Upgrade: Bump the dependencies group with 6 updates

[dependabot]

Bumps the dependencies group with 6 updates:

Package	From	To
aiohttp	3.8.5	3.8.6
charset-normalizer	3.2.0	3.3.2
prometheus-client	0.17.1	0.18.0
sentry-sdk	1.30.0	1.33.1
typing-extensions	4.7.1	4.8.0
urllib3	2.0.4	2.0.7

Updates aiohttp from 3.8.5 to 3.8.6

Release notes

Sourced from aiohttp's releases.

3.8.6

Security bugfixes

• Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:Dreamsorcerer

  Thanks to :user:kenballus for reporting this, see GHSA-pjjw-qhg8-p2p9.

  .. _llhttp: https://llhttp.org

  (#7647)

• Updated Python parser to comply with RFCs 9110/9112 -- by :user:Dreamorcerer

  Thanks to :user:kenballus for reporting this, see GHSA-gfw2-4jvh-wgfg.

  (#7663)

Deprecation

• Added fallback_charset_resolver parameter in ClientSession to allow a user-supplied character set detection function.

  Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection>_.

  (#7561)

Features

• Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:Dreamsorcerer

  (#7490)

Bugfixes

• Fixed PermissionError when .netrc is unreadable due to permissions.

  (#7237)

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.8.6 (2023-10-07)

Security bugfixes

• Upgraded the vendored copy of llhttp_ to v9.1.3 -- by :user:Dreamsorcerer

  Thanks to :user:kenballus for reporting this, see GHSA-pjjw-qhg8-p2p9.

  .. _llhttp: https://llhttp.org

  [#7647](https://github.com/aio-libs/aiohttp/issues/7647) <https://github.com/aio-libs/aiohttp/issues/7647>_

• Updated Python parser to comply with RFCs 9110/9112 -- by :user:Dreamorcerer

  Thanks to :user:kenballus for reporting this, see GHSA-gfw2-4jvh-wgfg.

  [#7663](https://github.com/aio-libs/aiohttp/issues/7663) <https://github.com/aio-libs/aiohttp/issues/7663>_

Deprecation

• Added fallback_charset_resolver parameter in ClientSession to allow a user-supplied character set detection function.

  Character set detection will no longer be included in 3.9 as a default. If this feature is needed, please use fallback_charset_resolver <https://docs.aiohttp.org/en/stable/client_advanced.html#character-set-detection>_.

  [#7561](https://github.com/aio-libs/aiohttp/issues/7561) <https://github.com/aio-libs/aiohttp/issues/7561>_

Features

• Enabled lenient response parsing for more flexible parsing in the client (this should resolve some regressions when dealing with badly formatted HTTP responses). -- by :user:Dreamsorcerer

  [#7490](https://github.com/aio-libs/aiohttp/issues/7490) <https://github.com/aio-libs/aiohttp/issues/7490>_

Bugfixes

• Fixed PermissionError when .netrc is unreadable due to permissions.

... (truncated)

Commits

• 996de26 Release v3.8.6 (#7668)
• 8c128d4 [PR #7651/45f98b7d backport][3.8] Fix BadStatusLine message (#7666)
• 89b7df1 Allow lax response parsing on Py parser (#7663) (#7664)
• d5c12ba [PR #7661/85713a48 backport][3.8] Update Python parser for RFCs 9110/9112 (#7...
• 8a3977a [PR #7272/b2a7983a backport][3.8] Fix Read The Docs config (#7650)
• bcc416e [PR #7647/1303350e backport][3.8] Upgrade to llhttp 9.1.3 (#7648)
• b30c0cd Remove chardet/charset-normalizer. (#7589)
• 5946c74 CookieJar - return 'best-match' and not LIFO (#7577) (#7588)
• 8c4ec62 [PR #7518/8bd42e74 backport][3.8] Fix GunicornWebWorker max_requests_jitter n...
• a0d234d Use lenient headers for response parser (#7490) (#7492)
• Additional commits viewable in compare view

Updates charset-normalizer from 3.2.0 to 3.3.2

Release notes

Sourced from charset-normalizer's releases.

Version 3.3.2

3.3.2 (2023-10-31)

Fixed

• Unintentional memory usage regression when using large payloads that match several encodings (#376)
• Regression on some detection cases showcased in the documentation (#371)

Added

• Noise (md) probe that identifies malformed Arabic representation due to the presence of letters in isolated form (credit to my wife, thanks!)

Version 3.3.1

3.3.1 (2023-10-22)

Changed

• Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
• Improved the general detection reliability based on reports from the community

Release 3.3.0

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encodings that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

• (internal) Redundant utils.is_ascii function and unused function is_private_use_only
• (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

• (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
• Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

• Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)

Changelog

Sourced from charset-normalizer's changelog.

3.3.2 (2023-10-31)

Fixed

• Unintentional memory usage regression when using large payload that match several encoding (#376)
• Regression on some detection case showcased in the documentation (#371)

Added

• Noise (md) probe that identify malformed arabic representation due to the presence of letters in isolated form (credit to my wife)

3.3.1 (2023-10-22)

Changed

• Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
• Improved the general detection reliability based on reports from the community

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encoding that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

• (internal) Redundant utils.is_ascii function and unused function is_private_use_only
• (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

• (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
• Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

• Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)

Commits

• 79dce48 🐛 Regression on some detection case showcased in the documentation (#371)...
• a4b9b01 Bump github/codeql-action from 2.22.4 to 2.22.5 (#375)
• dcc01cc Bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#374)
• 9cd402c Bump pytest from 7.4.2 to 7.4.3 (#373)
• e274dcc 🐛 Fix unintentional memory usage regression when using large payload that...
• 07f3041 ⬆️ Bump github/codeql-action from 2.22.3 to 2.22.4 (#370)
• 5208644 🔖 Release 3.3.1 (#367)
• 66966f1 ❇️ Improve the detection around some cases (#366)
• 49653a6 ⬆️ Bump actions/setup-python from 4.7.0 to 4.7.1 (#359)
• f6a66ed ⬆️ Bump pypa/cibuildwheel from 2.16.0 to 2.16.2 (#361)
• Additional commits viewable in compare view

Updates prometheus-client from 0.17.1 to 0.18.0

Release notes

Sourced from prometheus-client's releases.

0.18.0 / 2023-10-30

[CHANGE] Remove support for Python versions < 3.8. #936 [FEATURE] Add mostrecent aggregation to Gauge. #967 [ENHANCEMENT] Typing improvements. #935, #970 [ENHANCEMENT] Allow enabling or disabling _created metrics from code. #973 [BUGFIX] Change #!/usr/bin/python to #!/usr/bin/env python in remaining places. #945

Commits

• a000193 Release 0.18.0
• ea78128 Allow enabling/disabling _created metrics from code (#973)
• 546599b Add mostrecent aggregation to Gauge (#967)
• 2f6bd47 Add support for Python 3.12 (#956)
• e56cfda add restricted registry documentation (#968)
• 377e386 Merge pull request #970 from albertodonato/process-collector-param-type
• 0600a3d Mark collector parameter as optional in PlatformCollector
• cfc11d8 Mark collector parameter as optional in ProcessCollector
• 249490e Update Collector type in README.md (#963)
• 2ff5328 Filter readBody deprecation notice in tests (#947)
• Additional commits viewable in compare view

Updates sentry-sdk from 1.30.0 to 1.33.1

Release notes

Sourced from sentry-sdk's releases.

1.33.1

Various fixes & improvements

• Make parse_version work in utils.py itself. (#2474) by @​antonpirker

1.33.0

Various fixes & improvements

• New: Added error_sampler option (#2456) by @​szokeasaurusrex
• Python 3.12: Detect interpreter in shutdown state on thread spawn (#2468) by @​mitsuhiko
• Patch eventlet under Sentry SDK (#2464) by @​szokeasaurusrex
• Mitigate CPU spikes when sending lots of events with lots of data (#2449) by @​antonpirker
• Make debug option also configurable via environment (#2450) by @​antonpirker
• Make sure get_dsn_parameters is an actual function (#2441) by @​sentrivana
• Bump pytest-localserver, add compat comment (#2448) by @​sentrivana
• AWS Lambda: Update compatible runtimes for AWS Lambda layer (#2453) by @​antonpirker
• AWS Lambda: Load AWS Lambda secrets in Github CI (#2153) by @​antonpirker
• Redis: Connection attributes in redis database spans (#2398) by @​antonpirker
• Falcon: Falcon integration checks response status before reporting error (#2465) by @​szokeasaurusrex
• Quart: Support Quart 0.19 onwards (#2403) by @​pgjones
• Sanic: Sanic integration initial version (#2419) by @​szokeasaurusrex
• Django: Fix parsing of Django path patterns (#2452) by @​sentrivana
• Django: Add Django 4.2 to test suite (#2462) by @​sentrivana
• Polish changelog (#2434) by @​sentrivana
• Update CONTRIBUTING.md (#2443) by @​krishvsoni
• Update README.md (#2435) by @​sentrivana

1.32.0

Various fixes & improvements

• New: Error monitoring for some of the most popular Python GraphQL libraries:

  • Add GQL GraphQL integration (#2368) by @​szokeasaurusrex

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.gql import GQLIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    GQLIntegration(),
    ],
    )

  • Add Graphene GraphQL error integration (#2389) by @​sentrivana

    Usage:

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

1.33.1

Various fixes & improvements

• Make parse_version work in utils.py itself. (#2474) by @​antonpirker

1.33.0

Various fixes & improvements

• New: Added error_sampler option (#2456) by @​szokeasaurusrex
• Python 3.12: Detect interpreter in shutdown state on thread spawn (#2468) by @​mitsuhiko
• Patch eventlet under Sentry SDK (#2464) by @​szokeasaurusrex
• Mitigate CPU spikes when sending lots of events with lots of data (#2449) by @​antonpirker
• Make debug option also configurable via environment (#2450) by @​antonpirker
• Make sure get_dsn_parameters is an actual function (#2441) by @​sentrivana
• Bump pytest-localserver, add compat comment (#2448) by @​sentrivana
• AWS Lambda: Update compatible runtimes for AWS Lambda layer (#2453) by @​antonpirker
• AWS Lambda: Load AWS Lambda secrets in Github CI (#2153) by @​antonpirker
• Redis: Connection attributes in redis database spans (#2398) by @​antonpirker
• Falcon: Falcon integration checks response status before reporting error (#2465) by @​szokeasaurusrex
• Quart: Support Quart 0.19 onwards (#2403) by @​pgjones
• Sanic: Sanic integration initial version (#2419) by @​szokeasaurusrex
• Django: Fix parsing of Django path patterns (#2452) by @​sentrivana
• Django: Add Django 4.2 to test suite (#2462) by @​sentrivana
• Polish changelog (#2434) by @​sentrivana
• Update CONTRIBUTING.md (#2443) by @​krishvsoni
• Update README.md (#2435) by @​sentrivana

1.32.0

Various fixes & improvements

• New: Error monitoring for some of the most popular Python GraphQL libraries:

  • Add GQL GraphQL integration (#2368) by @​szokeasaurusrex

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.gql import GQLIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    GQLIntegration(),
    ],
    )

... (truncated)

Commits

• c0b231f release: 1.33.1
• 719fcba Make parse_version work in utils.py itself. (#2474)
• 7aa1331 Merge branch 'release/1.33.0'
• 83bf819 Updated changelog
• 76f9aa3 release: 1.33.0
• e0d7bb7 feat: Detect interpreter in shutdown state on thread spawn (#2468)
• 552017a Load AWS Lambda secrets in Github CI (#2153)
• 0ce9021 Fix parsing of Django path patterns (#2452)
• c1d157d fix(integrations): Falcon integration checks response status before reporting...
• 39e3556 Patch eventlet under Sentry SDK (#2464)
• Additional commits viewable in compare view

Updates typing-extensions from 4.7.1 to 4.8.0

Release notes

Sourced from typing-extensions's releases.

4.8.0

Changes since 4.7.1:

• Add typing_extensions.Doc, as proposed by PEP 727. Patch by Sebastián Ramírez.
• Drop support for Python 3.7 (including PyPy-3.7). Patch by Alex Waygood.
• Fix bug where get_original_bases() would return incorrect results when called on a concrete subclass of a generic class. Patch by Alex Waygood (backporting python/cpython#107584, by James Hilton-Balfe).
• Fix bug where ParamSpec(default=...) would raise a TypeError on Python versions <3.11. Patch by James Hilton-Balfe

No changes since 4.8.0rc1.

4.8.0rc1

• Add typing_extensions.Doc, as proposed by PEP 727. Patch by Sebastián Ramírez.
• Drop support for Python 3.7 (including PyPy-3.7). Patch by Alex Waygood.
• Fix bug where get_original_bases() would return incorrect results when called on a concrete subclass of a generic class. Patch by Alex Waygood (backporting python/cpython#107584, by James Hilton-Balfe).
• Fix bug where ParamSpec(default=...) would raise a TypeError on Python versions <3.11. Patch by James Hilton-Balfe

Changelog

Sourced from typing-extensions's changelog.

Release 4.8.0 (September 17, 2023)

No changes since 4.8.0rc1.

Release 4.8.0rc1 (September 7, 2023)

• Add typing_extensions.Doc, as proposed by PEP 727. Patch by Sebastián Ramírez.
• Drop support for Python 3.7 (including PyPy-3.7). Patch by Alex Waygood.
• Fix bug where get_original_bases() would return incorrect results when called on a concrete subclass of a generic class. Patch by Alex Waygood (backporting python/cpython#107584, by James Hilton-Balfe).
• Fix bug where ParamSpec(default=...) would raise a TypeError on Python versions <3.11. Patch by James Hilton-Balfe

Commits

• c17c499 Prepare release 4.8.0 (#283)
• df9e322 Run tests on py312 for more third-party projects (#281)
• 7e29499 Release 4.8.0rc1 (#280)
• ca2a739 Add Doc from PEP 727: https://peps.python.org/pep-0727/ (#277)
• 13c9484 Fix ParamSpec ellipsis default for <3.10 (#279)
• 4705e74 Improve documentation (#278)
• 99fa708 Backport CPython PR 107584 (#275)
• 688fbd2 Revert "Skip running cattrs tests on PyPy (#272)" (#273)
• 8dfa0a5 Skip running cattrs tests on PyPy (#272)
• 7bb3f3f Fix third-party workflow (#269)
• Additional commits viewable in compare view

Updates urllib3 from 2.0.4 to 2.0.7

Release notes

Sourced from urllib3's releases.

2.0.7

• Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)

2.0.6

• Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (GHSA-v845-jxx5-vc9f)

2.0.5

• Allowed pyOpenSSL third-party module without any deprecation warning. #3126
• Fixed default blocksize of HTTPConnection classes to match high-level classes. Previously was 8KiB, now 16KiB. #3066

Changelog

Sourced from urllib3's changelog.

2.0.7 (2023-10-17)

• Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

2.0.6 (2023-10-02)

• Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.

2.0.5 (2023-09-20)

• Allowed pyOpenSSL third-party module without any deprecation warning. ([#3126](https://github.com/urllib3/urllib3/issues/3126) <https://github.com/urllib3/urllib3/issues/3126>__)
• Fixed default blocksize of HTTPConnection classes to match high-level classes. Previously was 8KiB, now 16KiB. ([#3066](https://github.com/urllib3/urllib3/issues/3066) <https://github.com/urllib3/urllib3/issues/3066>__)

Commits

• 56f01e0 Release 2.0.7
• 4e50fbc Merge pull request from GHSA-g4mx-q9vg-27p4
• 80808b0 Fix docs build on Python 3.12 (#3144)
• f28deff Add 1.26.17 to the current changelog
• 262e3e3 Release 2.0.6
• 644124e Merge pull request from GHSA-v845-jxx5-vc9f
• 740380c Bump cryptography from 41.0.3 to 41.0.4 (#3131)
• d9f85a7 Release 2.0.5
• d41f412 Undeprecate pyOpenSSL module (#3127)
• b6c04cb Fix a link to "absolute URI" definition (#3128)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.