Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the python-packages group with 10 updates #37

Closed
wants to merge 1 commit into from
Closed

Bump the python-packages group with 10 updates #37

wants to merge 1 commit into from
+11 −11

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 21, 2024
edited
Loading

Updates the requirements on cryptography, logfire, logfire[celery,fastapi,psycopg2,requests], psycopg2, pydantic-settings, ruff, sentry-sdk, setuptools, starlette and coverage to permit the latest version.
Updates cryptography to 43.0.3

Changelog

Sourced from cryptography's changelog.

43.0.3 - 2024-10-18


* Fixed release metadata for ``cryptography-vectors``

.. _v43-0-2:


43.0.2 - 2024-10-18

  • Fixed compilation when using LibreSSL 4.0.0.

.. _v43-0-1:

43.0.1 - 2024-09-03


* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2.

.. _v43-0-0:


43.0.0 - 2024-07-20

  • BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e has been removed. Users on older version of OpenSSL will need to upgrade.
  • BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8.
  • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
  • Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
  • :func:~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still considered insecure, users should generally use a key size of 2048-bits.
  • :func:~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates now emits ASN.1 that more closely follows the recommendations in :rfc:2315.
  • Added new :doc:/hazmat/decrepit/index module which contains outdated and insecure cryptographic primitives. :class:~cryptography.hazmat.primitives.ciphers.algorithms.CAST5, :class:~cryptography.hazmat.primitives.ciphers.algorithms.SEED, :class:~cryptography.hazmat.primitives.ciphers.algorithms.IDEA, and :class:~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish, which were deprecated in 37.0.0, have been added to this module. They will be removed from the cipher module in 45.0.0.
  • Moved :class:~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES and :class:~cryptography.hazmat.primitives.ciphers.algorithms.ARC4 into :doc:/hazmat/decrepit/index and deprecated them in the cipher module. They will be removed from the cipher module in 48.0.0.
  • Added support for deterministic :class:~cryptography.hazmat.primitives.asymmetric.ec.ECDSA (:rfc:6979)
  • Added support for client certificate verification to the :mod:X.509 path validation <cryptography.x509.verification> APIs in the

... (truncated)

Commits

Updates logfire to 1.2.0

Release notes

Sourced from logfire's releases.

v1.2.0

What's Changed

Full Changelog: pydantic/logfire@v1.1.0...v1.2.0

Changelog

Sourced from logfire's changelog.

[v1.2.0] (2024-10-17)

[v1.1.0] (2024-10-14)

[v1.0.1] (2024-10-02)

[v1.0.0] (2024-09-30)

[v0.55.0] (2024-09-27)

[v0.54.0] (2024-09-26)

[v0.53.0] (2024-09-17)

[v0.52.0] (2024-09-05)

[v0.51.0] (2024-08-22)

... (truncated)

Commits

Updates logfire[celery,fastapi,psycopg2,requests] to 1.2.0

Release notes

Sourced from logfire[celery,fastapi,psycopg2,requests]'s releases.

v1.2.0

What's Changed

Full Changelog: pydantic/logfire@v1.1.0...v1.2.0

Changelog

Sourced from logfire[celery,fastapi,psycopg2,requests]'s changelog.

[v1.2.0] (2024-10-17)

[v1.1.0] (2024-10-14)

[v1.0.1] (2024-10-02)

[v1.0.0] (2024-09-30)

[v0.55.0] (2024-09-27)

[v0.54.0] (2024-09-26)

[v0.53.0] (2024-09-17)

[v0.52.0] (2024-09-05)

[v0.51.0] (2024-08-22)

... (truncated)

Commits

Updates psycopg2 to 2.9.10

Changelog

Sourced from psycopg2's changelog.

Current release

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.13.
  • Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).
  • ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.
  • Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.12.
  • Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).
  • Fix building when pg_config returns an empty string (:ticket:[#1599](https://github.com/psycopg/psycopg2/issues/1599)).
  • Wheel package bundled with OpenSSL 1.1.1v.

What's new in psycopg 2.9.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Package manylinux 2014 for aarch64 and ppc64le platforms, in order to include libpq 15 in the binary package (:ticket:[#1396](https://github.com/psycopg/psycopg2/issues/1396)).
  • Wheel package bundled with OpenSSL 1.1.1t.

What's new in psycopg 2.9.5 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.11.
  • Add support for rowcount in MERGE statements in binary packages (:ticket:[#1497](https://github.com/psycopg/psycopg2/issues/1497)).

... (truncated)

Commits

Updates pydantic-settings to 2.6.0

Release notes

Sourced from pydantic-settings's releases.

v2.6.0

What's Changed

New Contributors

Full Changelog: pydantic/pydantic-settings@v2.5.2...v2.6.0

Commits
  • eeea989 Prepare release 2.6.0 (#444)
  • a72fa73 Fix bug in dotenv source when there is env with and without prefix (#440)
  • d2e498a Add support for suppressing fields from CLI help. (#436)
  • 0d605d0 Update nested model partial update docs example. (#433)
  • 8f7653c Put tests for non-default sources in separate files (#429)
  • f3a25f2 Fix a regression in dotenv optional nested field (#423)
  • 76ba2c6 Fix context not passed to field validators bug (#417)
  • 84cab2b Add CLI App Support (#389)
  • fdd666b Fix nested model AliasChoices in validation alias (#411)
  • 9b73e92 Add cli_flag_prefix_char config option. (#418)
  • Additional commits viewable in compare view

Updates ruff from 0.6.9 to 0.7.0

Release notes

Sourced from ruff's releases.

0.7.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • The pytest rules PT001 and PT023 now default to omitting the decorator parentheses when there are no arguments (#12838, #13292). This was a change that we attempted to make in Ruff v0.6.0, but only partially made due to an error on our part. See the blog post for more details.
  • The useless-try-except rule (in our tryceratops category) has been recoded from TRY302 to TRY203 (#13502). This ensures Ruff's code is consistent with the same rule in the tryceratops linter.
  • The lint.allow-unused-imports setting has been removed (#13677). Use lint.pyflakes.allow-unused-imports instead.

Formatter preview style

  • Normalize implicit concatenated f-string quotes per part (#13539)

Preview linter features

  • [refurb] implement hardcoded-string-charset (FURB156) (#13530)
  • [refurb] Count codepoints not bytes for slice-to-remove-prefix-or-suffix (FURB188) (#13631)

Rule changes

  • [pylint] Mark PLE1141 fix as unsafe (#13629)
  • [flake8-async] Consider async generators to be "checkpoints" for cancel-scope-no-checkpoint (ASYNC100) (#13639)
  • [flake8-bugbear] Do not suggest setting parameter strict= to False in B905 diagnostic message (#13656)
  • [flake8-todos] Only flag the word "TODO", not words starting with "todo" (TD006) (#13640)
  • [pycodestyle] Fix whitespace-related false positives and false negatives inside type-parameter lists (E231, E251) (#13704)
  • [flake8-simplify] Stabilize preview behavior for SIM115 so that the rule can detect files being opened from a wider range of standard-library functions (#12959).

CLI

  • Add explanation of fixable in --statistics command (#13774)

Bug fixes

  • [pyflakes] Allow ipytest cell magic (F401) (#13745)
  • [flake8-use-pathlib] Fix PTH123 false positive when open is passed a file descriptor (#13616)
  • [flake8-bandit] Detect patterns from multi line SQL statements (S608) (#13574)
  • [flake8-pyi] - Fix dropped expressions in PYI030 autofix (#13727)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.7.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • The pytest rules PT001 and PT023 now default to omitting the decorator parentheses when there are no arguments (#12838, #13292). This was a change that we attempted to make in Ruff v0.6.0, but only partially made due to an error on our part. See the blog post for more details.
  • The useless-try-except rule (in our tryceratops category) has been recoded from TRY302 to TRY203 (#13502). This ensures Ruff's code is consistent with the same rule in the tryceratops linter.
  • The lint.allow-unused-imports setting has been removed (#13677). Use lint.pyflakes.allow-unused-imports instead.

Formatter preview style

  • Normalize implicit concatenated f-string quotes per part (#13539)

Preview linter features

  • [refurb] implement hardcoded-string-charset (FURB156) (#13530)
  • [refurb] Count codepoints not bytes for slice-to-remove-prefix-or-suffix (FURB188) (#13631)

Rule changes

  • [pylint] Mark PLE1141 fix as unsafe (#13629)
  • [flake8-async] Consider async generators to be "checkpoints" for cancel-scope-no-checkpoint (ASYNC100) (#13639)
  • [flake8-bugbear] Do not suggest setting parameter strict= to False in B905 diagnostic message (#13656)
  • [flake8-todos] Only flag the word "TODO", not words starting with "todo" (TD006) (#13640)
  • [pycodestyle] Fix whitespace-related false positives and false negatives inside type-parameter lists (E231, E251) (#13704)
  • [flake8-simplify] Stabilize preview behavior for SIM115 so that the rule can detect files being opened from a wider range of standard-library functions (#12959).

CLI

  • Add explanation of fixable in --statistics command (#13774)

Bug fixes

  • [pyflakes] Allow ipytest cell magic (F401) (#13745)
  • [flake8-use-pathlib] Fix PTH123 false positive when open is passed a file descriptor (#13616)
  • [flake8-bandit] Detect patterns from multi line SQL statements (S608) (#13574)
  • [flake8-pyi] - Fix dropped expressions in PYI030 autofix (#13727)
Commits
  • 5e6de4e Changelog for Ruff v0.7 (#13794)
  • 70e5c4a Recode TRY302 to TRY203 (#13502)
  • 9218d6b Remove allow-unused-imports setting from the common lint options (#13677)
  • 1b79ae9 [ruff-0.7] Stabilise the expansion of open-file-with-context-handler to wor...
  • 2b87587 [flake8-pytest-style] Fix defaults when lint.flake8-pytest-style config s...
  • d1e15f6 Remove tab-size setting (#12835)
  • 89a8215 Remove error messages for removed CLI aliases (#12833)
  • 202c6a6 Remove output-format=text setting (#12836)
  • 5c3c0c4 [red-knot] Inference for comparison of union types (#13781)
  • 6b7a738 Add explanation of fixable in --statistics command (#13774)
  • Additional commits viewable in compare view

Updates sentry-sdk to 2.17.0

Release notes

Sourced from sentry-sdk's releases.

2.17.0

Various fixes & improvements

Changelog

Sourced from sentry-sdk's changelog.

2.17.0

Various fixes & improvements

2.16.0

Integrations

  • Bottle: Add failed_request_status_codes (#3618) by @​szokeasaurusrex

    You can now define a set of integers that will determine which status codes should be reported to Sentry.

    sentry_sdk.init(
    integrations=[
        BottleIntegration(
            failed_request_status_codes={403, *range(500, 600)},
        )
    ]
)

    Examples of valid failed_request_status_codes:

    • {500} will only send events on HTTP 500.
    • {400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
    • {500, 503} will send events on HTTP 500 and 503.
    • set() (the empty set) will not send events for any HTTP status code.

    The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.

  • Bottle: Delete never-reached code (#3605) by @​szokeasaurusrex

  • Redis: Remove flaky test (#3626) by @​sentrivana

  • Django: Improve getting psycopg3 connection info (#3580) by @​nijel

  • Django: Add SpotlightMiddleware when Spotlight is enabled (#3600) by @​BYK

  • Django: Open relevant error when SpotlightMiddleware is on (#3614) by @​BYK

  • Django: Support http_methods_to_capture in ASGI Django (#3607) by @​sentrivana

... (truncated)

Commits

Updates setuptools to 75.2.0

Changelog

Sourced from setuptools's changelog.

v75.2.0

Features

  • Made errors when parsing Distribution data more explicit about the expected type (tuple[str, ...] | list[str]) -- by :user:Avasam (#4578)

Bugfixes

  • Fix a TypeError when a Distribution's old included attribute was a tuple -- by :user:Avasam (#4578)
  • Add workaround for bdist_wheel --dist-info-dir errors when customisation does not inherit from setuptools. (#4684)

v75.1.1

Bugfixes

  • Re-use pre-existing .dist-info dir when creating wheels via the build backend APIs (PEP 517) and the metadata_directory argument is passed -- by :user:pelson. (#1825)
  • Changed egg_info command to avoid adding an empty .egg-info directory while iterating over entry-points. This avoids triggering integration problems with importlib.metadata/importlib_metadata (reference: pypa/pyproject-hooks#206). (#4680)

v75.1.0

Features

  • Deprecated bdist_wheel.universal configuration. (#4617)

Bugfixes

  • Removed reference to upload_docs module in entry points. (#4650)

v75.0.0

Features

... (truncated)

Commits
  • 61a5a03 Bump version: 75.1.1 → 75.2.0
  • 8ad3ea7 Workaround for bdist_wheel.dist_info_dir problems (#4684)
  • 9af0877 Type sequence checks in setuptools/dist.py (#4578)
  • 0534fde Add news fragment
  • 50b732a Check for more specific error message
  • a663287 Add pragma for edge-case code path
  • 96be735 Workaround for bdist_wheel.dist_info_dir problems
  • 000a413 Deprecate public access to setuptools.dist.sequence
  • 00995c1 Use variable msg instead of tmpl in setuptools/dist
  • d457d0e Type sequence checks in setuptools/dist.py
  • Additional commits viewable in compare view

Updates starlette to 0.41.0

Release notes

Sourced from starlette's releases.

Version 0.41.0

Added

Changelog

Sourced from starlette's changelog.

0.41.0 (October 15, 2024)

Added

  • Allow to raise HTTPException before websocket.accept() #2725.

0.40.0 (October 15, 2024)

This release fixes a Denial of service (DoS) via multipart/form-data requests.

You can view the full security advisory: GHSA-f96h-pmfr-66vw

Fixed

  • Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data requests fd038f3.

0.39.2 (September 29, 2024)

Fixed

  • Allow use of request.url_for when only "app" scope is available #2672.
  • Fix internal type hints to support python-multipart==0.0.12 #2708.

0.39.1 (September 25, 2024)

Fixed

  • Avoid regex re-compilation in responses.py and schemas.py #2700.
  • Improve performance of get_route_path by removing regular expression usage #2701.
  • Consider FileResponse.chunk_size when handling multiple ranges #2703.
  • Use token_hex for generating multipart boundary strings #2702.

0.39.0 (September 23, 2024)

Added

0.38.6 (September 22, 2024)

Fixed

  • Close unclosed MemoryObjectReceiveStream in TestClient #2693.

0.38.5 (September 7, 2024)

... (truncated)

Commits

Updates coverage from 7.6.3 to 7.6.4

Changelog

Sourced from coverage's changelog.

Version 7.6.4 — 2024-10-20

  • fix: multi-line with statements could cause contained branches to be incorrectly marked as missing (issue 1880_). This is now fixed.

.. _issue 1880: nedbat/coveragepy#1880

.. _changes_7-6-3:

Commits
  • f24f76b docs: sample HTML for 7.6.4
  • 96e10f7 docs: prep for 7.6.4
  • b8c236a fix: multi-line with-statements exit correctly. #1880
  • 64b7a45 docs: another discord reference
  • 68d7427 docs: Python Discord
  • 43adcea build: include 3.14 in the usual Pythons
  • fb2b49f build: github_releases can update older releases, and pauses to get the sorti...
  • ca550ca 3.0b2 wasn't correctly titled
  • debcc77 build: bump version
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot c...

Description has been truncated

@dependabot
Bump the python-packages group with 10 updates
17f71ce 
Updates the requirements on [cryptography](https://github.com/pyca/cryptography), [logfire](https://github.com/pydantic/logfire), [logfire[celery,fastapi,psycopg2,requests]](https://github.com/pydantic/logfire), [psycopg2](https://github.com/psycopg/psycopg2), [pydantic-settings](https://github.com/pydantic/pydantic-settings), [ruff](https://github.com/astral-sh/ruff), [sentry-sdk](https://github.com/getsentry/sentry-python), [setuptools](https://github.com/pypa/setuptools), [starlette](https://github.com/encode/starlette) and [coverage](https://github.com/nedbat/coveragepy) to permit the latest version.

Updates `cryptography` to 43.0.3
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@43.0.1...43.0.3)

Updates `logfire` to 1.2.0
- [Release notes](https://github.com/pydantic/logfire/releases)
- [Changelog](https://github.com/pydantic/logfire/blob/main/CHANGELOG.md)
- [Commits](pydantic/logfire@v1.1.0...v1.2.0)

Updates `logfire[celery,fastapi,psycopg2,requests]` to 1.2.0
- [Release notes](https://github.com/pydantic/logfire/releases)
- [Changelog](https://github.com/pydantic/logfire/blob/main/CHANGELOG.md)
- [Commits](pydantic/logfire@v1.1.0...v1.2.0)

Updates `psycopg2` to 2.9.10
- [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS)
- [Commits](https://github.com/psycopg/psycopg2/commits)

Updates `pydantic-settings` to 2.6.0
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.5.2...v2.6.0)

Updates `ruff` from 0.6.9 to 0.7.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.6.9...0.7.0)

Updates `sentry-sdk` to 2.17.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.16.0...2.17.0)

Updates `setuptools` to 75.2.0
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v75.1.0...v75.2.0)

Updates `starlette` to 0.41.0
- [Release notes](https://github.com/encode/starlette/releases)
- [Changelog](https://github.com/encode/starlette/blob/master/docs/release-notes.md)
- [Commits](encode/starlette@0.40.0...0.41.0)

Updates `coverage` from 7.6.3 to 7.6.4
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@7.6.3...7.6.4)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: logfire
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: logfire[celery,fastapi,psycopg2,requests]
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: psycopg2
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: pydantic-settings
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: sentry-sdk
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: setuptools
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: starlette
  dependency-type: direct:production
  dependency-group: python-packages
- dependency-name: coverage
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 21, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 25, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Oct 25, 2024
@dependabot dependabot bot deleted the dependabot/pip/python-packages-b244fdfb8c branch October 25, 2024 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants