fix(deps): update major (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
Flask (changelog)	2.2.5 -> 3.0.0					dependencies	major
Flask-Migrate	3.1.0 -> 4.0.5					dependencies	major
Flask-SQLAlchemy (changelog)	2.5.1 -> 3.1.1					dependencies	major
SQLAlchemy (changelog)	1.4.40 -> 2.0.23					dependencies	major
actions/checkout	v3 -> v4					action	major
argon2-cffi (changelog)	21.3.0 -> 23.1.0					dependencies	major
black (changelog)	22.8.0 -> 23.12.1					dev	major
docker/build-push-action	v3.1.1 -> v5.1.0					action	major
docker/setup-buildx-action	v2 -> v3					action	major
docker/setup-qemu-action	v2 -> v3					action	major
gunicorn (source)	20.1.0 -> 21.2.0					dependencies	major
postgres	14.5 -> 16.1					service	major
postgres	14.5 -> 16.1						major
pylint (changelog)	2.15.5 -> 3.0.3					dev	major

---

Release Notes

miguelgrinberg/flask-migrate (Flask-Migrate)

v4.0.5: Release 4.0.5

Compare Source

See CHANGES.md for release notes.

v4.0.4: Release 4.0.4

Compare Source

See CHANGE.LOG for release notes.

v4.0.3: Release 4.0.3

Compare Source

See CHANGE.LOG for release notes.

v4.0.2: Release 4.0.2

Compare Source

See CHANGE.LOG for release notes.

v4.0.1: Release 4.0.1

Compare Source

See CHANGE.LOG for release notes.

v4.0.0: Release 4.0.0

Compare Source

See CHANGE.LOG for release notes.

actions/checkout (actions/checkout)

v4

Compare Source

• Support fetching without the --progress option
• Update to node20

hynek/argon2-cffi (argon2-cffi)

v23.1.0

Compare Source

Removed

• Python 3.6 is not supported anymore.

Deprecated

• The InvalidHash exception is deprecated in favor of InvalidHashError.
  No plans for removal currently exist and the names can (but shouldn't) be used interchangeably.

• argon2.hash_password(), argon2.hash_password_raw(), and argon2.verify_password() that have been soft-deprecated since 2016 are now hard-deprecated.
  They now raise DeprecationWarnings and will be removed in 2024.

Added

• Official support for Python 3.11 and 3.12.
  No code changes were necessary.

• argon2.exceptions.InvalidHashError as a replacement for InvalidHash.

• salt parameter to argon2.PasswordHasher.hash() to allow for custom salts.
  This is only useful for specialized use-cases -- leave it on None unless you know exactly what you are doing.
  #​153

psf/black (black)

v23.12.1

Compare Source

Packaging

• Fixed a bug that included dependencies from the d extra by default (#​4108)

v23.12.0

Compare Source

Highlights

It's almost 2024, which means it's time for a new edition of Black's stable style!
Together with this release, we'll put out an alpha release 24.1a1 showcasing the draft
2024 stable style, which we'll finalize in the January release. Please try it out and
share your feedback.

This release (23.12.0) will still produce the 2023 style. Most but not all of the
changes in --preview mode will be in the 2024 stable style.

Stable style

• Fix bug where # fmt: off automatically dedents when used with the --line-ranges
  option, even when it is not within the specified line range. (#​4084)
• Fix feature detection for parenthesized context managers (#​4104)

Preview style

• Prefer more equal signs before a break when splitting chained assignments (#​4010)
• Standalone form feed characters at the module level are no longer removed (#​4021)
• Additional cases of immediately nested tuples, lists, and dictionaries are now
  indented less (#​4012)
• Allow empty lines at the beginning of all blocks, except immediately before a
  docstring (#​4060)
• Fix crash in preview mode when using a short --line-length (#​4086)
• Keep suites consisting of only an ellipsis on their own lines if they are not
  functions or class definitions (#​4066) (#​4103)

Configuration

• --line-ranges now skips Black's internal stability check in --safe mode. This
  avoids a crash on rare inputs that have many unformatted same-content lines. (#​4034)

Packaging

• Upgrade to mypy 1.7.1 (#​4049) (#​4069)
• Faster compiled wheels are now available for CPython 3.12 (#​4070)

Integrations

• Enable 3.12 CI (#​4035)
• Build docker images in parallel (#​4054)
• Build docker images with 3.12 (#​4055)

v23.11.0

Compare Source

Highlights

• Support formatting ranges of lines with the new --line-ranges command-line option
  (#​4020)

Stable style

• Fix crash on formatting bytes strings that look like docstrings (#​4003)
• Fix crash when whitespace followed a backslash before newline in a docstring (#​4008)
• Fix standalone comments inside complex blocks crashing Black (#​4016)
• Fix crash on formatting code like await (a ** b) (#​3994)
• No longer treat leading f-strings as docstrings. This matches Python's behaviour and
  fixes a crash (#​4019)

Preview style

• Multiline dicts and lists that are the sole argument to a function are now indented
  less (#​3964)
• Multiline unpacked dicts and lists as the sole argument to a function are now also
  indented less (#​3992)
• In f-string debug expressions, quote types that are visible in the final string are
  now preserved (#​4005)
• Fix a bug where long case blocks were not split into multiple lines. Also enable
  general trailing comma rules on case blocks (#​4024)
• Keep requiring two empty lines between module-level docstring and first function or
  class definition (#​4028)
• Add support for single-line format skip with other comments on the same line (#​3959)

Configuration

• Consistently apply force exclusion logic before resolving symlinks (#​4015)
• Fix a bug in the matching of absolute path names in --include (#​3976)

Performance

• Fix mypyc builds on arm64 on macOS (#​4017)

Integrations

• Black's pre-commit integration will now run only on git hooks appropriate for a code
  formatter (#​3940)

v23.10.1

Compare Source

Highlights

• Maintenance release to get a fix out for GitHub Action edge case (#​3957)

Preview style

• Fix merging implicit multiline strings that have inline comments (#​3956)
• Allow empty first line after block open before a comment or compound statement (#​3967)

Packaging

• Change Dockerfile to hatch + compile black (#​3965)

Integrations

• The summary output for GitHub workflows is now suppressible using the summary
  parameter. (#​3958)
• Fix the action failing when Black check doesn't pass (#​3957)

Documentation

• It is known Windows documentation CI is broken
  https://github.com/psf/black/issues/39683968

v23.10.0

Compare Source

Stable style

• Fix comments getting removed from inside parenthesized strings (#​3909)

Preview style

• Fix long lines with power operators getting split before the line length (#​3942)
• Long type hints are now wrapped in parentheses and properly indented when split across
  multiple lines (#​3899)
• Magic trailing commas are now respected in return types. (#​3916)
• Require one empty line after module-level docstrings. (#​3932)
• Treat raw triple-quoted strings as docstrings (#​3947)

Configuration

• Fix cache versioning logic when BLACK_CACHE_DIR is set (#​3937)

Parser

• Fix bug where attributes named type were not acccepted inside match statements
  (#​3950)
• Add support for PEP 695 type aliases containing lambdas and other unusual expressions
  (#​3949)

Output

• Black no longer attempts to provide special errors for attempting to format Python 2
  code (#​3933)
• Black will more consistently print stacktraces on internal errors in verbose mode
  (#​3938)

Integrations

• The action output displayed in the job summary is now wrapped in Markdown (#​3914)

v23.9.1

Compare Source

Due to various issues, the previous release (23.9.0) did not include compiled mypyc
wheels, which make Black significantly faster. These issues have now been fixed, and
this release should come with compiled wheels once again.

There will be no wheels for Python 3.12 due to a bug in mypyc. We will provide 3.12
wheels in a future release as soon as the mypyc bug is fixed.

Packaging

• Upgrade to mypy 1.5.1 (#​3864)

Performance

• Store raw tuples instead of NamedTuples in Black's cache, improving performance and
  decreasing the size of the cache (#​3877)

v23.9.0

Compare Source

Preview style

• More concise formatting for dummy implementations (#​3796)
• In stub files, add a blank line between a statement with a body (e.g an
  if sys.version_info > (3, x):) and a function definition on the same level (#​3862)
• Fix a bug whereby spaces were removed from walrus operators within subscript(#​3823)

Configuration

• Black now applies exclusion and ignore logic before resolving symlinks (#​3846)

Performance

• Avoid importing IPython if notebook cells do not contain magics (#​3782)
• Improve caching by comparing file hashes as fallback for mtime and size (#​3821)

Blackd

• Fix an issue in blackd with single character input (#​3558)

Integrations

• Black now has an
  official pre-commit mirror. Swapping
  https://github.com/psf/black to https://github.com/psf/black-pre-commit-mirror in
  your .pre-commit-config.yaml will make Black about 2x faster (#​3828)
• The .black.env folder specified by ENV_PATH will now be removed on the completion
  of the GitHub Action (#​3759)

v23.7.0

Compare Source

Highlights

• Runtime support for Python 3.7 has been removed. Formatting 3.7 code will still be
  supported until further notice (#​3765)

Stable style

• Fix a bug where an illegal trailing comma was added to return type annotations using
  PEP 604 unions (#​3735)
• Fix several bugs and crashes where comments in stub files were removed or mishandled
  under some circumstances (#​3745)
• Fix a crash with multi-line magic comments like type: ignore within parentheses
  (#​3740)
• Fix error in AST validation when Black removes trailing whitespace in a type comment
  (#​3773)

Preview style

• Implicitly concatenated strings used as function args are no longer wrapped inside
  parentheses (#​3640)
• Remove blank lines between a class definition and its docstring (#​3692)

Configuration

• The --workers argument to Black can now be specified via the BLACK_NUM_WORKERS
  environment variable (#​3743)
• .pytest_cache, .ruff_cache and .vscode are now excluded by default (#​3691)
• Fix Black not honouring pyproject.toml settings when running --stdin-filename
  and the pyproject.toml found isn't in the current working directory (#​3719)
• Black will now error if exclude and extend-exclude have invalid data types in
  pyproject.toml, instead of silently doing the wrong thing (#​3764)

Packaging

• Upgrade mypyc from 0.991 to 1.3 (#​3697)
• Remove patching of Click that mitigated errors on Python 3.6 with LANG=C (#​3768)

Parser

• Add support for the new PEP 695 syntax in Python 3.12 (#​3703)

Performance

• Speed up Black significantly when the cache is full (#​3751)
• Avoid importing IPython in a case where we wouldn't need it (#​3748)

Output

• Use aware UTC datetimes internally, avoids deprecation warning on Python 3.12 (#​3728)
• Change verbose logging to exactly mirror Black's logic for source discovery (#​3749)

Blackd

• The blackd argument parser now shows the default values for options in their help
  text (#​3712)

Integrations

• Black is now tested with
  PYTHONWARNDEFAULTENCODING = 1
  (#​3763)
• Update GitHub Action to display black output in the job summary (#​3688)

Documentation

• Add a CITATION.cff file to the root of the repository, containing metadata on how to
  cite this software (#​3723)
• Update the classes and exceptions documentation in Developer reference to match
  the latest code base (#​3755)

v23.3.0

Compare Source

Highlights

This release fixes a longstanding confusing behavior in Black's GitHub action, where the
version of the action did not determine the version of Black being run (issue #​3382). In
addition, there is a small bug fix around imports and a number of improvements to the
preview style.

Please try out the
preview style
with black --preview and tell us your feedback. All changes in the preview style are
expected to become part of Black's stable style in January 2024.

Stable style

• Import lines with # fmt: skip and # fmt: off no longer have an extra blank line
  added when they are right after another import line (#​3610)

Preview style

• Add trailing commas to collection literals even if there's a comment after the last
  entry (#​3393)
• async def, async for, and async with statements are now formatted consistently
  compared to their non-async version. (#​3609)
• with statements that contain two context managers will be consistently wrapped in
  parentheses (#​3589)
• Let string splitters respect East Asian Width
  (#​3445)
• Now long string literals can be split after East Asian commas and periods (、 U+3001
  IDEOGRAPHIC COMMA, 。 U+3002 IDEOGRAPHIC FULL STOP, & ， U+FF0C FULLWIDTH COMMA)
  besides before spaces (#​3445)
• For stubs, enforce one blank line after a nested class with a body other than just
  ... (#​3564)
• Improve handling of multiline strings by changing line split behavior (#​1879)

Parser

• Added support for formatting files with invalid type comments (#​3594)

Integrations

• Update GitHub Action to use the version of Black equivalent to action's version if
  version input is not specified (#​3543)
• Fix missing Python binary path in autoload script for vim (#​3508)

Documentation

• Document that only the most recent release is supported for security issues;
  vulnerabilities should be reported through Tidelift (#​3612)

v23.1.0

Compare Source

Highlights

This is the first release of 2023, and following our
stability policy,
it comes with a number of improvements to our stable style, including improvements to
empty line handling, removal of redundant parentheses in several contexts, and output
that highlights implicitly concatenated strings better.

There are also many changes to the preview style; try out black --preview and give us
feedback to help us set the stable style for next year.

In addition to style changes, Black now automatically infers the supported Python
versions from your pyproject.toml file, removing the need to set Black's target
versions separately.

Stable style

• Introduce the 2023 stable style, which incorporates most aspects of last year's
  preview style (#​3418). Specific changes:
  • Enforce empty lines before classes and functions with sticky leading comments
    (#​3302) (22.12.0)
  • Reformat empty and whitespace-only files as either an empty file (if no newline is
    present) or as a single newline character (if a newline is present) (#​3348)
    (22.12.0)
  • Implicitly concatenated strings used as function args are now wrapped inside
    parentheses (#​3307) (22.12.0)
  • Correctly handle trailing commas that are inside a line's leading non-nested parens
    (#​3370) (22.12.0)
  • --skip-string-normalization / -S now prevents docstring prefixes from being
    normalized as expected (#​3168) (since 22.8.0)
  • When using --skip-magic-trailing-comma or -C, trailing commas are stripped from
    subscript expressions with more than 1 element (#​3209) (22.8.0)
  • Implicitly concatenated strings inside a list, set, or tuple are now wrapped inside
    parentheses (#​3162) (22.8.0)
  • Fix a string merging/split issue when a comment is present in the middle of
    implicitly concatenated strings on its own line (#​3227) (22.8.0)
  • Docstring quotes are no longer moved if it would violate the line length limit
    (#​3044, #​3430) (22.6.0)
  • Parentheses around return annotations are now managed (#​2990) (22.6.0)
  • Remove unnecessary parentheses around awaited objects (#​2991) (22.6.0)
  • Remove unnecessary parentheses in with statements (#​2926) (22.6.0)
  • Remove trailing newlines after code block open (#​3035) (22.6.0)
  • Code cell separators #%% are now standardised to # %% (#​2919) (22.3.0)
  • Remove unnecessary parentheses from except statements (#​2939) (22.3.0)
  • Remove unnecessary parentheses from tuple unpacking in for loops (#​2945) (22.3.0)
  • Avoid magic-trailing-comma in single-element subscripts (#​2942) (22.3.0)
• Fix a crash when a colon line is marked between # fmt: off and # fmt: on (#​3439)

Preview style

• Format hex codes in unicode escape sequences in string literals (#​2916)
• Add parentheses around if-else expressions (#​2278)
• Improve performance on large expressions that contain many strings (#​3467)
• Fix a crash in preview style with assert + parenthesized string (#​3415)
• Fix crashes in preview style with walrus operators used in function return annotations
  and except clauses (#​3423)
• Fix a crash in preview advanced string processing where mixed implicitly concatenated
  regular and f-strings start with an empty span (#​3463)
• Fix a crash in preview advanced string processing where a standalone comment is placed
  before a dict's value (#​3469)
• Fix an issue where extra empty lines are added when a decorator has # fmt: skip
  applied or there is a standalone comment between decorators (#​3470)
• Do not put the closing quotes in a docstring on a separate line, even if the line is
  too long (#​3430)
• Long values in dict literals are now wrapped in parentheses; correspondingly
  unnecessary parentheses around short values in dict literals are now removed; long
  string lambda values are now wrapped in parentheses (#​3440)
• Fix two crashes in preview style involving edge cases with docstrings (#​3451)
• Exclude string type annotations from improved string processing; fix crash when the
  return type annotation is stringified and spans across multiple lines (#​3462)
• Wrap multiple context managers in parentheses when targeting Python 3.9+ (#​3489)
• Fix several crashes in preview style with walrus operators used in with statements
  or tuples (#​3473)
• Fix an invalid quote escaping bug in f-string expressions where it produced invalid
  code. Implicitly concatenated f-strings with different quotes can now be merged or
  quote-normalized by changing the quotes used in expressions. (#​3509)
• Fix crash on await (yield) when Black is compiled with mypyc (#​3533)

Configuration

• Black now tries to infer its --target-version from the project metadata specified in
  pyproject.toml (#​3219)

Packaging

• Upgrade mypyc from 0.971 to 0.991 so mypycified Black can be built on armv7
  (#​3380)
  • This also fixes some crashes while using compiled Black with a debug build of
    CPython
• Drop specific support for the tomli requirement on 3.11 alpha releases, working
  around a bug that would cause the requirement not to be installed on any non-final
  Python releases (#​3448)
• Black now depends on packaging version 22.0 or later. This is required for new
  functionality that needs to parse part of the project metadata (#​3219)

Output

• Calling black --help multiple times will return the same help contents each time
  (#​3516)
• Verbose logging now shows the values of pyproject.toml configuration variables
  (#​3392)
• Fix false symlink detection messages in verbose output due to using an incorrect
  relative path to the project root (#​3385)

Integrations

• Move 3.11 CI to normal flow now that all dependencies support 3.11 (#​3446)
• Docker: Add new latest_prerelease tag automation to follow latest black alpha
  release on docker images (#​3465)

Documentation

• Expand vim-plug installation instructions to offer more explicit options (#​3468)

v22.12.0

Compare Source

Preview style

• Enforce empty lines before classes and functions with sticky leading comments (#​3302)
• Reformat empty and whitespace-only files as either an empty file (if no newline is
  present) or as a single newline character (if a newline is present) (#​3348)
• Implicitly concatenated strings used as function args are now wrapped inside
  parentheses (#​3307)
• For assignment statements, prefer splitting the right hand side if the left hand side
  fits on a single line (#​3368)
• Correctly handle trailing commas that are inside a line's leading non-nested parens
  (#​3370)

Configuration

• Fix incorrectly applied .gitignore rules by considering the .gitignore location
  and the relative path to the target file (#​3338)
• Fix incorrectly ignoring .gitignore presence when more than one source directory is
  specified (#​3336)

Parser

• Parsing support has been added for walruses inside generator expression that are
  passed as function args (for example,
  any(match := my_re.match(text) for text in texts)) (#​3327).

Integrations

• Vim plugin: Optionally allow using the system installation of Black via
  let g:black_use_virtualenv = 0(#​3309)

v22.10.0

Compare Source

Highlights

• Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be
  supported until further notice.

Stable style

• Fix a crash when # fmt: on is used on a different block level than # fmt: off
  (#​3281)

Preview style

• Fix a crash when formatting some dicts with parenthesis-wrapped long string keys
  (#​3262)

Configuration

• .ipynb_checkpoints directories are now excluded by default (#​3293)
• Add --skip-source-first-line / -x option to ignore the first line of source code
  while formatting (#​3299)

Packaging

• Executables made with PyInstaller will no longer crash when formatting several files
  at once on macOS. Native x86-64 executables for macOS are available once again.
  (#​3275)
• Hatchling is now used as the build backend. This will not have any effect for users
  who install Black with its wheels from PyPI. (#​3233)
• Faster compiled wheels are now available for CPython 3.11 (#​3276)

Blackd

• Windows style (CRLF) newlines will be preserved (#​3257).

Integrations

• Vim plugin: add flag (g:black_preview) to enable/disable the preview style (#​3246)
• Update GitHub Action to support formatting of Jupyter Notebook files via a jupyter
  option (#​3282)
• Update GitHub Action to support use of version specifiers (e.g. <23) for Black
  version (#​3265)

docker/build-push-action (docker/build-push-action)

v5.1.0

Compare Source

• Add annotations input by @​crazy-max in https://github.com/docker/build-push-action/pull/992
• Add secret-envs input by @​elias-lundgren in https://github.com/docker/build-push-action/pull/980
• Bump @​babel/traverse from 7.17.3 to 7.23.2 in https://github.com/docker/build-push-action/pull/991
• Bump @​docker/actions-toolkit from 0.13.0-rc.1 to 0.14.0 in https://github.com/docker/build-push-action/pull/990 https://github.com/docker/build-push-action/pull/1006

Full Changelog: docker/build-push-action@v5.0.0...v5.1.0

v5.0.0

Compare Source

• Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @​crazy-max in https://github.com/docker/build-push-action/pull/954
• Bump @​actions/core from 1.10.0 to 1.10.1 in https://github.com/docker/build-push-action/pull/959

Full Changelog: docker/build-push-action@v4.2.1...v5.0.0

v4.2.1

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• warn if docker config can't be parsed by @​crazy-max in https://github.com/docker/build-push-action/pull/957

Full Changelog: docker/build-push-action@v4.2.0...v4.2.1

v4.2.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• display proxy configuration by @​crazy-max in https://github.com/docker/build-push-action/pull/872
• chore(deps): Bump @​docker/actions-toolkit from 0.6.0 to 0.8.0 in https://github.com/docker/build-push-action/pull/930
• chore(deps): Bump word-wrap from 1.2.3 to 1.2.5 in https://github.com/docker/build-push-action/pull/925
• chore(deps): Bump semver from 6.3.0 to 6.3.1 in https://github.com/docker/build-push-action/pull/902

Full Changelog: docker/build-push-action@v4.1.1...v4.2.0

v4.1.1

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Bump @​docker/actions-toolkit from 0.3.0 to 0.5.0 by @​crazy-max in https://github.com/docker/build-push-action/pull/880

Full Changelog: docker/build-push-action@v4.1.0...v4.1.1

v4.1.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Switch to actions-toolkit implementation by @​crazy-max in https://github.com/docker/build-push-action/pull/811 https://github.com/docker/build-push-action/pull/838 https://github.com/docker/build-push-action/pull/855 https://github.com/docker/build-push-action/pull/860 https://github.com/docker/build-push-action/pull/875
• e2e: quay.io by @​crazy-max in https://github.com/docker/build-push-action/pull/799 https://github.com/docker/build-push-action/pull/805
• e2e: local harbor and nexus by @​crazy-max in https://github.com/docker/build-push-action/pull/800
• e2e: add artifactory container registry to test against by @​jedevc in https://github.com/docker/build-push-action/pull/804
• e2e: add distribution tests by @​jedevc in https://github.com/docker/build-push-action/pull/814 https://github.com/docker/build-push-action/pull/815

Full Changelog: docker/build-push-action@v4.0.0...v4.1.0

v4.0.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Enable provenance by default if not set by @​crazy-max in https://github.com/docker/build-push-action/pull/784

Full Changelog: docker/build-push-action@v3.3.1...v4.0.0

v3.3.1

Compare Source

• Disable provenance by default if not set by @​crazy-max (#​781)

Full Changelog: docker/build-push-action@v3.3.0...v3.3.1

v3.3.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Add attests, provenance and sbom inputs by @​crazy-max (#​746 #​759)
• Log GitHub Actions runtime token access controls by @​crazy-max (#​707)
• Examples moved to docs website by @​crazy-max (#​718)
• Bump minimatch from 3.0.4 to 3.1.2 (#​732)
• Bump csv-parse from 5.3.0 to 5.3.3 (#​729)
• Bump json5 from 2.2.0 to 2.2.3 (#​749)

Full Changelog: docker/build-push-action@v3.2.0...v3.3.0

v3.2.0

Compare Source

• Remove workaround for setOutput by @​crazy-max (#​704)
• Docs: fix Git context link and add more details about subdir support by @​crazy-max (#​685)
• Docs: named context by @​baibaratsky and @​crazy-max (#​665)
• Bump @​actions/core from 1.9.0 to 1.10.0 (#​667 #​695)
• Bump @​actions/github from 5.0.3 to 5.1.1 (#​696)

Full Changelog: docker/build-push-action@v3.1.1...v3.2.0

docker/setup-buildx-action (docker/setup-buildx-action)

v3

Compare Source

docker/setup-qemu-action (docker/setup-qemu-action)

v3

Compare Source

benoitc/gunicorn (gunicorn)

v21.2.0: Gunicorn 21.2.0 has been released

Compare Source

Gunicorn 21.2.0 has been released. This version fix the issue introduced in the threaded worker.

Changes:

21.2.0 - 2023-07-19
===================
fix thread worker: revert change considering connection as idle .

*** NOTE ***

This is fixing the bad file description error.

1. Documentation is available there: https://docs.gunicorn.org/en/stable/news.html
2. Packages: https://pypi.org/project/gunicorn/

v21.1.0: Gunicorn 21.1.0 has been released

Compare Source

gunicorn 21.1.0

---

Configuration

📅 Schedule: Branch creation - "after 9pm,before 5am" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[github-actions]

LGTM!

[sonarcloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud