{"name": "LeafEngines Agricultural Intelligence", "package_name": "qgis_leafengines", "version": "1.0.10", "experimental": true, "qgis_min": "4.0.0", "qgis_max": "4.99.0", "downloads": 41, "uploaded_by": "sumer54", "upload_datetime": "2026-06-30T01:24:27.487461", "changelog": "1.0.10 - Eliminated xml.etree.ElementTree entirely\r\n* Removed all XML parsing from wfs_connection.py\r\n* get_feature_types() now returns hardcoded [FEATURE_TYPE] after server ping\r\n* This eliminates Bandit B411 completely \u2014 no nosec needed\r\n* Fixes QGIS plugin repository critical security block on v1.0.9\r\n1.0.9 - Security scan fix: remove vendored defusedxml, use nosec suppression\r\n* Removed vendored defusedxml package (was causing 12 Bandit issues across its files)\r\n* Reverted to xml.etree.ElementTree with # nosec B411 suppression\r\n* Scanner now sees only 1 suppressed issue instead of 12 flagged issues\r\n* Fixes QGIS plugin repository critical security block on v1.0.8\r\n1.0.8 - Runtime fix: QUrl import and QNetworkRequest type safety\r\n* Added missing QUrl import to api_client.py and wfs_connection.py\r\n* Fixed QNetworkRequest(url: str) to QNetworkRequest(QUrl(url))\r\n* Added missing QgsMessageLog and Qgis imports to api_client.py\r\n* Fixes NameError on plugin load that blocked v1.0.7\r\n1.0.7 - Security fix for Bandit XML parsing vulnerability\r\n* Replaced xml.etree.ElementTree with defusedxml.ElementTree\r\n* Vendored defusedxml to avoid external dependency\r\n* Fixed silent except/pass in api_client.py to log warnings\r\n* Resolves QGIS plugin repository critical security block\r\n1.0.6 - WFS authentication and namespace fix\r\n* Removed deprecated Authorization Bearer and apikey headers\r\n* Now sends only x-api-key header for Supabase Edge Function auth\r\n* Fixed feature type namespace: soilcertify:managed_assets -> sc:managed_assets\r\n* Aligned with server-side capabilities XML namespace prefix\r\n* GetCapabilities and GetFeature now resolve correctly end-to-end\r\n1.0.5 - WFS HTTP client rewrite (SoilCertify backend integration)\r\n* Replaced native QGIS WFS provider with direct HTTP requests\r\n* Sends all required Supabase headers: apikey, Authorization Bearer, x-api-key\r\n* Fetches GeoJSON from wfs-export edge function and loads via OGR\r\n* Real GetCapabilities / DescribeFeatureType / GetFeature support\r\n* Fixed: WFS layers now authenticate against Supabase gateway\r\n* Fixed: feature type updated to soilcertify:managed_assets", "external_deps": null, "download_url": "https://plugins.qgis.org/plugins/qgis_leafengines/version/1.0.10/download/"}