merge fix

.github/workflows/main.yml

@@ -74,12 +74,15 @@ jobs:
       - name: Running REST API tests
         env:
           API_ABOUT_PAGE: "localhost:8080/api/server/about"
+          # Access key length should be at least 3, and secret key length at least 8 characters
+          MINIO_ACCESS_KEY: "minio_access_key"
+          MINIO_SECRET_KEY: "minio_secret_key"
         run: |
-          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml -f components/analytics/docker-compose.analytics.yml up -d
+          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml -f components/analytics/docker-compose.analytics.yml -f tests/rest_api/docker-compose.minio.yml up -d
           /bin/bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' ${API_ABOUT_PAGE})" != "401" ]]; do sleep 5; done'
           pip3 install --user -r tests/rest_api/requirements.txt
           pytest tests/rest_api/
-          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml -f components/analytics/docker-compose.analytics.yml down -v
+          docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f components/serverless/docker-compose.serverless.yml -f components/analytics/docker-compose.analytics.yml -f tests/rest_api/docker-compose.minio.yml down -v
       - name: Running unit tests
         env:
           HOST_COVERAGE_DATA_DIR: ${{ github.workspace }}

.vscode/settings.json

@@ -18,13 +18,9 @@
         }
     ],
     "npm.exclude": "**/.env/**",
-    "python.linting.enabled": true,
-    "python.linting.pylintEnabled": true,
-    "python.linting.pycodestyleEnabled": false,
     "licenser.license": "Custom",
     "licenser.customHeader": "Copyright (C) @YEAR@ Intel Corporation\n\nSPDX-License-Identifier: MIT",
     "files.trimTrailingWhitespace": true,
-    "python.pythonPath": ".env/bin/python",
     "sqltools.connections": [
         {
             "previewLimit": 50,
@@ -33,9 +29,15 @@
             "database": "${workspaceFolder:cvat}/db.sqlite3"
         }
     ],
+    "python.defaultInterpreterPath": "${workspaceFolder}/.env/",
+    "python.linting.enabled": true,
+    "python.linting.pylintEnabled": true,
+    "python.linting.pycodestyleEnabled": false,
     "python.testing.pytestArgs": [
-        "tests"
+        "--rootdir","${workspaceFolder}/tests/"
     ],
     "python.testing.unittestEnabled": false,
-    "python.testing.pytestEnabled": true
+    "python.testing.pytestEnabled": true,
+    "python.testing.pytestPath": "${workspaceFolder}/.env/bin/pytest",
+    "python.testing.cwd": "${workspaceFolder}/tests"
 }

CHANGELOG.md

@@ -5,9 +5,49 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## \[2.0.0] - Unreleased
+## \[2.2.0] - Unreleased
 ### Added
-- Handle attributes comming from nuclio detectors (<https://github.com/openvinotoolkit/cvat/pull/3917>)
+- TDB
+
+### Changed
+- TDB
+
+### Deprecated
+- TDB
+
+### Removed
+- TDB
+
+### Fixed
+- Revert Open3D to 0.11.2 to prevent depencency conflicts (<https://github.com/openvinotoolkit/cvat/pull/4639>)
+
+### Security
+- TDB
+
+## \[2.1.0] - 2022-04-08
+### Added
+- Task annotations importing via chunk uploads (<https://github.com/openvinotoolkit/cvat/pull/4327>)
+- Advanced filtration and sorting for a list of tasks/projects/cloudstorages (<https://github.com/openvinotoolkit/cvat/pull/4403>)
+- Project dataset importing via chunk uploads (<https://github.com/openvinotoolkit/cvat/pull/4485>)
+- Support paginated list for job commits (<https://github.com/openvinotoolkit/cvat/pull/4482>)
+
+### Changed
+- Added missing geos dependency into Dockerfile (<https://github.com/openvinotoolkit/cvat/pull/4451>)
+- Improved helm chart readme (<https://github.com/openvinotoolkit/cvat/pull/4366>)
+- Added helm chart support for CVAT 2.X and made ingress compatible with Kubernetes >=1.22 (<https://github.com/openvinotoolkit/cvat/pull/4448>)
+
+### Fixed
+- Permission error occured when accessing the JobCommits (<https://github.com/openvinotoolkit/cvat/pull/4435>)
+- job assignee can remove or update any issue created by the task owner (<https://github.com/openvinotoolkit/cvat/pull/4436>)
+- Bug: Incorrect point deletion with keyboard shortcut (<https://github.com/openvinotoolkit/cvat/pull/4420>)
+- some AI Tools were not sending responses properly (<https://github.com/openvinotoolkit/cvat/issues/4432>)
+- Unable to upload annotations (<https://github.com/openvinotoolkit/cvat/pull/4513>)
+- Fix build dependencies for Siammask (<https://github.com/openvinotoolkit/cvat/pull/4486>)
+- Bug: Exif orientation information handled incorrectly (<https://github.com/openvinotoolkit/cvat/pull/4529>)
+
+## \[2.0.0] - 2022-03-04
+### Added
+- Handle attributes coming from nuclio detectors (<https://github.com/openvinotoolkit/cvat/pull/3917>)
 - Add additional environment variables for Nuclio configuration (<https://github.com/openvinotoolkit/cvat/pull/3894>)
 - Add KITTI segmentation and detection format (<https://github.com/openvinotoolkit/cvat/pull/3757>)
 - Add LFW format (<https://github.com/openvinotoolkit/cvat/pull/3770>)
@@ -16,7 +56,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Rotated bounding boxes (<https://github.com/openvinotoolkit/cvat/pull/3832>)
 - Player option: Smooth image when zoom-in, enabled by default (<https://github.com/openvinotoolkit/cvat/pull/3933>)
 - Google Cloud Storage support in UI (<https://github.com/openvinotoolkit/cvat/pull/3919>)
-- Add project tasks paginations (<https://github.com/openvinotoolkit/cvat/pull/3910>)
+- Add project tasks pagination (<https://github.com/openvinotoolkit/cvat/pull/3910>)
 - Add remove issue button (<https://github.com/openvinotoolkit/cvat/pull/3952>)
 - Data sorting option (<https://github.com/openvinotoolkit/cvat/pull/3937>)
 - Options to change font size & position of text labels on the canvas (<https://github.com/openvinotoolkit/cvat/pull/3972>)
@@ -39,11 +79,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Advanced filtration and sorting for a list of jobs (<https://github.com/openvinotoolkit/cvat/pull/4319>)
 
 ### Changed
-- Users don't have access to a task object anymore if they are assigneed only on some jobs of the task (<https://github.com/openvinotoolkit/cvat/pull/3788>)
+- Users don't have access to a task object anymore if they are assigned only on some jobs of the task (<https://github.com/openvinotoolkit/cvat/pull/3788>)
 - Different resources (tasks, projects) are not visible anymore for all CVAT instance users by default (<https://github.com/openvinotoolkit/cvat/pull/3788>)
 - API versioning scheme: using accept header versioning instead of namespace versioning (<https://github.com/openvinotoolkit/cvat/pull/4239>)
 - Replaced 'django_sendfile' with 'django_sendfile2' (<https://github.com/openvinotoolkit/cvat/pull/4267>)
 - Use drf-spectacular instead of drf-yasg for swagger documentation (<https://github.com/openvinotoolkit/cvat/pull/4210>)
+- Update development-environment manual to work under MacOS, supported Mac with Apple Silicon (<https://github.com/openvinotoolkit/cvat/pull/4414>)
 
 ### Deprecated
 - Job field "status" is not used in UI anymore, but it has not been removed from the database yet (<https://github.com/openvinotoolkit/cvat/pull/3788>)
@@ -78,9 +119,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Annotations search does not work correctly in some corner cases (when use complex properties with width, height) (<https://github.com/openvinotoolkit/cvat/pull/4198>)
 - Kibana requests are not proxied due to django-revproxy incompatibility with Django >3.2.x (<https://github.com/openvinotoolkit/cvat/issues/4085>)
 - Content type for getting frame with tasks/{id}/data/ endpoint (<https://github.com/openvinotoolkit/cvat/pull/4333>)
+- Bug: Permission error occured when accessing the comments of a specific issue (<https://github.com/openvinotoolkit/cvat/issues/4416>)
+
 
 ### Security
 - Updated ELK to 6.8.23 which uses log4j 2.17.1 (<https://github.com/openvinotoolkit/cvat/pull/4206>)
+- Added validation for URLs which used as remote data source (<https://github.com/openvinotoolkit/cvat/pull/4387>)
 
 ## \[1.7.0] - 2021-11-15
 

Dockerfile

@@ -11,6 +11,7 @@ RUN apt-get update && \
         apache2-dev \
         build-essential \
         curl \
+        libgeos-dev \
         libldap2-dev \
         libsasl2-dev \
         nasm \
@@ -76,6 +77,7 @@ RUN apt-get update && \
         apache2 \
         ca-certificates \
         libapache2-mod-xsendfile \
+        libgeos-dev \
         libgomp1 \
         libgl1 \
         supervisor \

README.md

@@ -124,6 +124,10 @@ Prebuilt docker images for CVAT releases are available on Docker Hub:
 - [cvat_server](https://hub.docker.com/r/openvino/cvat_server)
 - [cvat_ui](https://hub.docker.com/r/openvino/cvat_ui)
 
+## REST API
+The current REST API version is `2.0-alpha`. We focus on its improvement and therefore
+REST API may be changed in the next release.
+
 ## LICENSE
 
 Code released under the [MIT License](https://opensource.org/licenses/MIT).
@@ -140,6 +144,13 @@ connection with your use of FFmpeg.
 
 ## Partners
 
+- [ATLANTIS](https://github.com/smhassanerfani/atlantis) is an open-source dataset for semantic segmentation 
+  of waterbody images, depevoped by [iWERS](http://ce.sc.edu/iwers/) group in the 
+  Department of Civil and Environmental Engineering at University of South Carolina, using CVAT.
+  For developing a semantic segmentation dataset using CVAT, please check
+  [ATLANTIS published article](https://www.sciencedirect.com/science/article/pii/S1364815222000391),
+  [ATLANTIS Development Kit](https://github.com/smhassanerfani/atlantis/tree/master/adk) 
+  and [annotation tutorial videos](https://www.youtube.com/playlist?list=PLIfLGY-zZChS5trt7Lc3MfNhab7OWl2BR).
 - [Onepanel](https://github.com/onepanelio/core) is an open source
   vision AI platform that fully integrates CVAT with scalable data processing
   and parallelized training pipelines.

SECURITY.md

@@ -0,0 +1,48 @@
+# Security Policy
+
+## Supported Versions
+
+At the moment only the latest release is supported. When you report a security issue,
+be sure it can be reproduced in the supported version.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 2.0.0   | :white_check_mark: |
+| <2.0.0  | :x:                |
+
+## Reporting a Vulnerability
+
+If you have information about a security issue or vulnerability in the product, please
+send an e-mail to [[email protected]](mailto:[email protected]). Encrypt sensitive information
+using our PGP public key.
+
+Please provide as much information as possible, including:
+
+- The products and versions affected
+- Detailed description of the vulnerability
+- Information on known exploits
+- A member of the Intel Product Security Team will review your e-mail and contact you to
+  collaborate on resolving the issue.
+
+For more information on how Intel works to resolve security issues, see:
+[Vulnerability handling guidelines](<https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html>)
+
+## Intel® Bug Bounty Program
+
+Intel Corporation believes that working with skilled security researchers across the globe
+is a crucial part of identifying and mitigating security vulnerabilities in Intel products.
+
+Like other major technology companies, Intel incentivizes security researchers to report
+security vulnerabilities in Intel products to us to enable a coordinated response. To
+encourage closer collaboration with the security research community on these kinds of issues,
+Intel created its Bug Bounty Program.
+
+If you believe you've found a security vulnerability in an Intel product or technology, we
+encourage you to notify us through our program and work with us to mitigate and to coordinate
+disclosure of the vulnerability.
+
+[Intel® Bug Bounty Program Terms](<https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html>)
+
+Watch this video, [So You Found a Vulnerability](<https://www.intel.com/content/www/us/en/security-center/so-you-found-a-vulnerability.html>),
+to find out what you can expect when participating in the Intel® Bug Bounty Program.
+

cvat-canvas/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cvat-canvas",
-  "version": "2.13.1",
+  "version": "2.13.2",
   "description": "Part of Computer Vision Annotation Tool which presents its canvas library",
   "main": "src/canvas.ts",
   "scripts": {

cvat-canvas/src/typescript/canvasView.ts

@@ -792,6 +792,13 @@ export class CanvasViewImpl implements CanvasView, Listener {
                 );
 
                 if (['polygon', 'polyline', 'points'].includes(state.shapeType)) {
+                    if (state.shapeType === 'points' && (e.altKey || e.ctrlKey)) {
+                        const selectedClientID = +((e.target as HTMLElement).parentElement as HTMLElement).getAttribute('clientID');
+
+                        if (state.clientID !== selectedClientID) {
+                            return;
+                        }
+                    }
                     if (e.altKey) {
                         const { points } = state;
                         this.onEditDone(state, points.slice(0, pointID * 2).concat(points.slice(pointID * 2 + 2)));
@@ -860,6 +867,8 @@ export class CanvasViewImpl implements CanvasView, Listener {
 
         if (value) {
             const getGeometry = (): Geometry => this.geometry;
+            const getController = (): CanvasController => this.controller;
+            const getActiveElement = (): ActiveElement => this.activeElement;
             (shape as any).selectize(value, {
                 deepSelect: true,
                 pointSize: (2 * consts.BASE_POINT_SIZE) / this.geometry.scale,
@@ -875,7 +884,20 @@ export class CanvasViewImpl implements CanvasView, Listener {
                             'stroke-width': consts.POINTS_STROKE_WIDTH / getGeometry().scale,
                         });
 
-                    circle.on('mouseenter', (): void => {
+                    circle.on('mouseenter', (e: MouseEvent): void => {
+                        const activeElement = getActiveElement();
+                        if (activeElement !== null && (e.altKey || e.ctrlKey)) {
+                            const [state] = getController().objects.filter(
+                                (_state: any): boolean => _state.clientID === activeElement.clientID,
+                            );
+                            if (state?.shapeType === 'points') {
+                                const selectedClientID = +((e.target as HTMLElement).parentElement as HTMLElement).getAttribute('clientID');
+                                if (state.clientID !== selectedClientID) {
+                                    return;
+                                }
+                            }
+                        }
+
                         circle.attr({
                             'stroke-width': consts.POINTS_SELECTED_STROKE_WIDTH / getGeometry().scale,
                         });