From 15ef53b0b1757b14272c019fbed8405d9af39aa8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 26 Sep 2023 14:47:37 +0000
Subject: [PATCH 1/7] Bump dev-drprasad/delete-tag-and-release from 0.2.0 to
 1.0.1

Bumps [dev-drprasad/delete-tag-and-release](https://github.com/dev-drprasad/delete-tag-and-release) from 0.2.0 to 1.0.1.
- [Release notes](https://github.com/dev-drprasad/delete-tag-and-release/releases)
- [Commits](https://github.com/dev-drprasad/delete-tag-and-release/compare/v0.2.0...v1.0.1)

---
updated-dependencies:
- dependency-name: dev-drprasad/delete-tag-and-release
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build-and-release.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-release.yaml b/.github/workflows/build-and-release.yaml
index eb7796c..89fe9a9 100644
--- a/.github/workflows/build-and-release.yaml
+++ b/.github/workflows/build-and-release.yaml
@@ -213,7 +213,7 @@ jobs:
 
     steps:
       - name: Remove release and tag
-        uses: dev-drprasad/delete-tag-and-release@v0.2.0
+        uses: dev-drprasad/delete-tag-and-release@v1.0.1
         with:
           tag_name: ${{ github.ref_name }}
           delete_release: true

From c68f496917896379ad2ae7d01ef91f6b9908b267 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 26 Sep 2023 14:47:41 +0000
Subject: [PATCH 2/7] Bump actions/deploy-pages from 1 to 2

Bumps [actions/deploy-pages](https://github.com/actions/deploy-pages) from 1 to 2.
- [Release notes](https://github.com/actions/deploy-pages/releases)
- [Commits](https://github.com/actions/deploy-pages/compare/v1...v2)

---
updated-dependencies:
- dependency-name: actions/deploy-pages
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build-docs.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml
index 459496b..5cc7a85 100644
--- a/.github/workflows/build-docs.yaml
+++ b/.github/workflows/build-docs.yaml
@@ -64,4 +64,4 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v1
+        uses: actions/deploy-pages@v2

From 117c82037d6ac712789e08e577bfe12f55af6e68 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 26 Sep 2023 14:47:46 +0000
Subject: [PATCH 3/7] Bump actions/checkout from 3 to 4

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build-and-release.yaml | 6 +++---
 .github/workflows/build-docs.yaml        | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build-and-release.yaml b/.github/workflows/build-and-release.yaml
index eb7796c..6fb7fd7 100644
--- a/.github/workflows/build-and-release.yaml
+++ b/.github/workflows/build-and-release.yaml
@@ -16,7 +16,7 @@ jobs:
       job_status: ${{ job.status }}
     steps:
       - name: Checkout project
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Create Release
         id: create_release
@@ -49,7 +49,7 @@ jobs:
 
     steps:
       - name: Checkout project
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup python
         uses: actions/setup-python@v4
@@ -164,7 +164,7 @@ jobs:
     steps:
 
       - name: Checkout project on gh-pages
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: 'gh-pages'
           token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml
index 459496b..1798eed 100644
--- a/.github/workflows/build-docs.yaml
+++ b/.github/workflows/build-docs.yaml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout project
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: 'gh-pages'
           token: ${{ secrets.GITHUB_TOKEN }}

From aa41ba432cc60f69ccfc2c6d6972bbc846478a60 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Mon, 2 Oct 2023 16:54:59 +0000
Subject: [PATCH 4/7] =?UTF-8?q?[pre-commit.ci]=20Mise=20=C3=A0=20jour=20de?=
 =?UTF-8?q?s=20git=20hooks.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

updates:
- [github.com/astral-sh/ruff-pre-commit: v0.0.281 → v0.0.291](https://github.com/astral-sh/ruff-pre-commit/compare/v0.0.281...v0.0.291)
- [github.com/psf/black: 23.3.0 → 23.9.1](https://github.com/psf/black/compare/23.3.0...23.9.1)
- [github.com/asottile/pyupgrade: v3.3.1 → v3.13.0](https://github.com/asottile/pyupgrade/compare/v3.3.1...v3.13.0)
---
 .pre-commit-config.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 5bc54ba..f32290e 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -22,13 +22,13 @@ repos:
         args: [--markdown-linebreak-ext=md]
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: "v0.0.281"
+    rev: "v0.0.291"
     hooks:
       - id: ruff
         args: ["--fix-only", "--target-version=py38"]
 
   - repo: https://github.com/psf/black
-    rev: 23.3.0
+    rev: 23.9.1
     hooks:
       - id: black
         args: ["--target-version=py38"]
@@ -40,7 +40,7 @@ repos:
         args: ["--profile", "black", "--filter-files"]
 
   - repo: https://github.com/asottile/pyupgrade
-    rev: v3.3.1
+    rev: v3.13.0
     hooks:
       - id: pyupgrade
         args:

From ac5576c00cd079a53ba5b30ca8a97934c5019740 Mon Sep 17 00:00:00 2001
From: Theo Satabin <theo.satabin@ign.fr>
Date: Mon, 9 Oct 2023 13:30:12 +0200
Subject: [PATCH 5/7] =?UTF-8?q?Configurabilit=C3=A9=20du=20cache=20de=20le?=
 =?UTF-8?q?cture?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

### [Added]

* `storage` : le cache de lecture est configurable en taille (avec ROK4_READING_LRU_CACHE_SIZE) et en temps de rétention (avec ROK4_READING_LRU_CACHE_TTL)
---
 src/rok4/storage.py | 35 ++++++++++++++++++++++++++++++++---
 1 file changed, 32 insertions(+), 3 deletions(-)

diff --git a/src/rok4/storage.py b/src/rok4/storage.py
index fc7a775..d0b9c70 100644
--- a/src/rok4/storage.py
+++ b/src/rok4/storage.py
@@ -9,6 +9,12 @@
 
 According to functions, all storage types are not necessarily available.
 
+Readings uses a LRU cache system with a TTL. It's possible to configure it with environment variables :
+- ROK4_READING_LRU_CACHE_SIZE : Number of cached element. Default 64. Set 0 or a negative integer to configure a cache without bound. A power of two make cache more efficient.
+- ROK4_READING_LRU_CACHE_TTL : Validity duration of cached element, in seconds. Default 300. 0 or negative integer to disable time validity.
+
+To disable cache, set ROK4_READING_LRU_CACHE_SIZE to 1 and ROK4_READING_LRU_CACHE_TTL to 0.
+
 Using CEPH storage requires environment variables :
 - ROK4_CEPH_CONFFILE
 - ROK4_CEPH_USERNAME
@@ -69,10 +75,33 @@
 __S3_CLIENTS = {}
 __S3_DEFAULT_CLIENT = None
 
+__LRU_SIZE = 64
+__LRU_TTL = 300
+
+try:
+    __LRU_SIZE = int(os.environ["ROK4_READING_LRU_CACHE_SIZE"])
+    if __LRU_SIZE < 1:
+        __LRU_SIZE = None
+except ValueError:
+    pass
+except KeyError:
+    pass
+
+try:
+    __LRU_TTL = int(os.environ["ROK4_READING_LRU_CACHE_TTL"])
+    if __LRU_TTL < 0:
+        __LRU_TTL = 0
+except ValueError:
+    pass
+except KeyError:
+    pass
 
 def __get_ttl_hash():
-    """Return the same value withing 5 minutes time period"""
-    return round(time.time() / 300)
+    """Return the time string rounded according to time-to-live value"""
+    if __LRU_TTL == 0:
+        return time.time()
+    else:
+        return round(time.time() / __LRU_TTL)
 
 
 def __get_s3_client(bucket_name: str) -> Tuple[Dict[str, Union["boto3.client", str]], str, str]:
@@ -294,7 +323,7 @@ def get_data_str(path: str) -> str:
     return get_data_binary(path).decode("utf-8")
 
 
-@lru_cache(maxsize=50)
+@lru_cache(maxsize=__LRU_SIZE)
 def __get_cached_data_binary(path: str, ttl_hash: int, range: Tuple[int, int] = None) -> str:
     """Load data into a binary string, using a LRU cache
 

From 8a5dc1b17ddc2678c4f82464727a900cf9acffe1 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Mon, 9 Oct 2023 12:26:41 +0000
Subject: [PATCH 6/7] =?UTF-8?q?[pre-commit.ci]=20Corrections=20automatique?=
 =?UTF-8?q?s=20appliqu=C3=A9es=20par=20les=20git=20hooks.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/rok4/storage.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/rok4/storage.py b/src/rok4/storage.py
index d0b9c70..a3c6975 100644
--- a/src/rok4/storage.py
+++ b/src/rok4/storage.py
@@ -96,6 +96,7 @@
 except KeyError:
     pass
 
+
 def __get_ttl_hash():
     """Return the time string rounded according to time-to-live value"""
     if __LRU_TTL == 0:

From 37167a0e42e85a6c00f3fd048792406f78644cc1 Mon Sep 17 00:00:00 2001
From: Theo Satabin <theo.satabin@ign.fr>
Date: Mon, 9 Oct 2023 14:38:37 +0200
Subject: [PATCH 7/7] =?UTF-8?q?Compl=C3=A9tion=20du=20changelog=20pour=20l?=
 =?UTF-8?q?a=202.0.1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/dependabot.yml |  2 ++
 CHANGELOG.md           | 10 ++++++++++
 2 files changed, 12 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 9327b14..867bf21 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -2,6 +2,7 @@ version: 2
 updates:
   - package-ecosystem: pip
     directory: "/"
+    target-branch: develop
     schedule:
       interval: monthly
       time: "17:00"
@@ -11,6 +12,7 @@ updates:
 
   - package-ecosystem: "github-actions"
     directory: "/"
+    target-branch: develop
     schedule:
       interval: monthly
       time: "22:00"
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 59c51ed..31e31a0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 2.0.1
+
+### [Added]
+
+* `storage` : le cache de lecture est configurable en taille (avec ROK4_READING_LRU_CACHE_SIZE) et en temps de rétention (avec ROK4_READING_LRU_CACHE_TTL)
+
+### [Security]
+
+* Montée de version de pillow (faille de sécurité liée à libwebp)
+
 ## 2.0.0
 
 ### [Fixed]