Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade: Bump the dependencies group with 22 updates #437

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2023

Bumps the dependencies group with 22 updates:

Package From To
aiohttp 3.8.5 3.9.1
anyio 3.7.1 4.1.0
async-timeout 4.0.2 4.0.3
boto3 1.28.12 1.33.5
botocore 1.31.12 1.33.5
certifi 2023.7.22 2023.11.17
cffi 1.15.1 1.16.0
charset-normalizer 3.2.0 3.3.2
click 8.1.6 8.1.7
cryptography 41.0.2 41.0.7
exceptiongroup 1.1.2 1.2.0
gitdb 4.0.10 4.0.11
gitpython 3.1.32 3.1.40
httpcore 0.17.3 1.0.2
httpx 0.24.1 0.25.2
idna 3.4 3.6
packaging 23.1 23.2
s3transfer 0.6.1 0.8.2
sentry-sdk 1.28.1 1.38.0
smmap 5.0.0 5.0.1
urllib3 1.26.16 2.1.0
yarl 1.9.2 1.9.3

Updates aiohttp from 3.8.5 to 3.9.1

Release notes

Sourced from aiohttp's releases.

3.9.1

Bugfixes

  • Fixed importing aiohttp under PyPy on Windows.

    (#7848)

  • Fixed async concurrency safety in websocket compressor.

    (#7865)

  • Fixed ClientResponse.close() releasing the connection instead of closing.

    (#7869)

  • Fixed a regression where connection may get closed during upgrade. -- by :user:Dreamsorcerer

    (#7879)

  • Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:Dreamsorcerer

    (#7895)


3.9.0

Features

  • Introduced AppKey for static typing support of Application storage. See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config

    (#5864)

  • Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. The period can be adjusted with the shutdown_timeout parameter. -- by :user:Dreamsorcerer. See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown

    (#7188)

  • Added handler_cancellation <https://docs.aiohttp.org/en/stable/web_advanced.html#web-handler-cancellation>_ parameter to cancel web handler on client disconnection. -- by :user:mosquito This (optionally) reintroduces a feature removed in a previous release. Recommended for those looking for an extra level of protection against denial-of-service attacks.

    (#7056)

  • Added support for setting response header parameters max_line_size and max_field_size.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.9.1 (2023-11-26)

Bugfixes

  • Fixed importing aiohttp under PyPy on Windows.

    [#7848](https://github.com/aio-libs/aiohttp/issues/7848) <https://github.com/aio-libs/aiohttp/issues/7848>_

  • Fixed async concurrency safety in websocket compressor.

    [#7865](https://github.com/aio-libs/aiohttp/issues/7865) <https://github.com/aio-libs/aiohttp/issues/7865>_

  • Fixed ClientResponse.close() releasing the connection instead of closing.

    [#7869](https://github.com/aio-libs/aiohttp/issues/7869) <https://github.com/aio-libs/aiohttp/issues/7869>_

  • Fixed a regression where connection may get closed during upgrade. -- by :user:Dreamsorcerer

    [#7879](https://github.com/aio-libs/aiohttp/issues/7879) <https://github.com/aio-libs/aiohttp/issues/7879>_

  • Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:Dreamsorcerer

    [#7895](https://github.com/aio-libs/aiohttp/issues/7895) <https://github.com/aio-libs/aiohttp/issues/7895>_


3.9.0 (2023-11-18)

Features

  • Introduced AppKey for static typing support of Application storage. See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config

    [#5864](https://github.com/aio-libs/aiohttp/issues/5864) <https://github.com/aio-libs/aiohttp/issues/5864>_

  • Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. The period can be adjusted with the shutdown_timeout parameter. -- by :user:Dreamsorcerer. See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown

    [#7188](https://github.com/aio-libs/aiohttp/issues/7188) <https://github.com/aio-libs/aiohttp/issues/7188>_

  • Added handler_cancellation <https://docs.aiohttp.org/en/stable/web_advanced.html#web-handler-cancellation>_ parameter to cancel web handler on client disconnection. -- by :user:mosquito This (optionally) reintroduces a feature removed in a previous release.

... (truncated)

Commits

Updates anyio from 3.7.1 to 4.1.0

Release notes

Sourced from anyio's releases.

4.1.0

  • Adapted to API changes made in Trio v0.23:
    • Call trio.to_thread.run_sync() using the abandon_on_cancel keyword argument instead of cancellable
    • Removed a checkpoint when exiting a task group
    • Renamed the cancellable argument in anyio.to_thread.run_sync() to abandon_on_cancel (and deprecated the old parameter name)
    • Bumped minimum version of Trio to v0.23
  • Added support for voluntary thread cancellation via anyio.from_thread.check_cancelled()
  • Bumped minimum version of trio to v0.23
  • Exposed the ResourceGuard class in the public API (#627)
  • Fixed RuntimeError: Runner is closed when running higher-scoped async generator fixtures in some cases (#619)
  • Fixed discrepancy between asyncio and trio where reraising a cancellation exception in an except* block would incorrectly bubble out of its cancel scope (#634)

4.0.0

  • BACKWARDS INCOMPATIBLE Replaced AnyIO's own ExceptionGroup class with the PEP 654 BaseExceptionGroup and ExceptionGroup
  • BACKWARDS INCOMPATIBLE Changes to cancellation semantics:
    • Any exceptions raising out of a task groups are now nested inside an ExceptionGroup (or BaseExceptionGroup if one or more BaseException were included)
    • Fixed task group not raising a cancellation exception on asyncio at exit if no child tasks were spawned and an outer cancellation scope had been cancelled before
    • Ensured that exiting a TaskGroup always hits a yield point, regardless of whether there are running child tasks to be waited on
    • On asyncio, cancel scopes will defer cancelling tasks that are scheduled to resume with a finished future
    • On asyncio and Python 3.9/3.10, cancel scopes now only suppress cancellation exceptions if the cancel message matches the scope
    • Task groups on all backends now raise a single cancellation exception when an outer cancel scope is cancelled, and no exceptions other than cancellation exceptions are raised in the group
  • BACKWARDS INCOMPATIBLE Changes the pytest plugin to run all tests and fixtures in the same task, allowing fixtures to set context variables for tests and other fixtures
  • BACKWARDS INCOMPATIBLE Changed anyio.Path.relative_to() and anyio.Path.is_relative_to() to only accept one argument, as passing multiple arguments is deprecated as of Python 3.12
  • BACKWARDS INCOMPATIBLE Dropped support for spawning tasks from old-style coroutine functions (@asyncio.coroutine)
  • BACKWARDS INCOMPATIBLE The policy option on the asyncio backend was changed to loop_factory to accommodate asyncio.Runner
  • Changed anyio.run() to use asyncio.Runner (or a back-ported version of it on Pythons older than 3.11) on the asyncio backend
  • Dropped support for Python 3.7
  • Added support for Python 3.12
  • Bumped minimum version of trio to v0.22
  • Added the anyio.Path.is_junction() and anyio.Path.walk() methods
  • Added create_unix_datagram_socket and create_connected_unix_datagram_socket to create UNIX datagram sockets (PR by Jean Hominal)
  • Fixed from_thread.run and from_thread.run_sync not setting sniffio on asyncio. As a result:
    • Fixed from_thread.run_sync failing when used to call sniffio-dependent functions on asyncio
    • Fixed from_thread.run failing when used to call sniffio-dependent functions on asyncio from a thread running trio or curio
    • Fixed deadlock when using from_thread.start_blocking_portal(backend="asyncio") in a thread running trio or curio (PR by Ganden Schaffner)
  • Improved type annotations:
    • The item_type argument of create_memory_object_stream was deprecated. To indicate the item type handled by the stream, use create_memory_object_stream[T_Item]() instead. Type checking should no longer fail when annotating memory object streams with uninstantiable item types (PR by Ganden Schaffner)
  • Added the CancelScope.cancelled_caught property which tells users if the cancel scope suppressed a cancellation exception
  • Fixed fail_after() raising an unwarranted TimeoutError when the cancel scope was cancelled before reaching its deadline
  • Fixed MemoryObjectReceiveStream.receive() causing the receiving task on asyncio to remain in a cancelled state if the operation was cancelled after an item was queued to be received by the task (but before the task could actually receive the item)
  • Fixed TaskGroup.start() on asyncio not responding to cancellation from the outside
  • Fixed tasks started from BlockingPortal not notifying synchronous listeners (concurrent.futures.wait()) when they're cancelled
  • Removed unnecessary extra waiting cycle in Event.wait() on asyncio in the case where the event was not yet set
  • Fixed processes spawned by anyio.to_process() being "lost" as unusable to the process pool when processes that have idled over 5 minutes are pruned at part of the to_process.run_sync() call, leading to increased memory consumption (PR by Anael Gorfinkel)

Changes since 4.0.0rc1:

  • Fixed the type annotation of TaskGroup.start_soon() to accept any awaitables (already in v3.7.0 but was missing from 4.0.0rc1)
  • Changed CancelScope to also consider the cancellation count (in addition to the cancel message) on asyncio to determine if a cancellation exception should be swallowed on scope exit, to combat issues where third party libraries catch the CancelledError and raise another, thus erasing the original cancel message
  • Worked around a CPython bug that caused TLSListener.handle_handshake_error() on asyncio to log "NoneType: None" instead of the error (PR by Ganden Schaffner)

... (truncated)

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

UNRELEASED

  • Add support for byte-based paths in connect_unix, create_unix_listeners, create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by Lura Skye.)

4.1.0

  • Adapted to API changes made in Trio v0.23:

    • Call trio.to_thread.run_sync() using the abandon_on_cancel keyword argument instead of cancellable
    • Removed a checkpoint when exiting a task group
    • Renamed the cancellable argument in anyio.to_thread.run_sync() to abandon_on_cancel (and deprecated the old parameter name)
    • Bumped minimum version of Trio to v0.23
  • Added support for voluntary thread cancellation via anyio.from_thread.check_cancelled()

  • Bumped minimum version of trio to v0.23

  • Exposed the ResourceGuard class in the public API ([#627](https://github.com/agronholm/anyio/issues/627) <https://github.com/agronholm/anyio/issues/627>_)

  • Fixed RuntimeError: Runner is closed when running higher-scoped async generator fixtures in some cases ([#619](https://github.com/agronholm/anyio/issues/619) <https://github.com/agronholm/anyio/issues/619>_)

  • Fixed discrepancy between asyncio and trio where reraising a cancellation exception in an except* block would incorrectly bubble out of its cancel scope ([#634](https://github.com/agronholm/anyio/issues/634) <https://github.com/agronholm/anyio/issues/634>_)

4.0.0

  • BACKWARDS INCOMPATIBLE Replaced AnyIO's own ExceptionGroup class with the PEP 654 BaseExceptionGroup and ExceptionGroup

  • BACKWARDS INCOMPATIBLE Changes to cancellation semantics:

    • Any exceptions raising out of a task groups are now nested inside an ExceptionGroup (or BaseExceptionGroup if one or more BaseException were included)
    • Fixed task group not raising a cancellation exception on asyncio at exit if no child tasks were spawned and an outer cancellation scope had been cancelled before
    • Ensured that exiting a TaskGroup always hits a yield point, regardless of whether there are running child tasks to be waited on
    • On asyncio, cancel scopes will defer cancelling tasks that are scheduled to resume with a finished future
    • On asyncio and Python 3.9/3.10, cancel scopes now only suppress cancellation exceptions if the cancel message matches the scope
    • Task groups on all backends now raise a single cancellation exception when an outer

... (truncated)

Commits
  • 46a45c7 Bumped up the version
  • 8079a22 Added links to closed issues
  • 3a01793 Added a "Queues" section to the docs for anyone looking for queues
  • 3186fb9 Implemented voluntary cancellation in worker threads (#629)
  • c360b99 Fixed asyncio CancelScope not recognizing its own cancellation exception (#...
  • 523381a Install uvloop on Python 3.12 too for tests
  • f0707cd Fixed RuntimeError: Runner is closed in the pytest plugin (#635)
  • 97b7b08 Fixed ExceptionGroup example (#637)
  • 0eab46a [pre-commit.ci] pre-commit autoupdate (#636)
  • 019835a Updated pre-commit modules
  • Additional commits viewable in compare view

Updates async-timeout from 4.0.2 to 4.0.3

Release notes

Sourced from async-timeout's releases.

4.0.3

  • Fixed compatibility with asyncio.timeout() on Python 3.11+.
  • Added support for Python 3.11.
  • Dropped support for Python 3.6.
Changelog

Sourced from async-timeout's changelog.

4.0.3 (2023-08-10)

  • Fixed compatibility with asyncio.timeout() on Python 3.11+.
  • Added support for Python 3.11.
  • Dropped support for Python 3.6.
Commits

Updates boto3 from 1.28.12 to 1.33.5

Changelog

Sourced from boto3's changelog.

1.33.5

  • api-change:arc-zonal-shift: [botocore] This release adds a new capability, zonal autoshift. You can configure zonal autoshift so that AWS shifts traffic for a resource away from an Availability Zone, on your behalf, when AWS determines that there is an issue that could potentially affect customers in the Availability Zone.
  • api-change:glue: [botocore] Adds observation and analyzer support to the GetDataQualityResult and BatchGetDataQualityResult APIs.
  • api-change:sagemaker: [botocore] This release adds support for 1/ Code Editor, based on Code-OSS, Visual Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/ JupyterLab, a new fully managed JupyterLab IDE experience in SageMaker Studio

1.33.4

  • bugfix:s3transfer: Raise floor for s3transfer to 0.8.2 to avoid any conflicts with the awscrt
  • api-change:marketplace-agreement: [botocore] The AWS Marketplace Agreement Service provides an API interface that helps AWS Marketplace sellers manage their agreements, including listing, filtering, and viewing details about their agreements.
  • api-change:marketplace-catalog: [botocore] This release enhances the ListEntities API to support new entity type-specific strongly typed filters in the request and entity type-specific strongly typed summaries in the response.
  • api-change:marketplace-deployment: [botocore] AWS Marketplace Deployment is a new service that provides essential features that facilitate the deployment of software, data, and services procured through AWS Marketplace.
  • api-change:redshift-serverless: [botocore] This release adds the following support for Amazon Redshift Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3) scheduling snapshot creation, and 4) restoring tables from a recovery point.
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version

1.33.3

  • api-change:application-autoscaling: [botocore] Amazon SageMaker customers can now use Application Auto Scaling to automatically scale the number of Inference Component copies across an endpoint to meet the varying demand of their workloads.
  • api-change:cleanrooms: [botocore] AWS Clean Rooms now provides differential privacy to protect against user-identification attempts and machine learning modeling to allow two parties to identify similar users in their data.
  • api-change:cleanroomsml: [botocore] Public Preview SDK release of AWS Clean Rooms ML APIs
  • api-change:opensearch: [botocore] Launching Amazon OpenSearch Service support for new zero-ETL integration with Amazon S3. Customers can now manage their direct query data sources to Amazon S3 programatically
  • api-change:opensearchserverless: [botocore] Amazon OpenSearch Serverless collections support an additional attribute called standby-replicas. This allows to specify whether a collection should have redundancy enabled.
  • api-change:sagemaker-runtime: [botocore] Update sagemaker-runtime client to latest version
  • api-change:sagemaker: [botocore] This release adds following support 1/ Improved SDK tooling for model deployment. 2/ New Inference Component based features to lower inference costs and latency 3/ SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in Autopilot
  • api-change:sts: [botocore] Documentation updates for AWS Security Token Service.
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version

1.33.2

  • api-change:accessanalyzer: [botocore] This release adds support for external access findings for S3 directory buckets to help you easily identify cross-account access. Updated service API, documentation, and paginators.
  • api-change:bedrock-agent-runtime: [botocore] This release introduces Agents for Amazon Bedrock Runtime
  • api-change:bedrock-agent: [botocore] This release introduces Agents for Amazon Bedrock
  • api-change:bedrock-runtime: [botocore] This release adds support for minor versions/aliases for invoke model identifier.
  • api-change:bedrock: [botocore] This release adds support for customization types, model life cycle status and minor versions/aliases for model identifiers.
  • api-change:connect: [botocore] Added support for following capabilities: Amazon Connect's in-app, web, and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics feature. Amazon Connect Analytics Datalake capability. Capability to configure real time chat rules.
  • api-change:customer-profiles: [botocore] This release introduces DetectProfileObjectType API to auto generate object type mapping.
  • api-change:qbusiness: [botocore] Amazon Q - a generative AI powered application that your employees can use to ask questions and get answers from knowledge spread across disparate content repositories, summarize reports, write articles, take actions, and much more - all within their company's connected content repositories.
  • api-change:qconnect: [botocore] Amazon Q in Connect, an LLM-enhanced evolution of Amazon Connect Wisdom. This release adds generative AI support to Amazon Q Connect QueryAssistant and GetRecommendations APIs.
  • api-change:s3: [botocore] Adds support for S3 Express One Zone.
  • api-change:s3control: [botocore] Adds support for S3 Express One Zone, and InvocationSchemaVersion 2.0 for S3 Batch Operations.
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version

... (truncated)

Commits

Updates botocore from 1.31.12 to 1.33.5

Changelog

Sourced from botocore's changelog.

1.33.5

  • api-change:arc-zonal-shift: This release adds a new capability, zonal autoshift. You can configure zonal autoshift so that AWS shifts traffic for a resource away from an Availability Zone, on your behalf, when AWS determines that there is an issue that could potentially affect customers in the Availability Zone.
  • api-change:glue: Adds observation and analyzer support to the GetDataQualityResult and BatchGetDataQualityResult APIs.
  • api-change:sagemaker: This release adds support for 1/ Code Editor, based on Code-OSS, Visual Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/ JupyterLab, a new fully managed JupyterLab IDE experience in SageMaker Studio

1.33.4

  • api-change:marketplace-agreement: The AWS Marketplace Agreement Service provides an API interface that helps AWS Marketplace sellers manage their agreements, including listing, filtering, and viewing details about their agreements.
  • api-change:marketplace-catalog: This release enhances the ListEntities API to support new entity type-specific strongly typed filters in the request and entity type-specific strongly typed summaries in the response.
  • api-change:marketplace-deployment: AWS Marketplace Deployment is a new service that provides essential features that facilitate the deployment of software, data, and services procured through AWS Marketplace.
  • api-change:redshift-serverless: This release adds the following support for Amazon Redshift Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3) scheduling snapshot creation, and 4) restoring tables from a recovery point.
  • api-change:endpoint-rules: Update endpoint-rules client to latest version

1.33.3

  • api-change:application-autoscaling: Amazon SageMaker customers can now use Application Auto Scaling to automatically scale the number of Inference Component copies across an endpoint to meet the varying demand of their workloads.
  • api-change:cleanrooms: AWS Clean Rooms now provides differential privacy to protect against user-identification attempts and machine learning modeling to allow two parties to identify similar users in their data.
  • api-change:cleanroomsml: Public Preview SDK release of AWS Clean Rooms ML APIs
  • api-change:opensearch: Launching Amazon OpenSearch Service support for new zero-ETL integration with Amazon S3. Customers can now manage their direct query data sources to Amazon S3 programatically
  • api-change:opensearchserverless: Amazon OpenSearch Serverless collections support an additional attribute called standby-replicas. This allows to specify whether a collection should have redundancy enabled.
  • api-change:sagemaker-runtime: Update sagemaker-runtime client to latest version
  • api-change:sagemaker: This release adds following support 1/ Improved SDK tooling for model deployment. 2/ New Inference Component based features to lower inference costs and latency 3/ SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in Autopilot
  • api-change:sts: Documentation updates for AWS Security Token Service.
  • api-change:endpoint-rules: Update endpoint-rules client to latest version

1.33.2

  • api-change:accessanalyzer: This release adds support for external access findings for S3 directory buckets to help you easily identify cross-account access. Updated service API, documentation, and paginators.
  • api-change:bedrock: This release adds support for customization types, model life cycle status and minor versions/aliases for model identifiers.
  • api-change:bedrock-agent: This release introduces Agents for Amazon Bedrock
  • api-change:bedrock-agent-runtime: This release introduces Agents for Amazon Bedrock Runtime
  • api-change:bedrock-runtime: This release adds support for minor versions/aliases for invoke model identifier.
  • api-change:connect: Added support for following capabilities: Amazon Connect's in-app, web, and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics feature. Amazon Connect Analytics Datalake capability. Capability to configure real time chat rules.
  • api-change:customer-profiles: This release introduces DetectProfileObjectType API to auto generate object type mapping.
  • api-change:endpoint-rules: Update endpoint-rules client to latest version
  • api-change:qbusiness: Amazon Q - a generative AI powered application that your employees can use to ask questions and get answers from knowledge spread across disparate content repositories, summarize reports, write articles, take actions, and much more - all within their company's connected content repositories.
  • api-change:qconnect: Amazon Q in Connect, an LLM-enhanced evolution of Amazon Connect Wisdom. This release adds generative AI support to Amazon Q Connect QueryAssistant and GetRecommendations APIs.
  • api-change:s3: Adds support for S3 Express One Zone.
  • api-change:s3control: Adds support for S3 Express One Zone, and InvocationSchemaVersion 2.0 for S3 Batch Operations.

1.33.1

... (truncated)

Commits
  • 0c316e8 Merge branch 'release-1.33.5'
  • 57dfb6b Bumping version to 1.33.5
  • a5b2e5f Update to latest models
  • 2dfc485 Merge branch 'release-1.33.4'
  • 2c97875 Merge branch 'release-1.33.4' into develop
  • fa0df4d Bumping version to 1.33.4
  • 7c91738 Update to latest partitions and endpoints
  • c2148bc Update to latest models
  • e0ffa6e Merge branch 'release-1.33.3'
  • ced3071 Merge branch 'release-1.33.3' into develop
  • Additional commits viewable in compare view

Updates certifi from 2023.7.22 to 2023.11.17

Commits
  • 515962b Merge pull request #252 from certifi/create-pull-request/patch
  • 28b2a0d 2023.11.17
  • 7ccda9f Bump actions/checkout from 4.1.0 to 4.1.1 (#251)
  • 5e4bb9e Bump actions/setup-python from 4.7.0 to 4.7.1 (#248)
  • 610354f Bump actions/checkout from 4.0.0 to 4.1.0 (#247)
  • 2d98c76 Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#246)
  • 7f0e639 ci: add minimal permissions to workflows bump.yml and release.yml (#245)
  • 600713d Bump actions/checkout from 3.6.0 to 4.0.0 (#244)
  • 0435b2a Bump actions/checkout from 3.5.3 to 3.6.0 (#242)
  • 25ea83a Fix bash
  • Additional commits viewable in compare view

Updates cffi from 1.15.1 to 1.16.0

Release notes

Sourced from cffi's releases.

v1.16.0

  • Add support for Python 3.12. With the removal of distutils from Python 3.12, projects using CFFI features that depend on distutils at runtime must add a dependency on setuptools to function under Python 3.12+. CFFI does not declare a runtime setuptools requirement to avoid an unnecessary dependency for projects that do not require it.
  • Drop support for end-of-life Python versions (2.7, 3.6, 3.7).
  • Add support for PEP517 builds; setuptools is now a required build dependency.
  • Declare python_requires metadata for Python 3.8+. This allows unsupported Pythons to continue using previously released sdists and wheels.
  • Move project source under src/; a more standard layout that also enables CI to more easily catch packaging errors.

v1.16.0rc2

  • Fix packaging issue in v1.16.0rc1.
  • Rearrange project sources (src/ layout) so packaging tests can properly detect similar issues in the future.

Full Changelog: python-cffi/cffi@v1.16.0rc1...v1.16.0rc2

v1.16.0rc1

  • Add support for Python 3.12. With the removal of distutils from Python 3.12, projects using CFFI features that depend on distutils at runtime must add a dependency on setuptools to function under Python 3.12+. CFFI does not declare a runtime setuptools requirement to avoid an unnecessary dependency for projects that do not require it.
  • Drop support for end-of-life Python versions (2.7, 3.6, 3.7).
  • Move project home to python-cffi/cffi on GitHub.
  • Add support for PEP517 builds; setuptools is now a required build dependency.
  • Declare python_requires metadata for Python 3.8+. This allows unsupported Pythons to continue using previously released sdists and wheels.
  • Add missing calls to PyObject_GC_UnTrack to avoid ResourceWarning 15c4b71d5e3f2295c0e4773e99b23ac751e02534
Commits

Updates charset-normalizer from 3.2.0 to 3.3.2

Release notes

Sourced from charset-normalizer's releases.

Version 3.3.2

3.3.2 (2023-10-31)

Fixed

  • Unintentional memory usage regression when using large payloads that match several encodings (#376)
  • Regression on some detection cases showcased in the documentation (#371)

Added

  • Noise (md) probe that identifies malformed Arabic representation due to the presence of letters in isolated form (credit to my wife, thanks!)

Version 3.3.1

3.3.1 (2023-10-22)

Changed

  • Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
  • Improved the general detection reliability based on reports from the community

Release 3.3.0

3.3.0 (2023-09-30)

Added

  • Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
  • Support for 9 forgotten encodings that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

  • (internal) Redundant utils.is_ascii function and unused function is_private_use_only
  • (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

  • (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
  • Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

  • Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)
Changelog

Sourced from charset-normalizer's changelog.

3.3.2 (2023-10-31)

Fixed

  • Unintentional memory usage regression when using large payload that match several encoding (#376)
  • Regression on some detection case showcased in the documentation (#371)

Added

  • Noise (md) probe that identify malformed arabic representation due to the presence of letters in isolated form (credit to my wife)

3.3.1 (2023-10-22)

Changed

  • Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
  • Improved the general detection reliability based on reports from the community

3.3.0 (2023-09-30)

Added

  • Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
  • Support for 9 forgotten encoding that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

  • (internal) Redundant utils.is_ascii function and unused function is_private_use_only
  • (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

  • (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
  • Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

  • Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)
Commits
  • 79dce48 🐛 Regression on some detection case showcased in the documentation (#371)...
  • a4b9b01 Bump github/codeql-action from 2.22.4 to 2.22.5 (#375)
  • dcc01cc Bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#374)
  • 9cd402c Bump pytest from 7.4.2 to 7.4.3 (#373)
  • e274dcc 🐛 Fix unintentional memory usage regression when using large payload that...
  • 07f3041 ⬆️ Bump github/codeql-action from 2.22.3 to 2.22.4 (#370)
  • 5208644 🔖 Release 3.3.1 (#367)
  • 66966f1 ❇️ Improve the detection around some cases (#366)
  • 49653a6 ⬆️ Bump actions/setup-python from 4.7.0 to 4.7.1 (#359)
  • f6a66ed ⬆️ Bump pypa/cibuildwheel from 2.16.0 to 2.16.2 (#361)
  • Additional commits viewable in compare view

Updates click from 8.1.6 to 8.1.7

Release notes

Sourced from click's releases.

8.1.7

This is a fix release for the 8.1.x feature branch.

Changelog

Sourced from click's changelog.

Version 8.1.7

Released 2023-08-17

  • Fix issue with regex flags in shell completion. :issue:2581
  • Bash version detection issues a warning instead of an error. :issue:2574
  • Fix issue with completion script for Fish shell. :issue:2567
Commits
  • 874ca2b release version 8.1.7
  • 6e1f6d3 completion(fish): add back ; as line endings in fish script (#2570)
  • a955c77 update fish enabling script
  • 3c1529e add back semicolons in fish script
  • a260ca6 Replace bash shell completion version error with warning (#2576)
  • d9db70c bash version support shows warning instead of error
  • 22b9b1c Fix incorrect passing of flags to re.sub (#2581)
  • d69d210 fix flake8 finding
  • af2da1e Fix incorrect passing of flags to re.sub
  • bb6a872 start version 8.1.7
  • Additional commits viewable in compare view

Updates cryptography from 41.0.2 to 41.0.7

Changelog

Sourced from cryptography's changelog.

41.0.7 - 2023-11-27


* Fixed compilation when using LibreSSL 3.8.2.

.. _v41-0-6:

41.0.6 - 2023-11-27

  • Fixed a null-pointer-dereference and segfault that could occur when loading certificates from a PKCS#7 bundle. Credit to pkuzco for reporting the issue. CVE-2023-49083

.. _v41-0-5:

41.0.5 - 2023-10-24


* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4.
* Added a function to support an upcoming ``pyOpenSSL`` release.

.. _v41-0-4:

41.0.4 - 2023-09-19

  • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3.

.. _v41-0-3:

41.0.3 - 2023-08-01


* Fixed performance regression loading DH public keys.
* Fixed a memory leak when using
  :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.2.

.. _v41-0-2:

Commits

Bumps the dependencies group with 22 updates:

| Package | From | To |
| --- | --- | --- |
| [aiohttp](https://github.com/aio-libs/aiohttp) | `3.8.5` | `3.9.1` |
| [anyio](https://github.com/agronholm/anyio) | `3.7.1` | `4.1.0` |
| [async-timeout](https://github.com/aio-libs/async-timeout) | `4.0.2` | `4.0.3` |
| [boto3](https://github.com/boto/boto3) | `1.28.12` | `1.33.5` |
| [botocore](https://github.com/boto/botocore) | `1.31.12` | `1.33.5` |
| [certifi](https://github.com/certifi/python-certifi) | `2023.7.22` | `2023.11.17` |
| [cffi](https://github.com/python-cffi/cffi) | `1.15.1` | `1.16.0` |
| [charset-normalizer](https://github.com/Ousret/charset_normalizer) | `3.2.0` | `3.3.2` |
| [click](https://github.com/pallets/click) | `8.1.6` | `8.1.7` |
| [cryptography](https://github.com/pyca/cryptography) | `41.0.2` | `41.0.7` |
| [exceptiongroup](https://github.com/agronholm/exceptiongroup) | `1.1.2` | `1.2.0` |
| [gitdb](https://github.com/gitpython-developers/gitdb) | `4.0.10` | `4.0.11` |
| [gitpython](https://github.com/gitpython-developers/GitPython) | `3.1.32` | `3.1.40` |
| [httpcore](https://github.com/encode/httpcore) | `0.17.3` | `1.0.2` |
| [httpx](https://github.com/encode/httpx) | `0.24.1` | `0.25.2` |
| [idna](https://github.com/kjd/idna) | `3.4` | `3.6` |
| [packaging](https://github.com/pypa/packaging) | `23.1` | `23.2` |
| [s3transfer](https://github.com/boto/s3transfer) | `0.6.1` | `0.8.2` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `1.28.1` | `1.38.0` |
| [smmap](https://github.com/gitpython-developers/smmap) | `5.0.0` | `5.0.1` |
| [urllib3](https://github.com/urllib3/urllib3) | `1.26.16` | `2.1.0` |
| [yarl](https://github.com/aio-libs/yarl) | `1.9.2` | `1.9.3` |


Updates `aiohttp` from 3.8.5 to 3.9.1
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](aio-libs/aiohttp@v3.8.5...v3.9.1)

Updates `anyio` from 3.7.1 to 4.1.0
- [Release notes](https://github.com/agronholm/anyio/releases)
- [Changelog](https://github.com/agronholm/anyio/blob/master/docs/versionhistory.rst)
- [Commits](agronholm/anyio@3.7.1...4.1.0)

Updates `async-timeout` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/aio-libs/async-timeout/releases)
- [Changelog](https://github.com/aio-libs/async-timeout/blob/master/CHANGES.rst)
- [Commits](aio-libs/async-timeout@v4.0.2...v4.0.3)

Updates `boto3` from 1.28.12 to 1.33.5
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.28.12...1.33.5)

Updates `botocore` from 1.31.12 to 1.33.5
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](boto/botocore@1.31.12...1.33.5)

Updates `certifi` from 2023.7.22 to 2023.11.17
- [Commits](certifi/python-certifi@2023.07.22...2023.11.17)

Updates `cffi` from 1.15.1 to 1.16.0
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](python-cffi/cffi@v1.15.1...v1.16.0)

Updates `charset-normalizer` from 3.2.0 to 3.3.2
- [Release notes](https://github.com/Ousret/charset_normalizer/releases)
- [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](jawah/charset_normalizer@3.2.0...3.3.2)

Updates `click` from 8.1.6 to 8.1.7
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](pallets/click@8.1.6...8.1.7)

Updates `cryptography` from 41.0.2 to 41.0.7
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@41.0.2...41.0.7)

Updates `exceptiongroup` from 1.1.2 to 1.2.0
- [Release notes](https://github.com/agronholm/exceptiongroup/releases)
- [Changelog](https://github.com/agronholm/exceptiongroup/blob/main/CHANGES.rst)
- [Commits](agronholm/exceptiongroup@1.1.2...1.2.0)

Updates `gitdb` from 4.0.10 to 4.0.11
- [Release notes](https://github.com/gitpython-developers/gitdb/releases)
- [Commits](gitpython-developers/gitdb@4.0.10...4.0.11)

Updates `gitpython` from 3.1.32 to 3.1.40
- [Release notes](https://github.com/gitpython-developers/GitPython/releases)
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES)
- [Commits](gitpython-developers/GitPython@3.1.32...3.1.40)

Updates `httpcore` from 0.17.3 to 1.0.2
- [Release notes](https://github.com/encode/httpcore/releases)
- [Changelog](https://github.com/encode/httpcore/blob/master/CHANGELOG.md)
- [Commits](encode/httpcore@0.17.3...1.0.2)

Updates `httpx` from 0.24.1 to 0.25.2
- [Release notes](https://github.com/encode/httpx/releases)
- [Changelog](https://github.com/encode/httpx/blob/master/CHANGELOG.md)
- [Commits](encode/httpx@0.24.1...0.25.2)

Updates `idna` from 3.4 to 3.6
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.4...v3.6)

Updates `packaging` from 23.1 to 23.2
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@23.1...23.2)

Updates `s3transfer` from 0.6.1 to 0.8.2
- [Changelog](https://github.com/boto/s3transfer/blob/develop/CHANGELOG.rst)
- [Commits](boto/s3transfer@0.6.1...0.8.2)

Updates `sentry-sdk` from 1.28.1 to 1.38.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@1.28.1...1.38.0)

Updates `smmap` from 5.0.0 to 5.0.1
- [Commits](gitpython-developers/smmap@v5.0.0...v5.0.1)

Updates `urllib3` from 1.26.16 to 2.1.0
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.16...2.1.0)

Updates `yarl` from 1.9.2 to 1.9.3
- [Release notes](https://github.com/aio-libs/yarl/releases)
- [Changelog](https://github.com/aio-libs/yarl/blob/master/CHANGES.rst)
- [Commits](aio-libs/yarl@v1.9.2...v1.9.3)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: anyio
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: async-timeout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: botocore
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: cffi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: charset-normalizer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: click
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: exceptiongroup
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: gitdb
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: gitpython
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: httpcore
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: httpx
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: idna
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: packaging
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: s3transfer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: smmap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: yarl
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 1, 2023
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 4, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 4, 2024
@dependabot dependabot bot deleted the dependabot/pip/dependencies-f4e3042069 branch January 4, 2024 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants