build(deps): update c2cwsgiutils requirement from <5,>=4.0 to >=4.0,<7

[dependabot]

Updates the requirements on c2cwsgiutils to permit the latest version.

Release notes

Sourced from c2cwsgiutils's releases.

6.0.8 (2024-04-11)

New feature

• #2211 Get the background color from the generated image (@​sbrunner)
• #2210 Add a little sleep to avoid duplicated result (@​sbrunner)

Fixed bugs

• #2103 Fix TypeError: 'NoneType' object is not iterable (@​sbrunner)

Security fixes

• #2208 Snyk auto fix (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• #2144 Fix CVE (@​sbrunner)
• #2116 Snyk auto fix (@​c2c-bot-gis-ci)
• #2106 Snyk auto fix (@​c2c-bot-gis-ci)

Dependency update

• #2195 Update CI dependencies to v1.6.18 (6.0) (patch) (@​renovate[bot])
• #2129 Update CI dependencies (6.0) (@​renovate[bot])
• #2130 Update dependency types-requests to v2.31.0.20240125 (6.0) (@​renovate[bot])
• #2177 Update CI dependencies to v1.6.17 (6.0) (patch) (@​renovate[bot])
• #2160 Update dependency pyjson5 to v1.6.6 (6.0) (@​renovate[bot])
• #2196 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #2159 Update all patch versions (6.0) (patch) (@​renovate[bot])
• #2138 Update CI dependencies to v1.6.16 (6.0) (@​renovate[bot])

Chore

Changes that shouldn't affect the users like continuous integration updates

• #2190 Update dpkg package versions (@​c2c-bot-gis-ci-2, @​c2c-bot-gis-ci)
• fd4113e63e8b14b5643e288fbe168629fdad6d3e Merge pull request #2105 from camptocamp/dpkg-update/6.0 (@​sbrunner)

... (truncated)

Changelog

Sourced from c2cwsgiutils's changelog.

Changelog

Release 6.1

• The handlers in the .ini files don't support args anymore. You must use kwargs arguments. Example args = (sys.stdout,) becomes kwargs = {'stream': 'ext://sys.stdout'}.
• SqlAlchemy logger must now be instantiated by your app's main method and not by your .ini file. Read the example in the sqlalchemylogger folder.

Release 6.0

• The stats will not anymore be published on StatsD, use Prometheus client instead.
• The C2C_REDIS_URL will not be prefixed by redis:// anymore, it will be used as is.

Release 5.2

• c2cwsgiutils_run is completely removes (not used from 5.0).

Release 5.1

• setup_process.init initialize all non-wsgi features in a similar way as the pyramid.includeme function.
• Restore the C2CWSGIUTILS_CONFIG environment variable, you can still use the standard way to specify the config file (with the argument --paste of Gunicorn, or the config_uri argument or pserve prefixed by c2c://).
• Move back the logging configuration to production.ini. It will be read from gunicorn.conf.py at startup.
• Remove the development.ini file to simplify the default application template; restore production.ini has the default configuration file.
• When the auth_type is GitHub the is_auth and the has_access can return different values, the is_auth will just check the authentication on GitHub succeed, has_access also check that the user has the desired rights.
• The base image is now Ubuntu 22.04.
• The install-docker and install-gdal are removed.
• It is recommended to use OAuth2 with GitHub login instead of the C2C_SECRET because it protects from brute force attacks and the access grant is personal and can be revoked.

Release 5.0

• Remove the script c2cwsgiutils-run.

• The Pyramid initializing module functions are renamed from init to includeme.

• Remove the environment variable GUNICORN_PARAMS we will use the standard one GUNICORN_CMD_ARGS.

• Remove the C2CWSGIUTILS_CONFIG environment variable, we should use the standard way to specify the config file (with the argument --paste of Gunicorn, or the config_uri argument or pserve prefixed by c2c://).

• Filters like sentry, profiler, client_info will not be added automatically anymore, you should add the following lines in your project development.ini:

  [pipeline:main]
  pipeline = egg:c2cwsgiutils#client_info egg:c2cwsgiutils#profiler egg:c2cwsgiutils#sentry app

  and in your production.ini:

... (truncated)

Commits

• 2f6b7b8 Update dpkg package versions (#2214)
• f50825c Merge pull request #2211 from camptocamp/use-background-color
• 5311927 Get the background color from the generated image
• 8703eeb Merge pull request #2210 from camptocamp/add-timeout
• 729fce2 Add a little sleep to avoid duplicated result
• 48f4ca6 Update dpkg package versions (#2190)
• 1deb8a9 Snyk auto fix (#2208)
• 4d5f3a6 Update all patch versions
• eb3ccdb Update CI dependencies to v1.6.18
• fe4d22d Merge pull request #2189 from camptocamp/dpkg-update/6.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)