/v/typing-inspection.svg)](https://pypi.org/project/typing-inspection/)
+  [![Versions](https://img.shields.io/pypi/pyversions/typing-inspection.svg)](https://github.com/pydantic/typing-inspection)
+  [![License](https://img.shields.io/github/license/pydantic/typing-inspection.svg)](https://github.com/pydantic/typing-inspection/blob/main/LICENSE)
+  [![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+
+  `typing-inspection` provides tools to inspect type annotations at runtime.
+
+  ## Installation
+
+  From [PyPI](https://pypi.org/project/typing-inspection/):
+
+  ```bash
+  pip install typing-inspection
+  ```
+
+  The library can be imported from the `typing_inspection` module.
+package_url: pkg:pypi/typing-inspection@0.4.2
+license_expression: mit AND unknown-license-reference
+copyright: Copyright typing-inspection project contributors
+attribute: yes
+checksum_md5: 245304d58de21f4f0bdd15f7ea4b0ea8
+licenses:
+  - key: mit
+    name: MIT License
+    file: mit.LICENSE
+  - key: unknown-license-reference
+    name: Unknown License file reference
+    file: unknown-license-reference.LICENSE