Scheduled weekly dependency update for week 39

[pyup-bot]

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

django	1.11.4	»	1.11.5	PyPI | Changelog | Homepage
earthengine-api	0.1.119	»	0.1.123	PyPI | Homepage
google-api-python-client	1.6.3	»	1.6.4	PyPI | Changelog | Repo
numba	0.34.0	»	0.35.0	PyPI | Changelog | Repo
pytest	3.2.1	»	3.2.2	PyPI | Changelog | Repo | Homepage
python-dotenv	0.6.5	»	0.7.1	PyPI | Changelog | Repo
rollbar	0.13.12	»	0.13.13	PyPI | Changelog | Repo
xlsxwriter	0.9.8	»	1.0.0	PyPI | Changelog | Repo

Changelogs

django 1.11.4 -> 1.11.5

1.11.5

===========================

September 5, 2017

Django 1.11.5 fixes a security issue and several bugs in 1.11.4.

CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page

In older versions, HTML autoescaping was disabled in a portion of the template
for the technical 500 debug page. Given the right circumstances, this allowed
a cross-site scripting attack. This vulnerability shouldn't affect most
production sites since you shouldn't run with DEBUG = True (which makes
this page accessible) in your production settings.

Bugfixes

• Fixed GEOS version parsing if the version has a commit hash at the end (new
  in GEOS 3.6.2) (:ticket:28441).

• Added compatibility for cx_Oracle 6 (:ticket:28498).

• Fixed select widget rendering when option values are tuples (:ticket:28502).

• Django 1.11 inadvertently changed the sequence and trigger naming scheme on
  Oracle. This causes errors on INSERTs for some tables if
  'use_returning_into': False is in the OPTIONS part of DATABASES.
  The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily
  requires an update to Oracle tables created with Django 1.11.[1-4]. Use the
  upgrade script in 🎫28451 comment 8 to update sequence and trigger
  names to use the pre-1.11 naming scheme.

• Added POST request support to LogoutView, for equivalence with the
  function-based logout() view (:ticket:28513).

• Omitted pages_per_range from BrinIndex.deconstruct() if it's None
  (:ticket:25809).

• Fixed a regression where SelectDateWidget localized the years in the
  select box (:ticket:28530).

• Fixed a regression in 1.11.4 where runserver crashed with non-Unicode
  system encodings on Python 2 + Windows (:ticket:28487).

• Fixed a regression in Django 1.10 where changes to a ManyToManyField
  weren't logged in the admin change history (:ticket:27998) and prevented
  ManyToManyField initial data in model forms from being affected by
  subsequent model changes (:ticket:28543).

• Fixed non-deterministic results or an AssertionError crash in some
  queries with multiple joins (:ticket:26522).

• Fixed a regression in contrib.auth's login() and logout() views
  where they ignored positional arguments (:ticket:28550).

===========================

google-api-python-client 1.6.3 -> 1.6.4

1.6.4

Version 1.6.4

Bugfix release

• Warn when google-auth credentials are used but google-auth-httplib2 isn't available. (443)

numba 0.34.0 -> 0.35.0

0.35.0

---

This release includes some exciting new features as part of the work
performed in partnership with Intel on ParallelAccelerator technology.
There are also some additions made to Numpy support and small but
significant fixes made as a result of considerable effort spent chasing bugs
and implementing stability improvements.

ParallelAccelerator:

NOTE: The ParallelAccelerator technology is under active development and should
be considered experimental.

New features relating to ParallelAccelerator, from work undertaken with Intel,
include support for a larger range of np.random functions in parallel
mode, printing Numpy arrays in no Python mode, the capacity to initialize Numpy
arrays directly from list comprehensions, and the axis argument to .sum().
Documentation on the ParallelAccelerator technology implementation has also
been added. Further, a large amount of work on equivalence relations was
undertaken to enable runtime checks of broadcasting behaviours in parallel mode.

ParallelAccelerator features:

• PR 2400: Array comprehension
• PR 2405: Support printing Numpy arrays
• PR 2438: from Support more np.random functions in ParallelAccelerator
• PR 2482: Support for sum with axis in nopython mode.
• PR 2487: Adding developer documentation for ParallelAccelerator technology.
• PR 2492: Core PA refactor adds assertions for broadcast semantics

ParallelAccelerator fixes:

• PR 2478: Rename cfg before parfor translation (2477)
• PR 2479: Fix broken array comprehension tests on unsupported platforms
• PR 2484: Fix array comprehension test on win64
• PR 2506: Fix for 32-bit machines.

Additional features of note:

Support for np.take, np.finfo, np.iinfo and np.MachAr in no Python
mode is added. Further, three new environment variables are added, two for
overriding CPU target/features and another to warn if parallel=True was set
no such transform was possible.

• PR 2490: Implement np.take and ndarray.take
• PR 2493: Display a warning if parallel=True is set but not possible.
• PR 2513: Add np.MachAr, np.finfo, np.iinfo
• PR 2515: Allow environ overriding of cpu target and cpu features.

Due to expansion of the test farm and a focus on fixing bugs, the following
fixes were also made.

Misc fixes/enhancements:

• PR 2455: add contextual information to runtime errors
• PR 2470: Fixes 2458, poor performance in np.median
• PR 2471: Ensure LLVM threadsafety in {g,}ufunc building.
• PR 2494: Update doc theme
• PR 2503: Remove hacky code added in 2482 and feature enhancement
• PR 2505: Serialise env mutation tests during multithreaded testing.
• PR 2520: Fix failing cpu-target override tests

CUDA support fixes:

• PR 2504: Enable CUDA toolkit version testing
• PR 2509: Disable tests generating code unavailable in lower CC versions.
• PR 2511: Fix Windows 64 bit CUDA tests.

pytest 3.2.1 -> 3.2.2

3.2.2

=========================

Bug Fixes

• Calling the deprecated request.getfuncargvalue() now shows the source of
  the call. (2681 <https://github.com/pytest-dev/pytest/issues/2681>_)

• Allow tests declared as staticmethod to use fixtures. (2699 <https://github.com/pytest-dev/pytest/issues/2699>_)

• Fixed edge-case during collection: attributes which raised pytest.fail
  when accessed would abort the entire collection. (2707 <https://github.com/pytest-dev/pytest/issues/2707>_)

• Fix ReprFuncArgs with mixed unicode and UTF-8 args. (2731 <https://github.com/pytest-dev/pytest/issues/2731>_)

Improved Documentation

• In examples on working with custom markers, add examples demonstrating the
  usage of pytest.mark.MARKER_NAME.with_args in comparison with
  pytest.mark.MARKER_NAME.__call__ (2604 <https://github.com/pytest-dev/pytest/issues/2604>_)

• In one of the simple examples, use pytest_collection_modifyitems() to skip
  tests based on a command-line option, allowing its sharing while preventing a
  user error when acessing pytest.config before the argument parsing. (2653 <https://github.com/pytest-dev/pytest/issues/2653>_)

Trivial/Internal Changes

• Fixed minor error in 'Good Practices/Manual Integration' code snippet.
  (2691 <https://github.com/pytest-dev/pytest/issues/2691>_)

• Fixed typo in goodpractices.rst. (2721 <https://github.com/pytest-dev/pytest/issues/2721>_)

• Improve user guidance regarding --resultlog deprecation. (2739 <https://github.com/pytest-dev/pytest/issues/2739>_)

rollbar 0.13.12 -> 0.13.13

0.13.13

• Add support for AWS Lambda. See 191

xlsxwriter 0.9.8 -> 1.0.0

1.0.0

---

• Added icon sets to conditional formatting. See
  :ref:working_with_conditional_formats and :ref:ex_cond_format.
  Feature request 387 <https://github.com/jmcnamara/XlsxWriter/issues/387>_.

0.9.9

---

• Added stop_if_true parameter to conditional formatting.
  Feature request 386 <https://github.com/jmcnamara/XlsxWriter/issues/386>_.

That's it for now!

Happy merging! 🤖