Draft Releases Pre-Review #1

Bumps [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) from 2.0.3 to 2.1.0. - [Release notes](https://github.com/googleapis/google-resumable-media-python/releases) - [Changelog](https://github.com/googleapis/google-resumable-media-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-resumable-media-python@v2.0.3...v2.1.0) --- updated-dependencies: - dependency-name: google-resumable-media dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [tomli](https://github.com/hukkin/tomli) from 1.2.1 to 1.2.2. - [Release notes](https://github.com/hukkin/tomli/releases) - [Changelog](https://github.com/hukkin/tomli/blob/master/CHANGELOG.md) - [Commits](hukkin/tomli@1.2.1...1.2.2) --- updated-dependencies: - dependency-name: tomli dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [factory-boy](https://github.com/FactoryBoy/factory_boy) from 3.2.0 to 3.2.1. - [Release notes](https://github.com/FactoryBoy/factory_boy/releases) - [Changelog](https://github.com/FactoryBoy/factory_boy/blob/3.2.1/docs/changelog.rst) - [Commits](FactoryBoy/factory_boy@3.2.0...3.2.1) --- updated-dependencies: - dependency-name: factory-boy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Bump pyramid-multiauth from 1.0.0 to 1.0.1 Bumps [pyramid-multiauth](https://github.com/mozilla-services/pyramid_multiauth) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/mozilla-services/pyramid_multiauth/releases) - [Changelog](https://github.com/mozilla-services/pyramid_multiauth/blob/master/CHANGES.txt) - [Commits](mozilla-services/pyramid_multiauth@1.0.0...1.0.1) --- updated-dependencies: - dependency-name: pyramid-multiauth dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Use dash instead of underscore Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 3.19.0 to 3.19.1. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/master/generate_changelog.py) - [Commits](protocolbuffers/protobuf@v3.19.0...v3.19.1) --- updated-dependencies: - dependency-name: protobuf dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [importlib-resources](https://github.com/python/importlib_resources) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/python/importlib_resources/releases) - [Changelog](https://github.com/python/importlib_resources/blob/main/CHANGES.rst) - [Commits](python/importlib_resources@v5.3.0...v5.4.0) --- updated-dependencies: - dependency-name: importlib-resources dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [black](https://github.com/psf/black) from 21.9b0 to 21.10b0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/commits) --- updated-dependencies: - dependency-name: black dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [packaging](https://github.com/pypa/packaging) from 21.0 to 21.2. - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@21.0...21.2) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.3.0 to 2.3.3. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.3.0...v2.3.3) --- updated-dependencies: - dependency-name: google-auth dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [lxml](https://github.com/lxml/lxml) from 4.6.3 to 4.6.4. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.6.3...lxml-4.6.4) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [py](https://github.com/pytest-dev/py) from 1.10.0 to 1.11.0. - [Release notes](https://github.com/pytest-dev/py/releases) - [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/py@1.10.0...1.11.0) --- updated-dependencies: - dependency-name: py dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [pbr](https://docs.openstack.org/pbr/latest/) from 5.6.0 to 5.7.0. --- updated-dependencies: - dependency-name: pbr dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [google-cloud-bigquery](https://github.com/googleapis/python-bigquery) from 2.28.1 to 2.30.1. - [Release notes](https://github.com/googleapis/python-bigquery/releases) - [Changelog](https://github.com/googleapis/python-bigquery/blob/main/CHANGELOG.md) - [Commits](googleapis/python-bigquery@v2.28.1...v2.30.1) --- updated-dependencies: - dependency-name: google-cloud-bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [pycparser](https://github.com/eliben/pycparser) from 2.20 to 2.21. - [Release notes](https://github.com/eliben/pycparser/releases) - [Changelog](https://github.com/eliben/pycparser/blob/master/CHANGES) - [Commits](eliben/pycparser@release_v2.20...release_v2.21) --- updated-dependencies: - dependency-name: pycparser dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [botocore](https://github.com/boto/botocore) from 1.22.0 to 1.22.12. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.22.0...1.22.12) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [isort](https://github.com/pycqa/isort) from 5.9.3 to 5.10.1. - [Release notes](https://github.com/pycqa/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](PyCQA/isort@5.9.3...5.10.1) --- updated-dependencies: - dependency-name: isort dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Follows on from pypi#9979 - Updates CSP for connect-src used for placement view reporting - Tweaks CSS to better style/differentiate logo placement

Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2021.10.20 to 2021.11.17. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Until all `make` targets are built in containers, a new contributor will stumble on this error and there's nothing in the docs that tell you what you need. Refs: pypi#4948 Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* Set supported browsers as configuration As noted in the frontend development docs, the development target supports current version and one back, plus some other versions. As frontend tooling will generate code based on capabilities, create a configuration item that confirms to the documentation. This key will inform packages that use `browserslist`, which in turn use `caniuse-lite` to generate output code, so having the setting in place helps confirm to the documentation. Refs: https://github.com/browserslist/browserslist#packagejson Refs: https://warehouse.pypa.io/development/frontend.html#browser-support Note: The defaults that are currently in place without this configuration are: '> 0.5%', 'last 2 versions', 'Firefox ESR', 'not dead' The difference from defaults and this one is: $ diff defaults.txt warehouse.txt 9,11d8 < chrome 94 < chrome 93 < chrome 92 16,18d12 < firefox 92 < firefox 91 < firefox 78 22,23d15 < ios_saf 14.0-14.4 < ios_saf 12.2-12.5 29d20 < opera 79 32a24 > safari 14 33a26,34 > safari 13 > safari 12.1 > safari 12 > safari 11.1 > safari 11 > safari 10.1 > safari 10 > safari 9.1 > safari 9 Once merged, this should be followed with a change based on running: npx browserslist@latest --update-db which will update `package-lock.json` with the updated browser versions based on the configuration - something that should be run periodically. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Remove static table, config. Add note. Signed-off-by: Mike Fiedler <miketheman@gmail.com>

Bumps [cryptography](https://github.com/pyca/cryptography) from 35.0.0 to 36.0.0. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@35.0.0...36.0.0) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.0.2 to 6.1.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.0.2...6.1.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [structlog](https://github.com/hynek/structlog) from 21.2.0 to 21.3.0. - [Release notes](https://github.com/hynek/structlog/releases) - [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.rst) - [Commits](hynek/structlog@21.2.0...21.3.0) --- updated-dependencies: - dependency-name: structlog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [structlog](https://github.com/hynek/structlog) from 21.3.0 to 21.4.0. - [Release notes](https://github.com/hynek/structlog/releases) - [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.rst) - [Commits](hynek/structlog@21.3.0...21.4.0) --- updated-dependencies: - dependency-name: structlog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.1 to 4.8.2. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) - [Commits](python/importlib_metadata@v4.8.1...v4.8.2) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add controller for search focus for slash keypress While having the search key autofocus is forbidden, having a keypress focus the search field is a desirable feature. Add a new Stumulus Controller that listens to the `/` keypress and focuses the input on the search field. Note: Currently applies only to the home page. Refs: pypi#6099 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * refactor: use stimulus action instead of a listener Instead of registering a listener, use an action to inform the controller to take an action. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * feat: add search focus to base template In order to prevent the feature from taking over other input fields, only activate when NOT in an input field, so the `/` key can be used in any input field and not interfere with inputs. Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* Fix PytestCollectionWarning When collecting tests, this class raises a warning since it's named `Test*`: PytestCollectionWarning: cannot collect test class 'TestAdminFlagValues' because it has a __new__ constructor Set an attribute that informs pytest to ignore this class, and thus remove the warning. Refs: https://docs.pytest.org/en/6.2.x/example/pythoncollection.html#customizing-test-collection (last lines) Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Fix PytestDeprecationWarning Current test warns: PytestDeprecationWarning: The --strict option is deprecated, use --strict-markers instead. Marked as deprecated in pytest-dev/pytest#7985 Released in pytest 6.2.0 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Fix DeprecationWarning pyramid import The import paths for these modules has changed in Pyramid 2.0, and raises warnings. There are other Pyramid 2.0 warnings, but are more involved than changing an import path, and should be addressed as another commit. Refs: Pylons/pyramid#3563 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Fix DeprecationWarning for jinja.contextfilter A few instances of this warning are raised: DeprecationWarning: 'contextfilter' is renamed to 'pass_context', the old name will be removed in Jinja 3.1. Replace the usages accordingly. Refs: pallets/jinja#1389 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Fix DeprecationWarning for jinja.Markup The pass-through import of markup.Markup() has been deprecated in Jinja 3.0, and will be removed in Jinja 3.1. Warnings raised: DeprecationWarning: 'jinja2.Markup' is deprecated and will be removed in Jinja 3.1. Import 'markupsafe.Markup' instead. Replace the import paths. TODO: Determine if the requirements/main.in needs to be changed as well. Refs: pallets/jinja#1391 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Fix DeprecationWarning for babel.numbers.from_number Warnings raised: DeprecationWarning: Use babel.numbers.format_decimal() instead. Deprecated since 2.6.0 Refs: python-babel/babel#538 Signed-off-by: Mike Fiedler <miketheman@gmail.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: moto kawasaki <moto@kawasaki3.org> Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: moto kawasaki <moto@kawasaki3.org>

Bumps [jinja2](https://github.com/pallets/jinja) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](pallets/jinja@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [imagesize](https://github.com/shibukawa/imagesize_py) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/shibukawa/imagesize_py/releases) - [Commits](shibukawa/imagesize_py@1.2.0...1.3.0) --- updated-dependencies: - dependency-name: imagesize dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [proto-plus](https://github.com/googleapis/proto-plus-python) from 1.19.5 to 1.19.8. - [Release notes](https://github.com/googleapis/proto-plus-python/releases) - [Changelog](https://github.com/googleapis/proto-plus-python/blob/main/CHANGELOG.md) - [Commits](googleapis/proto-plus-python@v1.19.5...v1.19.8) --- updated-dependencies: - dependency-name: proto-plus dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [regex](https://github.com/mrabarnett/mrab-regex) from 2021.10.21 to 2021.11.10. - [Release notes](https://github.com/mrabarnett/mrab-regex/releases) - [Commits](https://github.com/mrabarnett/mrab-regex/commits) --- updated-dependencies: - dependency-name: regex dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [doc8](https://github.com/pycqa/doc8) from 0.9.1 to 0.10.1. - [Release notes](https://github.com/pycqa/doc8/releases) - [Commits](PyCQA/doc8@0.9.1...0.10.1) --- updated-dependencies: - dependency-name: doc8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [google-cloud-core](https://github.com/googleapis/python-cloud-core) from 2.1.0 to 2.2.1. - [Release notes](https://github.com/googleapis/python-cloud-core/releases) - [Changelog](https://github.com/googleapis/python-cloud-core/blob/main/CHANGELOG.md) - [Commits](googleapis/python-cloud-core@v2.1.0...v2.2.1) --- updated-dependencies: - dependency-name: google-cloud-core dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [elasticsearch](https://github.com/elastic/elasticsearch-py) from 7.10.1 to 7.15.2. - [Release notes](https://github.com/elastic/elasticsearch-py/releases) - [Commits](elastic/elasticsearch-py@v7.10.1...v7.15.2) --- updated-dependencies: - dependency-name: elasticsearch dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

…10426) This reverts commit f921d0b.

Bumps [alembic](https://alembic.sqlalchemy.org) from 1.7.4 to 1.7.5. --- updated-dependencies: - dependency-name: alembic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [soupsieve](https://github.com/facelessuser/soupsieve) from 2.2.1 to 2.3.1. - [Release notes](https://github.com/facelessuser/soupsieve/releases) - [Commits](facelessuser/soupsieve@2.2.1...2.3.1) --- updated-dependencies: - dependency-name: soupsieve dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.1 to 2.9.2. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [disposable-email-domains](https://github.com/disposable-email-domains/disposable-email-domains) from 0.0.65 to 0.0.66. - [Release notes](https://github.com/disposable-email-domains/disposable-email-domains/releases) - [Commits](https://github.com/disposable-email-domains/disposable-email-domains/commits) --- updated-dependencies: - dependency-name: disposable-email-domains dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [snowballstemmer](https://github.com/snowballstem/snowball) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/snowballstem/snowball/releases) - [Changelog](https://github.com/snowballstem/snowball/blob/master/NEWS) - [Commits](snowballstem/snowball@v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: snowballstemmer dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [responses](https://github.com/getsentry/responses) from 0.14.0 to 0.16.0. - [Release notes](https://github.com/getsentry/responses/releases) - [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES) - [Commits](getsentry/responses@0.14.0...0.16.0) --- updated-dependencies: - dependency-name: responses dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.4.3 to 1.5.0. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.4.3...1.5.0) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [black](https://github.com/psf/black) from 21.10b0 to 21.11b1. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/commits) --- updated-dependencies: - dependency-name: black dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [packaging](https://github.com/pypa/packaging) from 21.2 to 21.3. - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@21.2...21.3) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* api-reference/json: document `vulnerabilities` in responses * api-reference/json: clarify `vulnerabilities` response

* Refactor accounts factories * Refactor admin factories * Refactor banners factories * Refactor malware factories * Refactor ses factories * Refactor sponsors factories * Refactor packaging factories * Remove custom fuzzy methods which are no longer necessary * Reduce probability of unique constraint violation on malware name * refactor vulnerability record The factory is used in one test for the legacy API, and passes in static values for each attribute, so the `faker` usage isn't really invoked. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * refactor test to use faker directly As we're not actually using a factory object for the input here, use the faker class directly to obtain a random string. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: update timestamp selection criteria There's little context as to why the "timestamp - 1" was selected, but with the change away from the deprecated `FuzzyDateTime` class in favor of `faker.Faker` objects, there is no longer a microsecond-level precision from the generated objects. Removing the one-second subtraction from the `since` variable passes the tests. See: joke2k/faker#1301 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: enforce unique generation of filenames When generating a sufficiently large set of filenames, we saw collisions in the database persistence, as they are expected to be unique. The factory.Faker() interface doesn't currently provide us a hook to use the underlying `faker.unique...` interface, so we have to use it ourselves for now. A comment in the code links to the current open issue. Signed-off-by: Mike Fiedler <miketheman@gmail.com> Co-authored-by: Bernardo Fontes <bernardoxhc@gmail.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

…nnning. Ref pypi#10432. (pypi#10433) Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* add natsort dependency to project Signed-off-by: Mike Fiedler <miketheman@gmail.com> * add failing test to express desired behavior Signed-off-by: Mike Fiedler <miketheman@gmail.com> * add natural sorting to files passed to template Signed-off-by: Mike Fiedler <miketheman@gmail.com>

This is a clearer presentation, and does not indicate that there's some text that isn't visible.

* Add length validator for user display name * Update translations

Co-authored-by: Hosted Weblate <hosted@weblate.org> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse

Bumps [argon2-cffi](https://github.com/hynek/argon2-cffi) from 21.1.0 to 21.2.0. - [Release notes](https://github.com/hynek/argon2-cffi/releases) - [Changelog](https://github.com/hynek/argon2-cffi/blob/main/CHANGELOG.md) - [Commits](hynek/argon2-cffi@21.1.0...21.2.0) --- updated-dependencies: - dependency-name: argon2-cffi dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [boto3](https://github.com/boto/boto3) from 1.19.0 to 1.20.22. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.19.0...1.20.22) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [grpcio-status](https://grpc.io) from 1.41.1 to 1.42.0. --- updated-dependencies: - dependency-name: grpcio-status dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [mako](https://github.com/sqlalchemy/mako) from 1.1.5 to 1.1.6. - [Release notes](https://github.com/sqlalchemy/mako/releases) - [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/mako/commits) --- updated-dependencies: - dependency-name: mako dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [grpcio](https://github.com/grpc/grpc) from 1.41.1 to 1.42.0. - [Release notes](https://github.com/grpc/grpc/releases) - [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md) - [Commits](grpc/grpc@v1.41.1...v1.42.0) --- updated-dependencies: - dependency-name: grpcio dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 1.42.3 to 1.43.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](googleapis/python-storage@v1.42.3...v1.43.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [pbr](https://docs.openstack.org/pbr/latest/) from 5.7.0 to 5.8.0. --- updated-dependencies: - dependency-name: pbr dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [typeguard](https://github.com/agronholm/typeguard) from 2.13.0 to 2.13.2. - [Release notes](https://github.com/agronholm/typeguard/releases) - [Changelog](https://github.com/agronholm/typeguard/blob/master/docs/versionhistory.rst) - [Commits](agronholm/typeguard@2.13.0...2.13.2) --- updated-dependencies: - dependency-name: typeguard dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Workaround for pip bug * Remove fix-google-deps workaround

Bumps [msgpack](https://github.com/msgpack/msgpack-python) from 1.0.2 to 1.0.3. - [Release notes](https://github.com/msgpack/msgpack-python/releases) - [Changelog](https://github.com/msgpack/msgpack-python/blob/main/ChangeLog.rst) - [Commits](msgpack/msgpack-python@v1.0.2...v1.0.3) --- updated-dependencies: - dependency-name: msgpack dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [rsa](https://github.com/sybrenstuvel/python-rsa) from 4.7.2 to 4.8. - [Release notes](https://github.com/sybrenstuvel/python-rsa/releases) - [Changelog](https://github.com/sybrenstuvel/python-rsa/blob/main/CHANGELOG.md) - [Commits](sybrenstuvel/python-rsa@version-4.7.2...version-4.8) --- updated-dependencies: - dependency-name: rsa dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [limits](https://github.com/alisaifee/limits) from 1.5.1 to 2.0.3. - [Release notes](https://github.com/alisaifee/limits/releases) - [Changelog](https://github.com/alisaifee/limits/blob/master/HISTORY.rst) - [Commits](https://github.com/alisaifee/limits/commits) --- updated-dependencies: - dependency-name: limits dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 4.2.0 to 4.3.1. - [Release notes](https://github.com/sphinx-doc/sphinx/releases) - [Changelog](https://github.com/sphinx-doc/sphinx/blob/4.x/CHANGES) - [Commits](sphinx-doc/sphinx@v4.2.0...v4.3.1) --- updated-dependencies: - dependency-name: sphinx dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [fakeredis](https://github.com/jamesls/fakeredis) from 1.6.1 to 1.7.0. - [Release notes](https://github.com/jamesls/fakeredis/releases) - [Commits](jamesls/fakeredis@1.6.1...1.7.0) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.2 to 6.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.1.2...6.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [typing-extensions](https://github.com/python/typing) from 3.10.0.2 to 4.0.1. - [Release notes](https://github.com/python/typing/releases) - [Changelog](https://github.com/python/typing/blob/master/typing_extensions/CHANGELOG) - [Commits](https://github.com/python/typing/commits) --- updated-dependencies: - dependency-name: typing-extensions dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [google-cloud-bigquery](https://github.com/googleapis/python-bigquery) from 2.30.1 to 2.31.0. - [Release notes](https://github.com/googleapis/python-bigquery/releases) - [Changelog](https://github.com/googleapis/python-bigquery/blob/main/CHANGELOG.md) - [Commits](googleapis/python-bigquery@v2.30.1...v2.31.0) --- updated-dependencies: - dependency-name: google-cloud-bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [mistune](https://github.com/lepture/mistune) from 0.8.4 to 2.0.0. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/master/docs/changes.rst) - [Commits](lepture/mistune@v0.8.4...v2.0.0) --- updated-dependencies: - dependency-name: mistune dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [charset-normalizer](https://github.com/ousret/charset_normalizer) from 2.0.7 to 2.0.9. - [Release notes](https://github.com/ousret/charset_normalizer/releases) - [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md) - [Commits](jawah/charset_normalizer@2.0.7...2.0.9) --- updated-dependencies: - dependency-name: charset-normalizer dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [black](https://github.com/psf/black) from 21.11b1 to 21.12b0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/commits) --- updated-dependencies: - dependency-name: black dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [sqlalchemy[asyncio]](https://github.com/sqlalchemy/sqlalchemy) from 1.4.27 to 1.4.28. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy[asyncio] dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [faker](https://github.com/joke2k/faker) from 9.5.1 to 10.0.0. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v9.5.1...v10.0.0) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [datadog](https://github.com/DataDog/datadogpy) from 0.42.0 to 0.43.0. - [Release notes](https://github.com/DataDog/datadogpy/releases) - [Changelog](https://github.com/DataDog/datadogpy/blob/master/CHANGELOG.md) - [Commits](DataDog/datadogpy@v0.42.0...v0.43.0) --- updated-dependencies: - dependency-name: datadog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [googleapis-common-protos](https://github.com/googleapis/python-api-common-protos) from 1.53.0 to 1.54.0. - [Release notes](https://github.com/googleapis/python-api-common-protos/releases) - [Changelog](https://github.com/googleapis/python-api-common-protos/blob/main/CHANGELOG.md) - [Commits](googleapis/python-api-common-protos@v1.53.0...v1.54.0) --- updated-dependencies: - dependency-name: googleapis-common-protos dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [botocore](https://github.com/boto/botocore) from 1.23.22 to 1.23.23. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.23.22...1.23.23) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [boto3](https://github.com/boto/boto3) from 1.20.22 to 1.20.23. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.20.22...1.20.23) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [disposable-email-domains](https://github.com/disposable-email-domains/disposable-email-domains) from 0.0.66 to 0.0.67. - [Release notes](https://github.com/disposable-email-domains/disposable-email-domains/releases) - [Commits](https://github.com/disposable-email-domains/disposable-email-domains/commits) --- updated-dependencies: - dependency-name: disposable-email-domains dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [natsort](https://github.com/SethMMorton/natsort) from 8.0.0 to 8.0.1. - [Release notes](https://github.com/SethMMorton/natsort/releases) - [Changelog](https://github.com/SethMMorton/natsort/blob/master/CHANGELOG.md) - [Commits](SethMMorton/natsort@8.0.0...8.0.1) --- updated-dependencies: - dependency-name: natsort dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [setuptools](https://github.com/pypa/setuptools) from 58.2.0 to 59.6.0. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v58.2.0...v59.6.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [argon2-cffi](https://github.com/hynek/argon2-cffi) from 21.2.0 to 21.3.0. - [Release notes](https://github.com/hynek/argon2-cffi/releases) - [Changelog](https://github.com/hynek/argon2-cffi/blob/main/CHANGELOG.md) - [Commits](hynek/argon2-cffi@21.2.0...21.3.0) --- updated-dependencies: - dependency-name: argon2-cffi dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [typeguard](https://github.com/agronholm/typeguard) from 2.13.2 to 2.13.3. - [Release notes](https://github.com/agronholm/typeguard/releases) - [Changelog](https://github.com/agronholm/typeguard/blob/master/docs/versionhistory.rst) - [Commits](agronholm/typeguard@2.13.2...2.13.3) --- updated-dependencies: - dependency-name: typeguard dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [lxml](https://github.com/lxml/lxml) from 4.6.4 to 4.6.5. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.6.4...lxml-4.6.5) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.0 to 1.5.1. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.0...1.5.1) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [readme-renderer[md]](https://github.com/pypa/readme_renderer) from 30.0 to 32.0. - [Release notes](https://github.com/pypa/readme_renderer/releases) - [Changelog](https://github.com/pypa/readme_renderer/blob/main/CHANGES.rst) - [Commits](pypa/readme_renderer@30.0...32.0) --- updated-dependencies: - dependency-name: readme-renderer[md] dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Update EA client to the latest non-beta version We have shipped the features that were originally in our beta client for the PSF into our main client. This PR updates the client version to use the released version. * update CSP for new ethicalads client Co-authored-by: Eric Holscher <25510+ericholscher@users.noreply.github.com>

Bumps [cryptography](https://github.com/pyca/cryptography) from 36.0.0 to 36.0.1. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@36.0.0...36.0.1) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade webauthn * Upgrade to webauthn 1.x api * rename/unpack iterable more clearly. Co-authored-by: Dustin Ingram <di@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Skip GCS upload if blob exists * Update comment * Send message to Sentry on skip

* Block registration of 'ultranormalized' names * Create an index over ultranormalize_name * Update warehouse/migrations/versions/d18d443f89f0_ultranormalize_name_function.py * update help, differentiate message for ultranormalized collisions Co-authored-by: Ee Durbin <ewdurbin@gmail.com>

Simple is an API endpoint, and redirects can be costly to our backends. It _also_ could lead to people relying on this undocumented URL.

…t/legacy (pypi#10508) * limit length of response status line for _exc_with_message in forklift/legacy * Update warehouse/forklift/legacy.py Co-authored-by: Dustin Ingram <di@users.noreply.github.com> * fix test Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Add missing indexes for commonly used Foreign Keys These aren't automatically created, so for many of these large tables we are doing sequential scans when accessing the relation * lint

Since DataDog/datadogpy#692, datadog emits the following logs for every request: ``` pypi-warehouse-web-84cff6b7c7-w7brv web {"logger": "datadog.dogstatsd", "level": "INFO", "event": "Statsd buffering is disabled", "thread": 140486667159360} pypi-warehouse-web-84cff6b7c7-w7brv web {"logger": "datadog.dogstatsd", "level": "INFO", "event": "Statsd periodic buffer flush is disabled", "thread": 140486667159360} ``` This sets the log level to silence these and clean up production logs.

* chore: replace deprecated scalar method SQLAlchemy 1.4.x deprecated the `.as_scalar()` method and replaced it with `.scalar_subquery()` and issued a `SADeprecationWarning`. Refs: https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#change-f413ff8c13a1fb7d766bfa16dfcdfbf1 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: ignore InsecureStorageWarning When another class was added, it wasn't excluded from the warnings report. Refs: pypi#9792 Original ignore: pypi#4360 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: ignore CIText warnings in test output The updated SQLAlchemy library now emits 2,000+ warnings for CIText(). I've opened an issue on the responsible repo. Refs: mahmoudimus/sqlalchemy-citext#25 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: filter out known legacy behavior in test The test case knowingly creates invalid versions, and the code handles them by performing some extra validation, and throws the error. Suppress the warnings for creating `LegacyVersion`. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: filter out SAWarning for invalidation The collections used in the test case are intentionally being modified. Signed-off-by: Mike Fiedler <miketheman@gmail.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Remove Sentry for frontend JS * Update translations

Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2021.11.17 to 2022.1.3. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2022.1.3 to 2022.1.6. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5. - [Release notes](https://github.com/gulpjs/copy-props/releases) - [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md) - [Commits](gulpjs/copy-props@2.0.4...2.0.5) --- updated-dependencies: - dependency-name: copy-props dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump celery from 4.4.7 to 5.2.2 in /requirements Bumps [celery](https://github.com/celery/celery) from 4.4.7 to 5.2.2. - [Release notes](https://github.com/celery/celery/releases) - [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst) - [Commits](celery/celery@v4.4.7...v5.2.2) --- updated-dependencies: - dependency-name: celery dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * celery 5.2.2 upgrade pushes our lower version bound up to 5.2.2 and includes extra. cleans up "BROKER_URL" environment variable to keep the celery CLI from consuming it, see pypi#10566 (comment) * lint 😅 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ee Durbin <ewdurbin@gmail.com>

Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Arsalan Dehghani <arsalan.dehghani@gmail.com> Co-authored-by: Bellucci Francesca <firewings29@gmail.com> Co-authored-by: Eric <spice2wolf@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: John Lester L. Licayan <johnlesterincbusiness@gmail.com> Co-authored-by: Michal Juszczyk <michaljuszczyk2+pypi@gmail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Stefano Pigozzi <ste.pigozzi@gmail.com> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: YangYulin <yylteam@icloud.com> Co-authored-by: m-aciek <maciej.olko@gmail.com> Co-authored-by: moto kawasaki <moto@kawasaki3.org> Co-authored-by: ssantos <ssantos@web.de> Co-authored-by: tommyliu313 <liuchaktin@gmail.com> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Arsalan Dehghani <arsalan.dehghani@gmail.com> Co-authored-by: Bellucci Francesca <firewings29@gmail.com> Co-authored-by: Eric <spice2wolf@gmail.com> Co-authored-by: John Lester L. Licayan <johnlesterincbusiness@gmail.com> Co-authored-by: Michal Juszczyk <michaljuszczyk2+pypi@gmail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Stefano Pigozzi <ste.pigozzi@gmail.com> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: YangYulin <yylteam@icloud.com> Co-authored-by: m-aciek <maciej.olko@gmail.com> Co-authored-by: moto kawasaki <moto@kawasaki3.org> Co-authored-by: ssantos <ssantos@web.de> Co-authored-by: tommyliu313 <liuchaktin@gmail.com>

* python-version: bump to 3.8.9 * ci, Dockerfile: bump Python versions

…pi#10627) `make build` can fail on macOS if `pg_config` isn't installed, which it isn't by default. This patch updates the docs to include troubleshooting steps for installing `pg_config` (via `libpq` via `brew`) on macOS.

…ypi#10611) * Update pytest-postgresql to 3.1.2 * Fix database fixture in case there's no leftover database left in postgresql * Update .github/dependabot.yml Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Add separate view/route for managing 2FA * Add TwoFactorRequireable mixin * Add a TwoFactorAuthorizationPolicy * Replace 'manage' button when project requires 2FA * Update translations * Don't need to rename this variable * Surface additional context for who is requiring 2FA

Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: John Lester L. Licayan <johnlesterincbusiness@gmail.com> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: John Lester L. Licayan <johnlesterincbusiness@gmail.com>

Bumps [pynacl](https://github.com/pyca/pynacl) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/pyca/pynacl/releases) - [Changelog](https://github.com/pyca/pynacl/blob/main/CHANGELOG.rst) - [Commits](pyca/pynacl@1.4.0...1.5.0) --- updated-dependencies: - dependency-name: pynacl dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.2.0 to 1.2.1. - [Release notes](https://github.com/duo-labs/py_webauthn/releases) - [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md) - [Commits](duo-labs/py_webauthn@v1.2.0...v1.2.1) --- updated-dependencies: - dependency-name: webauthn dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Remove admin-specific login/logout routes * Add additional guard

* Split sdists and bdists * Revamp downloads table * Update translations

…etail page for a project (pypi#8586) * helper function to render and hash simple detail for a specific project * use the existing Jinja2 environment * file storage * format with black * store hashed project indexes at `/simple/<HASH>.<PROJECT_NAME>` as discussed also store unhashed index as normal * add 'simple.backend' config for tests * add a jinja renderer to pyramid_request fixture * restore tests for existing functionality * test new SimpleStorage services * license * test render_simple_index utility * Update warehouse/packaging/utils.py * Update warehouse/packaging/utils.py * fix tests, store last serial information on metadata of simple files * reformat/lint * Remove print statement * Add flush * Fix tests * Simpflify duplication in storage services Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Add a failing test * Remove support for legacy paths

* python-version: bump to 3.8.9 * ci, Dockerfile: bump Python versions * requirements, warehouse: dependencies, skeleton for JWKs * warehouse/oidc: format * config, oidc, utils: fill in more groundwork * warehouse: add a basic `warehouse oidc` CLI, redis caching * tasks: remove the separate OIDC queue These should be very fast, and thus don't need a separate queue. * warehouse: decompose OIDC urls a bit It makes more sense to have the OIDC_PROVIDERS map be a map of names to issuer FQDNs, so that we don't have to store that information elsewhere. * warehouse/utils: docs * warehouse: refactor JWKs to fetch on first use * tests/unit: fix config test * Update requirements/main.txt Co-authored-by: Dustin Ingram <di@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Dustin Ingram <di@users.noreply.github.com> * warehouse: refactor JWKService Adds a service factory for creating per-provider services. * oidc/services: appease flake8 * warehouse: add metrics to JWKService, rewrite CLI * warehouse/cli: remove oidc subcommand This is no longer useful. * warehouse: rename JWKService to OIDCProviderService, refactor * warehouse/oidc: fix init * warehouse: remove oidc.utils, refactor * warehouse/oidc: re-add provider attribute * tests: unit tests for warehouse.oidc.services Fixes small bugs in the process. Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Add timestamp to recovery codes filename * Validate password with require_reauth instead * Don't require 2FA before recovery codes * Refactor 2FA section * Make button line-height the same as anchor * Fix button formatting * Continue to 2FA-only page instead * Don't need to pass ip_address around * Refactor recovery code logic for try/except flow This makes it easier to return more detailed errors than 'false' from the logic here. Raising exceptions also makes it more likely that we won't forget to act on a return value in a failure case here. * Add RecoveryCode.burned timestamp * Mark recovery codes as burned instead of deleting This makes it easier for us to tell when a user has burned a code. * Fix tests * Include username in recovery codes filename * Send emails on recovery code use and regeneration * Allow configurable reauth period * Remove unused import * Fix an issue with regeneration Mixing 'require_reauth' and POST requests doesn't work. Since code generation was already a GET request, and because this will always be behind a 10s reauthentication, switch this to a GET request. * Update translations

* Remove remote_addr argument from UserService calls * Update translations * Fix tests

* Add User.has_burned_recovery_codes * Switch responses from 403 to 303 * Add route for burning recovery code * Redirect if code hasn't been burned * Continue to burn recovery code after generation * Show callout in 2FA section if code hasn't been burned * Show banner if codes haven't been generated * Apply suggestions from code review Co-authored-by: Ee Durbin <ewdurbin@gmail.com> * Update translations Co-authored-by: Ee Durbin <ewdurbin@gmail.com>

Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Amit Senouf <amit9021@gmail.com> Co-authored-by: Cryptex <alvinsze837@gmail.com> Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Kamoldinov Farohiddin <Kfldm2255@gmail.com> Co-authored-by: Kevin Wong <wdd1330274738@gmail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: m-aciek <maciej.olko@gmail.com> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Amit Senouf <amit9021@gmail.com> Co-authored-by: Cryptex <alvinsze837@gmail.com> Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Kamoldinov Farohiddin <Kfldm2255@gmail.com> Co-authored-by: Kevin Wong <wdd1330274738@gmail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: m-aciek <maciej.olko@gmail.com>

Bumps [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) from 2.1.0 to 2.2.1. - [Release notes](https://github.com/googleapis/google-resumable-media-python/releases) - [Changelog](https://github.com/googleapis/google-resumable-media-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-resumable-media-python@v2.1.0...v2.2.1) --- updated-dependencies: - dependency-name: google-resumable-media dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [whitenoise](https://github.com/evansd/whitenoise) from 5.3.0 to 6.0.0. - [Release notes](https://github.com/evansd/whitenoise/releases) - [Changelog](https://github.com/evansd/whitenoise/blob/master/docs/changelog.rst) - [Commits](evansd/whitenoise@v5.3.0...6.0.0) --- updated-dependencies: - dependency-name: whitenoise dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [mirakuru](https://github.com/ClearcodeHQ/mirakuru) from 2.4.1 to 2.4.2. - [Release notes](https://github.com/ClearcodeHQ/mirakuru/releases) - [Changelog](https://github.com/ClearcodeHQ/mirakuru/blob/main/CHANGES.rst) - [Commits](ClearcodeHQ/mirakuru@v2.4.1...v2.4.2) --- updated-dependencies: - dependency-name: mirakuru dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [faker](https://github.com/joke2k/faker) from 10.0.0 to 12.2.0. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v10.0.0...v12.2.0) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/platformdirs/platformdirs/releases) - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst) - [Commits](tox-dev/platformdirs@2.4.0...2.5.0) --- updated-dependencies: - dependency-name: platformdirs dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [boto3](https://github.com/boto/boto3) from 1.20.23 to 1.20.52. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.20.23...1.20.52) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Bump tomli from 1.2.2 to 1.2.3 Bumps [tomli](https://github.com/hukkin/tomli) from 1.2.2 to 1.2.3. - [Release notes](https://github.com/hukkin/tomli/releases) - [Changelog](https://github.com/hukkin/tomli/blob/master/CHANGELOG.md) - [Commits](hukkin/tomli@1.2.2...1.2.3) --- updated-dependencies: - dependency-name: tomli dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump lxml from 4.6.5 to 4.7.1 Bumps [lxml](https://github.com/lxml/lxml) from 4.6.5 to 4.7.1. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.6.5...lxml-4.7.1) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump structlog from 21.4.0 to 21.5.0 Bumps [structlog](https://github.com/hynek/structlog) from 21.4.0 to 21.5.0. - [Release notes](https://github.com/hynek/structlog/releases) - [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.rst) - [Commits](hynek/structlog@21.4.0...21.5.0) --- updated-dependencies: - dependency-name: structlog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump grpcio-status from 1.42.0 to 1.43.0 Bumps [grpcio-status](https://grpc.io) from 1.42.0 to 1.43.0. --- updated-dependencies: - dependency-name: grpcio-status dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump psycopg2 from 2.9.2 to 2.9.3 Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.2 to 2.9.3. - [Release notes](https://github.com/psycopg/psycopg2/releases) - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) --- updated-dependencies: - dependency-name: psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump psutil from 5.8.0 to 5.9.0 Bumps [psutil](https://github.com/giampaolo/psutil) from 5.8.0 to 5.9.0. - [Release notes](https://github.com/giampaolo/psutil/releases) - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](giampaolo/psutil@release-5.8.0...release-5.9.0) --- updated-dependencies: - dependency-name: psutil dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump attrs from 21.2.0 to 21.4.0 Bumps [attrs](https://github.com/python-attrs/attrs) from 21.2.0 to 21.4.0. - [Release notes](https://github.com/python-attrs/attrs/releases) - [Changelog](https://github.com/python-attrs/attrs/blob/main/CHANGELOG.rst) - [Commits](python-attrs/attrs@21.2.0...21.4.0) --- updated-dependencies: - dependency-name: attrs dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump cattrs from 1.9.0 to 1.10.0 Bumps [cattrs](https://github.com/python-attrs/cattrs) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/python-attrs/cattrs/releases) - [Changelog](https://github.com/python-attrs/cattrs/blob/main/HISTORY.rst) - [Commits](python-attrs/cattrs@v1.9.0...v1.10.0) --- updated-dependencies: - dependency-name: cattrs dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump urllib3 from 1.26.7 to 1.26.8 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.7 to 1.26.8. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/1.26.8/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.7...1.26.8) --- updated-dependencies: - dependency-name: urllib3 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump rfc3986 from 1.5.0 to 2.0.0 Bumps [rfc3986](https://github.com/python-hyper/rfc3986) from 1.5.0 to 2.0.0. - [Release notes](https://github.com/python-hyper/rfc3986/releases) - [Commits](python-hyper/rfc3986@1.5.0...2.0.0) --- updated-dependencies: - dependency-name: rfc3986 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mistune from 2.0.0 to 2.0.2 Bumps [mistune](https://github.com/lepture/mistune) from 2.0.0 to 2.0.2. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/master/docs/changes.rst) - [Commits](lepture/mistune@v2.0.0...v2.0.2) --- updated-dependencies: - dependency-name: mistune dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-bigquery from 2.31.0 to 2.32.0 Bumps [google-cloud-bigquery](https://github.com/googleapis/python-bigquery) from 2.31.0 to 2.32.0. - [Release notes](https://github.com/googleapis/python-bigquery/releases) - [Changelog](https://github.com/googleapis/python-bigquery/blob/main/CHANGELOG.md) - [Commits](googleapis/python-bigquery@v2.31.0...v2.32.0) --- updated-dependencies: - dependency-name: google-cloud-bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump dnspython from 2.1.0 to 2.2.0 Bumps [dnspython]() from 2.1.0 to 2.2.0. --- updated-dependencies: - dependency-name: dnspython dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-core from 2.2.1 to 2.2.2 Bumps [google-cloud-core](https://github.com/googleapis/python-cloud-core) from 2.2.1 to 2.2.2. - [Release notes](https://github.com/googleapis/python-cloud-core/releases) - [Changelog](https://github.com/googleapis/python-cloud-core/blob/main/CHANGELOG.md) - [Commits](googleapis/python-cloud-core@v2.2.1...v2.2.2) --- updated-dependencies: - dependency-name: google-cloud-core dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-storage from 1.43.0 to 2.1.0 Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 1.43.0 to 2.1.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](googleapis/python-storage@v1.43.0...v2.1.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pyparsing from 2.4.7 to 3.0.7 Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.7. - [Release notes](https://github.com/pyparsing/pyparsing/releases) - [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) - [Commits](pyparsing/pyparsing@pyparsing_2.4.7...pyparsing_3.0.7) --- updated-dependencies: - dependency-name: pyparsing dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sentry-sdk from 1.5.1 to 1.5.4 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.1 to 1.5.4. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.1...1.5.4) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump cbor2 from 5.4.2 to 5.4.2.post1 Bumps [cbor2](https://github.com/agronholm/cbor2) from 5.4.2 to 5.4.2.post1. - [Release notes](https://github.com/agronholm/cbor2/releases) - [Changelog](https://github.com/agronholm/cbor2/blob/master/docs/versionhistory.rst) - [Commits](agronholm/cbor2@5.4.2...5.4.2.post1) --- updated-dependencies: - dependency-name: cbor2 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pbr from 5.8.0 to 5.8.1 Bumps [pbr](https://docs.openstack.org/pbr/latest/) from 5.8.0 to 5.8.1. --- updated-dependencies: - dependency-name: pbr dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump setuptools from 59.6.0 to 60.8.2 Bumps [setuptools](https://github.com/pypa/setuptools) from 59.6.0 to 60.8.2. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v59.6.0...v60.8.2) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sqlalchemy[asyncio] from 1.4.28 to 1.4.31 Bumps [sqlalchemy[asyncio]](https://github.com/sqlalchemy/sqlalchemy) from 1.4.28 to 1.4.31. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy[asyncio] dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sqlalchemy-utils from 0.37.9 to 0.38.2 Bumps [sqlalchemy-utils](https://github.com/kvesteri/sqlalchemy-utils) from 0.37.9 to 0.38.2. - [Release notes](https://github.com/kvesteri/sqlalchemy-utils/releases) - [Changelog](https://github.com/kvesteri/sqlalchemy-utils/blob/master/CHANGES.rst) - [Commits](kvesteri/sqlalchemy-utils@0.37.9...0.38.2) --- updated-dependencies: - dependency-name: sqlalchemy-utils dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump importlib-metadata from 4.8.2 to 4.10.1 Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.2 to 4.10.1. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) - [Commits](python/importlib_metadata@v4.8.2...v4.10.1) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump zipp from 3.6.0 to 3.7.0 Bumps [zipp](https://github.com/jaraco/zipp) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/CHANGES.rst) - [Commits](jaraco/zipp@v3.6.0...v3.7.0) --- updated-dependencies: - dependency-name: zipp dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump requests from 2.26.0 to 2.27.1 Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.27.1. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.26.0...v2.27.1) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pygments from 2.10.0 to 2.11.2 Bumps [pygments](https://github.com/pygments/pygments) from 2.10.0 to 2.11.2. - [Release notes](https://github.com/pygments/pygments/releases) - [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES) - [Commits](pygments/pygments@2.10.0...2.11.2) --- updated-dependencies: - dependency-name: pygments dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Send a recovery code reminder email on login * Update translations * Use previously constructed state instead

* Don't run on non-PR pushes to non-main branches * Add concurrency groups and group cancellations

* Bump black from 21.12b0 to 22.1.0 Bumps [black](https://github.com/psf/black) from 21.12b0 to 22.1.0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/commits/22.1.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Update for black==22.1.0 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Bump boto3 from 1.20.52 to 1.20.53 Bumps [boto3](https://github.com/boto/boto3) from 1.20.52 to 1.20.53. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.20.52...1.20.53) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump disposable-email-domains from 0.0.67 to 0.0.75 Bumps [disposable-email-domains](https://github.com/disposable-email-domains/disposable-email-domains) from 0.0.67 to 0.0.75. - [Release notes](https://github.com/disposable-email-domains/disposable-email-domains/releases) - [Commits](https://github.com/disposable-email-domains/disposable-email-domains/commits) --- updated-dependencies: - dependency-name: disposable-email-domains dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump prompt-toolkit from 3.0.24 to 3.0.28 Bumps [prompt-toolkit](https://github.com/prompt-toolkit/python-prompt-toolkit) from 3.0.24 to 3.0.28. - [Release notes](https://github.com/prompt-toolkit/python-prompt-toolkit/releases) - [Changelog](https://github.com/prompt-toolkit/python-prompt-toolkit/blob/master/CHANGELOG) - [Commits](prompt-toolkit/python-prompt-toolkit@3.0.24...3.0.28) --- updated-dependencies: - dependency-name: prompt-toolkit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump importlib-metadata from 4.10.1 to 4.11.0 Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.10.1 to 4.11.0. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) - [Commits](python/importlib_metadata@v4.10.1...v4.11.0) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump faker from 12.2.0 to 12.3.0 Bumps [faker](https://github.com/joke2k/faker) from 12.2.0 to 12.3.0. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v12.2.0...v12.3.0) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump proto-plus from 1.19.8 to 1.20.0 Bumps [proto-plus](https://github.com/googleapis/proto-plus-python) from 1.19.8 to 1.20.0. - [Release notes](https://github.com/googleapis/proto-plus-python/releases) - [Changelog](https://github.com/googleapis/proto-plus-python/blob/main/CHANGELOG.md) - [Commits](googleapis/proto-plus-python@v1.19.8...v1.20.0) --- updated-dependencies: - dependency-name: proto-plus dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump zope-interface from 5.1.0 to 5.4.0 Bumps [zope-interface](https://github.com/zopefoundation/zope.interface) from 5.1.0 to 5.4.0. - [Release notes](https://github.com/zopefoundation/zope.interface/releases) - [Changelog](https://github.com/zopefoundation/zope.interface/blob/master/CHANGES.rst) - [Commits](zopefoundation/zope.interface@5.1.0...5.4.0) --- updated-dependencies: - dependency-name: zope-interface dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump zope-sqlalchemy from 1.3 to 1.6 Bumps [zope-sqlalchemy](https://github.com/zopefoundation/zope.sqlalchemy) from 1.3 to 1.6. - [Release notes](https://github.com/zopefoundation/zope.sqlalchemy/releases) - [Changelog](https://github.com/zopefoundation/zope.sqlalchemy/blob/master/CHANGES.rst) - [Commits](zopefoundation/zope.sqlalchemy@1.3...1.6) --- updated-dependencies: - dependency-name: zope-sqlalchemy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump limits from 2.0.3 to 2.3.3 Bumps [limits](https://github.com/alisaifee/limits) from 2.0.3 to 2.3.3. - [Release notes](https://github.com/alisaifee/limits/releases) - [Changelog](https://github.com/alisaifee/limits/blob/master/HISTORY.rst) - [Commits](alisaifee/limits@2.0.3...2.3.3) --- updated-dependencies: - dependency-name: limits dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump responses from 0.16.0 to 0.18.0 Bumps [responses](https://github.com/getsentry/responses) from 0.16.0 to 0.18.0. - [Release notes](https://github.com/getsentry/responses/releases) - [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES) - [Commits](getsentry/responses@0.16.0...0.18.0) --- updated-dependencies: - dependency-name: responses dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump s3transfer from 0.5.0 to 0.5.1 Bumps [s3transfer](https://github.com/boto/s3transfer) from 0.5.0 to 0.5.1. - [Release notes](https://github.com/boto/s3transfer/releases) - [Changelog](https://github.com/boto/s3transfer/blob/develop/CHANGELOG.rst) - [Commits](boto/s3transfer@0.5.0...0.5.1) --- updated-dependencies: - dependency-name: s3transfer dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump alembic from 1.7.5 to 1.7.6 Bumps [alembic](https://alembic.sqlalchemy.org) from 1.7.5 to 1.7.6. --- updated-dependencies: - dependency-name: alembic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump coverage from 6.2 to 6.3.1 Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.2 to 6.3.1. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.2...6.3.1) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump protobuf from 3.19.1 to 3.19.4 Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 3.19.1 to 3.19.4. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/master/generate_changelog.py) - [Commits](protocolbuffers/protobuf@v3.19.1...v3.19.4) --- updated-dependencies: - dependency-name: protobuf dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump natsort from 8.0.1 to 8.1.0 Bumps [natsort](https://github.com/SethMMorton/natsort) from 8.0.1 to 8.1.0. - [Release notes](https://github.com/SethMMorton/natsort/releases) - [Changelog](https://github.com/SethMMorton/natsort/blob/master/CHANGELOG.md) - [Commits](SethMMorton/natsort@8.0.1...8.1.0) --- updated-dependencies: - dependency-name: natsort dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pyopenssl from 21.0.0 to 22.0.0 Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 21.0.0 to 22.0.0. - [Release notes](https://github.com/pyca/pyopenssl/releases) - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](pyca/pyopenssl@21.0.0...22.0.0) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump charset-normalizer from 2.0.9 to 2.0.11 Bumps [charset-normalizer](https://github.com/ousret/charset_normalizer) from 2.0.9 to 2.0.11. - [Release notes](https://github.com/ousret/charset_normalizer/releases) - [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md) - [Commits](jawah/charset_normalizer@2.0.9...2.0.11) --- updated-dependencies: - dependency-name: charset-normalizer dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Ignore elasticsearch upgrades Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.4 to 1.5.5. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.4...1.5.5) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org>

Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.3.3 to 2.6.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.3.3...v2.6.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [boto3](https://github.com/boto/boto3) from 1.20.53 to 1.20.54. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.20.53...1.20.54) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [tomli](https://github.com/hukkin/tomli) from 1.2.3 to 2.0.1. - [Release notes](https://github.com/hukkin/tomli/releases) - [Changelog](https://github.com/hukkin/tomli/blob/master/CHANGELOG.md) - [Commits](hukkin/tomli@1.2.3...2.0.1) --- updated-dependencies: - dependency-name: tomli dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Bump pytest from 6.2.5 to 7.0.1 Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.5 to 7.0.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@6.2.5...7.0.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update pytest-postgresql to version supporting pytest 7 (pypi#10752) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Grzegorz Śliwiński <fizyk@fizyk.dev> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org>

* Add failing test * Parse release version before storing it This has the effect of removing any potential "preceding v character" from the version: https://www.python.org/dev/peps/pep-0440/#preceding-v-character

…gration (pypi#10771) introduced in pypi#10707 resolves https://sentry.io/share/issue/bd36f5a3cca74563af91fb53b586dae7/

* Don't use links for disabled buttons * Update translations

Co-authored-by: Hosted Weblate <hosted@weblate.org> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse

* Bump charset-normalizer from 2.0.11 to 2.0.12 Bumps [charset-normalizer](https://github.com/ousret/charset_normalizer) from 2.0.11 to 2.0.12. - [Release notes](https://github.com/ousret/charset_normalizer/releases) - [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md) - [Commits](jawah/charset_normalizer@2.0.11...2.0.12) --- updated-dependencies: - dependency-name: charset-normalizer dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump fakeredis from 1.7.0 to 1.7.1 Bumps [fakeredis](https://github.com/jamesls/fakeredis) from 1.7.0 to 1.7.1. - [Release notes](https://github.com/jamesls/fakeredis/releases) - [Commits](jamesls/fakeredis@1.7.0...1.7.1) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump disposable-email-domains from 0.0.75 to 0.0.76 Bumps [disposable-email-domains](https://github.com/disposable-email-domains/disposable-email-domains) from 0.0.75 to 0.0.76. - [Release notes](https://github.com/disposable-email-domains/disposable-email-domains/releases) - [Commits](https://github.com/disposable-email-domains/disposable-email-domains/commits) --- updated-dependencies: - dependency-name: disposable-email-domains dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump cachetools from 4.2.4 to 5.0.0 Bumps [cachetools](https://github.com/tkem/cachetools) from 4.2.4 to 5.0.0. - [Release notes](https://github.com/tkem/cachetools/releases) - [Changelog](https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst) - [Commits](tkem/cachetools@v4.2.4...v5.0.0) --- updated-dependencies: - dependency-name: cachetools dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump port-for from 0.6.1 to 0.6.2 Bumps [port-for](https://github.com/kmike/port-for) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/kmike/port-for/releases) - [Changelog](https://github.com/kmike/port-for/blob/master/CHANGES.rst) - [Commits](fizyk/port-for@v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: port-for dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump importlib-metadata from 4.11.0 to 4.11.1 Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.11.0 to 4.11.1. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) - [Commits](python/importlib_metadata@v4.11.0...v4.11.1) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump proto-plus from 1.20.0 to 1.20.1 Bumps [proto-plus](https://github.com/googleapis/proto-plus-python) from 1.20.0 to 1.20.1. - [Release notes](https://github.com/googleapis/proto-plus-python/releases) - [Changelog](https://github.com/googleapis/proto-plus-python/blob/main/CHANGELOG.md) - [Commits](googleapis/proto-plus-python@v1.20.0...v1.20.1) --- updated-dependencies: - dependency-name: proto-plus dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump faker from 12.3.0 to 13.0.0 Bumps [faker](https://github.com/joke2k/faker) from 12.3.0 to 13.0.0. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v12.3.0...v13.0.0) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump trove-classifiers from 2022.1.6 to 2022.2.16 Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2022.1.6 to 2022.2.16. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump python-slugify from 5.0.2 to 6.0.1 Bumps [python-slugify](https://github.com/un33k/python-slugify) from 5.0.2 to 6.0.1. - [Release notes](https://github.com/un33k/python-slugify/releases) - [Changelog](https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md) - [Commits](un33k/python-slugify@5.0.2...v6.0.1) --- updated-dependencies: - dependency-name: python-slugify dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.20.54 to 1.21.1 Bumps [boto3](https://github.com/boto/boto3) from 1.20.54 to 1.21.1. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.20.54...1.21.1) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump setuptools from 60.8.2 to 60.9.2 Bumps [setuptools](https://github.com/pypa/setuptools) from 60.8.2 to 60.9.2. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v60.8.2...v60.9.2) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump typing-extensions from 4.0.1 to 4.1.1 Bumps [typing-extensions](https://github.com/python/typing) from 4.0.1 to 4.1.1. - [Release notes](https://github.com/python/typing/releases) - [Changelog](https://github.com/python/typing/blob/master/typing_extensions/CHANGELOG) - [Commits](python/typing@4.0.1...4.1.1) --- updated-dependencies: - dependency-name: typing-extensions dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Pin back webauthn Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sphinx from 4.3.1 to 4.4.0 Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 4.3.1 to 4.4.0. - [Release notes](https://github.com/sphinx-doc/sphinx/releases) - [Changelog](https://github.com/sphinx-doc/sphinx/blob/4.x/CHANGES) - [Commits](sphinx-doc/sphinx@v4.3.1...v4.4.0) --- updated-dependencies: - dependency-name: sphinx dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Specify Python version for RTD build * Bump importlib-metadata from 4.11.0 to 4.11.1 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Bump webauthn from 1.2.1 to 1.3.0 Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.2.1 to 1.3.0. - [Release notes](https://github.com/duo-labs/py_webauthn/releases) - [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md) - [Commits](duo-labs/py_webauthn@v1.2.1...v1.3.0) --- updated-dependencies: - dependency-name: webauthn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Don't use webauthn.helpers.options_to_json.converter * Unpin webauthn Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Co-authored-by: Hassani Mohammed <mouhamedtec@gmail.com> Co-authored-by: Hassani Mohammed <mouhamedtec@gmail.com>

* Bump botocore from 1.24.1 to 1.24.2 Bumps [botocore](https://github.com/boto/botocore) from 1.24.1 to 1.24.2. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.24.1...1.24.2) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump grpcio from 1.43.0 to 1.44.0 Bumps [grpcio](https://github.com/grpc/grpc) from 1.43.0 to 1.44.0. - [Release notes](https://github.com/grpc/grpc/releases) - [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md) - [Commits](grpc/grpc@v1.43.0...v1.44.0) --- updated-dependencies: - dependency-name: grpcio dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump proto-plus from 1.20.1 to 1.20.3 Bumps [proto-plus](https://github.com/googleapis/proto-plus-python) from 1.20.1 to 1.20.3. - [Release notes](https://github.com/googleapis/proto-plus-python/releases) - [Changelog](https://github.com/googleapis/proto-plus-python/blob/main/CHANGELOG.md) - [Commits](googleapis/proto-plus-python@v1.20.1...v1.20.3) --- updated-dependencies: - dependency-name: proto-plus dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump grpcio-status from 1.43.0 to 1.44.0 Bumps [grpcio-status](https://grpc.io) from 1.43.0 to 1.44.0. --- updated-dependencies: - dependency-name: grpcio-status dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-bigquery from 2.32.0 to 2.33.0 Bumps [google-cloud-bigquery](https://github.com/googleapis/python-bigquery) from 2.32.0 to 2.33.0. - [Release notes](https://github.com/googleapis/python-bigquery/releases) - [Changelog](https://github.com/googleapis/python-bigquery/blob/main/CHANGELOG.md) - [Commits](googleapis/python-bigquery@v2.32.0...v2.33.0) --- updated-dependencies: - dependency-name: google-cloud-bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump markupsafe from 2.0.1 to 2.1.0 Bumps [markupsafe](https://github.com/pallets/markupsafe) from 2.0.1 to 2.1.0. - [Release notes](https://github.com/pallets/markupsafe/releases) - [Changelog](https://github.com/pallets/markupsafe/blob/main/CHANGES.rst) - [Commits](pallets/markupsafe@2.0.1...2.1.0) --- updated-dependencies: - dependency-name: markupsafe dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.1 to 1.21.2 Bumps [boto3](https://github.com/boto/boto3) from 1.21.1 to 1.21.2. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.1...1.21.2) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump lxml from 4.7.1 to 4.8.0 Bumps [lxml](https://github.com/lxml/lxml) from 4.7.1 to 4.8.0. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.7.1...lxml-4.8.0) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump setuptools from 60.9.2 to 60.9.3 Bumps [setuptools](https://github.com/pypa/setuptools) from 60.9.2 to 60.9.3. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v60.9.2...v60.9.3) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump webauthn from 1.3.0 to 1.4.0 Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/duo-labs/py_webauthn/releases) - [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md) - [Commits](duo-labs/py_webauthn@v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: webauthn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump redis from 3.5.3 to 4.1.4 Bumps [redis](https://github.com/redis/redis-py) from 3.5.3 to 4.1.4. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@3.5.3...v4.1.4) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Remove comment Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Add new config variables to integrate with pythondotorg * Add new fields with data from pythondotorg logo placement API * Register task to update sponsors table * Code linter * Fix typo * Minimal working code to integrate with logo palcement endpoint * First unit test to figure out how to mock requests * Create a new sponsor * Add logic to update existing sponsors * Reformat code * Leave HTTP vs HTTPS configuration to be handle by env variable * Fix linter errors * Create sponsor directly from the exception handler * Run task every 10 minutes * There's no need for the if condition * Only schedule cron job if there's a token in the env * Remove pythondotorg env variables from dev * Run linter Co-authored-by: Ee Durbin <ewdurbin@gmail.com>

When the tests complete, we get a lovely list of files that are 100% covered by tess - woohoo! As the file count grows, seeing anything that isn't 100% covered is harder, so we can omit any file that coverage.py reports is fully covered. Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* Suggest twine-check To diagnose description render failures. * More detail about render failure. The note about readme-renderer has been moved to the new FAQ item with a pointer from its previous location. * Remove reference to readme_renderer And add a note about psycopg2 requirements to getting started doc. * Suggest twine-check To diagnose description render failures. * More detail about render failure. The note about readme-renderer has been moved to the new FAQ item with a pointer from its previous location. * Remove reference to readme_renderer And add a note about psycopg2 requirements to getting started doc. * Update translations

* chore(dev): set web to depend on db When running `make tests`, the current expectation is that the user has executed `make serve` and the database container is running in already. This brings in all the other runtime dependencies, when all the tests need is a running database instance. Setting the `depends_on` flag tells docker-compose to start the db container first, any time we run a `web` container, and saves us the step of starting it ourselves in another shell. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore(dev): set elasticsearch to single-node The current settings for the elasticsearch container place the started node in "production, single node cluster" mode. This performs boostrap tests, one of which tests for virtual memory via the `sysctl` setting of `vm.max_map_count`. In certain Docker-in-Docker development environments, the end user may not have access to the underlying host settings, and cannot modify this setting. An alternative is to set the `discovery-type` to a single node, placing the service in "development mode", turning any bootstrap checks from errors to warnings. Refs: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/system-config.html#dev-vs-prod Refs: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/bootstrap-checks.html Originally reported in pypi#1511, related to pypi#4370 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore: enable context reporting in coverage coverage.py version 5.0 introduced the notion of measurement contexts. This adds details to the report to show: - how many times a given line was executed - which context executed a given line Enabling dynamic context measurement during the test execution adds test class/function contexts to the coverage data to be displayed on a given report output. Refs: https://coverage.readthedocs.io/en/6.3.2/contexts.html#dynamic-contexts Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore(dev): enable web port to be set via env var Creating a port under 1024 often requires superuser privileges. In some environments this is disallowed. By using the built-in behavior from Docker Compose, a user can now set: WEB_PORT=8080 make serve and the web application will be made availabel on port 8080. The default remains port 80. Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* chore: update local/CI execution to Python 3.9 For the development (outer) environment, update to Python 3.9.10 - latest as of this writing. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore: upgrade python version Move us to 3.9.10 - latest release. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore: update requrements hashes for python3.9 * test: exclude statement from coverage report In the move to Python 3.9, we are subject to a coverage behavior that has yet to be corrected. In the interest of keeping the coverage report to 100%, we exclude the statement that coverage.py reports as not being executed, despite it being executed via tests. Refs: nedbat/coveragepy#1041 Signed-off-by: Mike Fiedler <miketheman@gmail.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Run docs build in container * Run translations build in container * Run depchecker in container * Run requirements build in container * Run license check in container * Clean up Makefile * Update docs * Remove unused COMMAND_ARGS, use double quotes * Add missing semicolons * Move github-actions-deps out of Makefile * Set ENCODING and PATH in dev/environment * Fix typo with translations build

* Add feature flags for 2FA requirement/mandate * Rename project badge * Show badge on manage page if 2FA is required * Add controls for enabling/disabling 2FA requirement * Record ProjectEvent on enable/disable * Don't break on whitespace in badges * Add a neutral badge style * Updates to 2FA badges - Use a more neutral color - Remove checkmark - Separate badges for 2FA requirement, mandate, and critical project - Only show 2FA mandate badge once mandate is enabled - Change links to spans for badges that can't be modified * Update translations

* correct logic in github-actions-deps ``` GITHUB_BASE_REF := $(shell echo "$${GITHUB_BASE_REF:-false}") ifneq ($(GITHUB_BASE_REF), false) ... ``` in the Makefile, this set the value of the Make var to `false` if no GITHUB_BASE_REF existed in environment Now we soley rely on [GitHub Actions env vars](https://docs.github.com/en/actions/learn-github-actions/environment-variables#default-environment-variables) since the Make variable doesn't propogate to the script. "The name of the base ref or target branch of the pull request in a workflow run. This is only set when the event that triggers a workflow run is either pull_request or pull_request_target. For example, main." So, on pushes to main this is empty. Thus our current condtion: ``` if [[ -z "${GITHUB_BASE_REF}" ]]; then ``` Is actually the opposite effect of what we had previously.debug * remove extraneous

* test: remove unused methods Two of the `FakeQuery` instances implemented a `.results` method that was never needed/exercised via tests, and can safely be removed. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: assert value on the exception location The inner assertion was getting "swallowed" during pytest's assertion rewriting, so the target location wasn't being validated. Moving the assert outside of the context manager provides us access to assert against the value. Outdenting this assertion provided the visibility that the assertion was incorrect, as the err.value is a Pyramid exception, which has a `location` property we are validating against. Refs: https://docs.pytest.org/en/6.2.x/assert.html#assertions-about-expected-exceptions Refs: https://docs.pylonsproject.org/projects/pyramid/en/latest/api/httpexceptions.html#pyramid.httpexceptions.HTTPSeeOther Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* Reuse .python-version in GitHub Actions * Apply suggestions from code review Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Removing the version makes it possible for email clients to thread multiple consecutive notification emails into a single thread.

For all our in-container dev actions, we don't need to build both the web container and the static container for all of them. Also adds some missing targets.

* Remove unused other_settings param * Don't mutate original test param * Ignore all environment variables in the test env Except for WAREHOUSE_ENV

* Slight refactoring and adding comments * Send notification email on basic auth with 2FA * Update translations

* Fix a s/as/has/ typo in `basic-auth-with-2fa` * Fix s/as/has/ in the txt email template too * Update translations Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Deduplicate "instead" in `basic-auth-with-2fa` * Drop the second "instead" from the txt email too * Update translations Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Update test fixtures, include email/token services * Add support for limited repeated emails * Only send 1 basic-auth-with-2fa email per day * Use repeat_window=None as default instead

* Add a request.authentication_method marker * Move the 2FA + basic auth check

* Add a failing test * Take all roles into consideration for projects_requiring_2fa * Update translations

@dstufft

…hanged (pypi#10859) * invalidate existing sessions for a given User when User.password is changed * set User.password_date whenever User.password is updated The trigger implementation is _best_ since it ensures that the column will stay up to date whenever it is changed, even if not via this method... Problematically the resulting value of the trigger isn't accessible inside the transaction (at least not that I was able to find). I tried flushes and savepoints but no matter what I did nothing worked :( * lint/translations * remove cache bypass for get_user, it is not necessary * translate string * cleanup 6942da2 * fix mass logout bug * revert to DB Trigger for password_date Thanks @dstufft! db.refresh was the magic ticket to getting the resulting value from the trigger * translations * explicitly flush before refresh to ensure modified state is maintained * Update warehouse/sessions.py Co-authored-by: Dustin Ingram <di@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

…is empty (pypi#10853) * Issue pypi#9203 Disable mismatch warning when confirm password field is empty * update test case * verify all the scenarios as part of test * Split tests Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Capitalise Trove * Fix link anchor * Document the 'Private ::' classifier prefix * make translations

Minor annoyance - happened once back in 2020, and must have been copy&pasted ever since. Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* Bump boto3 from 1.21.2 to 1.21.12 Bumps [boto3](https://github.com/boto/boto3) from 1.21.2 to 1.21.12. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.2...1.21.12) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-resumable-media from 2.2.1 to 2.3.1 Bumps [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) from 2.2.1 to 2.3.1. - [Release notes](https://github.com/googleapis/google-resumable-media-python/releases) - [Changelog](https://github.com/googleapis/google-resumable-media-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-resumable-media-python@v2.2.1...v2.3.1) --- updated-dependencies: - dependency-name: google-resumable-media dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump freezegun from 1.1.0 to 1.2.0 Bumps [freezegun](https://github.com/spulec/freezegun) from 1.1.0 to 1.2.0. - [Release notes](https://github.com/spulec/freezegun/releases) - [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG) - [Commits](spulec/freezegun@1.1.0...1.2.0) --- updated-dependencies: - dependency-name: freezegun dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-bigquery from 2.33.0 to 2.34.1 Bumps [google-cloud-bigquery](https://github.com/googleapis/python-bigquery) from 2.33.0 to 2.34.1. - [Release notes](https://github.com/googleapis/python-bigquery/releases) - [Changelog](https://github.com/googleapis/python-bigquery/blob/main/CHANGELOG.md) - [Commits](googleapis/python-bigquery@v2.33.0...v2.34.1) --- updated-dependencies: - dependency-name: google-cloud-bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump datadog from 0.43.0 to 0.44.0 Bumps [datadog](https://github.com/DataDog/datadogpy) from 0.43.0 to 0.44.0. - [Release notes](https://github.com/DataDog/datadogpy/releases) - [Changelog](https://github.com/DataDog/datadogpy/blob/master/CHANGELOG.md) - [Commits](DataDog/datadogpy@v0.43.0...v0.44.0) --- updated-dependencies: - dependency-name: datadog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump faker from 13.0.0 to 13.3.0 Bumps [faker](https://github.com/joke2k/faker) from 13.0.0 to 13.3.0. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v13.0.0...v13.3.0) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump python-slugify from 6.0.1 to 6.1.1 Bumps [python-slugify](https://github.com/un33k/python-slugify) from 6.0.1 to 6.1.1. - [Release notes](https://github.com/un33k/python-slugify/releases) - [Changelog](https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md) - [Commits](un33k/python-slugify@v6.0.1...v6.1.1) --- updated-dependencies: - dependency-name: python-slugify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump importlib-metadata from 4.11.1 to 4.11.2 Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.11.1 to 4.11.2. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) - [Commits](python/importlib_metadata@v4.11.1...v4.11.2) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump disposable-email-domains from 0.0.76 to 0.0.77 Bumps [disposable-email-domains](https://github.com/disposable-email-domains/disposable-email-domains) from 0.0.76 to 0.0.77. - [Release notes](https://github.com/disposable-email-domains/disposable-email-domains/releases) - [Commits](https://github.com/disposable-email-domains/disposable-email-domains/commits) --- updated-dependencies: - dependency-name: disposable-email-domains dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump s3transfer from 0.5.1 to 0.5.2 Bumps [s3transfer](https://github.com/boto/s3transfer) from 0.5.1 to 0.5.2. - [Release notes](https://github.com/boto/s3transfer/releases) - [Changelog](https://github.com/boto/s3transfer/blob/develop/CHANGELOG.rst) - [Commits](boto/s3transfer@0.5.1...0.5.2) --- updated-dependencies: - dependency-name: s3transfer dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump restructuredtext-lint from 1.3.2 to 1.4.0 Bumps [restructuredtext-lint](https://github.com/twolfson/restructuredtext-lint) from 1.3.2 to 1.4.0. - [Release notes](https://github.com/twolfson/restructuredtext-lint/releases) - [Changelog](https://github.com/twolfson/restructuredtext-lint/blob/master/CHANGELOG.rst) - [Commits](twolfson/restructuredtext-lint@1.3.2...1.4.0) --- updated-dependencies: - dependency-name: restructuredtext-lint dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump googleapis-common-protos from 1.54.0 to 1.55.0 Bumps [googleapis-common-protos](https://github.com/googleapis/python-api-common-protos) from 1.54.0 to 1.55.0. - [Release notes](https://github.com/googleapis/python-api-common-protos/releases) - [Changelog](https://github.com/googleapis/python-api-common-protos/blob/main/CHANGELOG.md) - [Commits](googleapis/python-api-common-protos@v1.54.0...v1.55.0) --- updated-dependencies: - dependency-name: googleapis-common-protos dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sentry-sdk from 1.5.5 to 1.5.6 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.5 to 1.5.6. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.5...1.5.6) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump cssutils from 2.3.0 to 2.4.0 Bumps [cssutils](https://github.com/jaraco/cssutils) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/jaraco/cssutils/releases) - [Changelog](https://github.com/jaraco/cssutils/blob/main/CHANGES.rst) - [Commits](jaraco/cssutils@v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: cssutils dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump platformdirs from 2.5.0 to 2.5.1 Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 2.5.0 to 2.5.1. - [Release notes](https://github.com/platformdirs/platformdirs/releases) - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst) - [Commits](tox-dev/platformdirs@2.5.0...2.5.1) --- updated-dependencies: - dependency-name: platformdirs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump coverage from 6.3.1 to 6.3.2 Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3.1 to 6.3.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.3.1...6.3.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump click from 8.0.3 to 8.0.4 Bumps [click](https://github.com/pallets/click) from 8.0.3 to 8.0.4. - [Release notes](https://github.com/pallets/click/releases) - [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst) - [Commits](pallets/click@8.0.3...8.0.4) --- updated-dependencies: - dependency-name: click dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Nuno André <nuno.an@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: prabakaran R <karan428@gmail.com> Co-authored-by: 钟旭尧 <python_zhong@qq.com> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Nuno André <nuno.an@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: prabakaran R <karan428@gmail.com> Co-authored-by: 钟旭尧 <python_zhong@qq.com>

* Bump wtforms[email] from 2.3.3 to 3.0.1 Bumps [wtforms[email]](https://github.com/wtforms/wtforms) from 2.3.3 to 3.0.1. - [Release notes](https://github.com/wtforms/wtforms/releases) - [Changelog](https://github.com/wtforms/wtforms/blob/master/CHANGES.rst) - [Commits](pallets-eco/wtforms@2.3.3...3.0.1) --- updated-dependencies: - dependency-name: wtforms[email] dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update EmailField import * Update translations * Update error strings * Handle None data Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Co-authored-by: Hosted Weblate <hosted@weblate.org> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse

* Bump readme-renderer[md] from 32.0 to 33.0 Bumps [readme-renderer[md]](https://github.com/pypa/readme_renderer) from 32.0 to 33.0. - [Release notes](https://github.com/pypa/readme_renderer/releases) - [Changelog](https://github.com/pypa/readme_renderer/blob/main/CHANGES.rst) - [Commits](pypa/readme_renderer@32.0...33.0) --- updated-dependencies: - dependency-name: readme-renderer[md] dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore from 1.24.12 to 1.24.13 Bumps [botocore](https://github.com/boto/botocore) from 1.24.12 to 1.24.13. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.24.12...1.24.13) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump dnspython from 2.2.0 to 2.2.1 Bumps [dnspython](https://github.com/rthalley/dnspython) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/rthalley/dnspython/releases) - [Changelog](https://github.com/rthalley/dnspython/blob/v2.2.1/doc/whatsnew.rst) - [Commits](rthalley/dnspython@v2.2.0...v2.2.1) --- updated-dependencies: - dependency-name: dnspython dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sqlalchemy[asyncio] from 1.4.31 to 1.4.32 Bumps [sqlalchemy[asyncio]](https://github.com/sqlalchemy/sqlalchemy) from 1.4.31 to 1.4.32. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy[asyncio] dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump responses from 0.18.0 to 0.19.0 Bumps [responses](https://github.com/getsentry/responses) from 0.18.0 to 0.19.0. - [Release notes](https://github.com/getsentry/responses/releases) - [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES) - [Commits](getsentry/responses@0.18.0...0.19.0) --- updated-dependencies: - dependency-name: responses dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump amqp from 5.0.9 to 5.1.0 Bumps [amqp](https://github.com/celery/py-amqp) from 5.0.9 to 5.1.0. - [Release notes](https://github.com/celery/py-amqp/releases) - [Changelog](https://github.com/celery/py-amqp/blob/master/Changelog) - [Commits](celery/py-amqp@v5.0.9...v5.1.0) --- updated-dependencies: - dependency-name: amqp dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump waitress from 2.0.0 to 2.1.0 Bumps [waitress](https://github.com/Pylons/waitress) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/Pylons/waitress/releases) - [Changelog](https://github.com/Pylons/waitress/blob/master/CHANGES.txt) - [Commits](Pylons/waitress@v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: waitress dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.12 to 1.21.13 Bumps [boto3](https://github.com/boto/boto3) from 1.21.12 to 1.21.13. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.12...1.21.13) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump kombu from 5.2.3 to 5.2.4 Bumps [kombu](https://kombu.readthedocs.io) from 5.2.3 to 5.2.4. --- updated-dependencies: - dependency-name: kombu dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): install mypy in lint.in Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore(deps): include more types-* packages for mypy These were suggested from running mypy on the codebase. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore: configure mypy Set configuration for mypy. Exclude some of the subdirectories we are not interested in testing to speed up mypy execution. Ignore any 3rd party modules that we do not have types for yet. Added links that I could find to help track completion. Does **not** set `strict` mode yet, since that's a bigger lift. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore: add mypy runner script Eventually this command should fold into `bin/lint` and be removed. For now, it's a convenient execution wrapper. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: ignore dynamic properties Callables are receiving dynamic attributes, something that isn't "usual". See python/mypy#708 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: ignore lambdas See python/mypy#4226 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: ignore hybrid_property repeat definitions Part of the SQLAlchemy extensions, which do not yet have reliable stubs/plugins. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: ignore sqlalchemy declarative Should come along with sqlalchemy stubs. See: https://docs.sqlalchemy.org/en/14/orm/extensions/mypy.html#using-declared-attr-and-declarative-mixins Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: a few more ignores Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: interface methods shouldn't use self Surfaced via mypy, corrected! Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: correct subclass path Surfaced via mypy, corrected. Unclear why this wouldn't have been caught by other tools. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: rename internal variable mypy detected this as a type mismatch, as the internal variable name was shadowing the externally-supplied one, and changing the type. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * lint: ignore flake8 line too long for ignored types Adding a `# type: ignore` comment to a couple of places triggered flake8's line too long check. Running `make reformat` did nothing for these - black has outstanding design issues with line length and comments. See psf/black#1713 for one example. Instead of changing the line structure to accommodate, ignore these two cases, at least until the types can be fixed and the comments removed. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Revert "chore: add mypy runner script" This reverts commit fffeadb. * test: include mypy in lint execution Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore(deps): include itsdangerous type stubs Until itsdangerous 2.0 is included, this types package is needed. Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* Bump itsdangerous from 1.1.0 to 2.1.0 Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 1.1.0 to 2.1.0. - [Release notes](https://github.com/pallets/itsdangerous/releases) - [Changelog](https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst) - [Commits](pallets/itsdangerous@1.1.0...2.1.0) --- updated-dependencies: - dependency-name: itsdangerous dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Have User.last_login use a datetime acting as non-naive in business logic * Add test that triggers last_login check during 2fa_validation * update translations * Have reset-password token compatibility with those generated before itsdangerous dependency update to 2.x * Have User.password_date in localized form as well. Handle tokens created with naive representation os User.password_date as well * Update warehouse/accounts/views.py Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ee Durbin <ewdurbin@gmail.com>

* Bump wrapt from 1.13.3 to 1.14.0 Bumps [wrapt](https://github.com/GrahamDumpleton/wrapt) from 1.13.3 to 1.14.0. - [Release notes](https://github.com/GrahamDumpleton/wrapt/releases) - [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst) - [Commits](GrahamDumpleton/wrapt@1.13.3...1.14.0) --- updated-dependencies: - dependency-name: wrapt dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pycurl from 7.44.1 to 7.45.0 Bumps [pycurl](https://github.com/pycurl/pycurl) from 7.44.1 to 7.45.0. - [Release notes](https://github.com/pycurl/pycurl/releases) - [Changelog](https://github.com/pycurl/pycurl/blob/master/ChangeLog) - [Commits](https://github.com/pycurl/pycurl/commits) --- updated-dependencies: - dependency-name: pycurl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore-stubs from 1.24.13 to 1.24.16 Bumps [botocore-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.24.13 to 1.24.16. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: botocore-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore from 1.24.13 to 1.24.16 Bumps [botocore](https://github.com/boto/botocore) from 1.24.13 to 1.24.16. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.24.13...1.24.16) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.13 to 1.21.16 Bumps [boto3](https://github.com/boto/boto3) from 1.21.13 to 1.21.16. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.13...1.21.16) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump celery-types from 0.11.0 to 0.12.0 Bumps [celery-types](https://github.com/sbdchd/celery-types) from 0.11.0 to 0.12.0. - [Release notes](https://github.com/sbdchd/celery-types/releases) - [Commits](https://github.com/sbdchd/celery-types/commits) --- updated-dependencies: - dependency-name: celery-types dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump trove-classifiers from 2022.2.16 to 2022.3.10 Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2022.2.16 to 2022.3.10. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3-stubs from 1.21.13 to 1.21.16 Bumps [boto3-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.21.13 to 1.21.16. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: boto3-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump itsdangerous from 1.1.0 to 2.1.1 Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 1.1.0 to 2.1.1. - [Release notes](https://github.com/pallets/itsdangerous/releases) - [Changelog](https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst) - [Commits](pallets/itsdangerous@1.1.0...2.1.1) --- updated-dependencies: - dependency-name: itsdangerous dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump disposable-email-domains from 0.0.77 to 0.0.78 Bumps [disposable-email-domains](https://github.com/disposable-email-domains/disposable-email-domains) from 0.0.77 to 0.0.78. - [Release notes](https://github.com/disposable-email-domains/disposable-email-domains/releases) - [Commits](https://github.com/disposable-email-domains/disposable-email-domains/commits) --- updated-dependencies: - dependency-name: disposable-email-domains dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-setuptools from 57.4.9 to 57.4.10 Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.9 to 57.4.10. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-psycopg2 from 2.9.7 to 2.9.8 Bumps [types-psycopg2](https://github.com/python/typeshed) from 2.9.7 to 2.9.8. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-resumable-media from 2.3.1 to 2.3.2 Bumps [google-resumable-media](https://github.com/googleapis/google-resumable-media-python) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/googleapis/google-resumable-media-python/releases) - [Changelog](https://github.com/googleapis/google-resumable-media-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-resumable-media-python@v2.3.1...v2.3.2) --- updated-dependencies: - dependency-name: google-resumable-media dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sentry-sdk from 1.5.6 to 1.5.7 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.6 to 1.5.7. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.6...1.5.7) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump asn1crypto from 1.4.0 to 1.5.0 Bumps [asn1crypto](https://github.com/wbond/asn1crypto) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/wbond/asn1crypto/releases) - [Changelog](https://github.com/wbond/asn1crypto/blob/master/changelog.md) - [Commits](wbond/asn1crypto@1.4.0...1.5.0) --- updated-dependencies: - dependency-name: asn1crypto dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump faker from 13.3.0 to 13.3.1 Bumps [faker](https://github.com/joke2k/faker) from 13.3.0 to 13.3.1. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v13.3.0...v13.3.1) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-core from 2.2.2 to 2.2.3 Bumps [google-cloud-core](https://github.com/googleapis/python-cloud-core) from 2.2.2 to 2.2.3. - [Release notes](https://github.com/googleapis/python-cloud-core/releases) - [Changelog](https://github.com/googleapis/python-cloud-core/blob/main/CHANGELOG.md) - [Commits](googleapis/python-cloud-core@v2.2.2...v2.2.3) --- updated-dependencies: - dependency-name: google-cloud-core dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-bigquery from 2.34.1 to 2.34.2 Bumps [google-cloud-bigquery](https://github.com/googleapis/python-bigquery) from 2.34.1 to 2.34.2. - [Release notes](https://github.com/googleapis/python-bigquery/releases) - [Changelog](https://github.com/googleapis/python-bigquery/blob/main/CHANGELOG.md) - [Commits](googleapis/python-bigquery@v2.34.1...v2.34.2) --- updated-dependencies: - dependency-name: google-cloud-bigquery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

The old one was archived and replaced with this one.

This reverts commit d44906f.

Introduced in pypi#10846 Resolves https://sentry.io/share/issue/2da77324e51d4d28bee1b53c782f2a1f/

* Bump boto3-stubs from 1.21.16 to 1.21.19 Bumps [boto3-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.21.16 to 1.21.19. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: boto3-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-storage from 2.1.0 to 2.2.0 Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](googleapis/python-storage@v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump faker from 13.3.1 to 13.3.2 Bumps [faker](https://github.com/joke2k/faker) from 13.3.1 to 13.3.2. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v13.3.1...v13.3.2) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore-stubs from 1.24.16 to 1.24.19 Bumps [botocore-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.24.16 to 1.24.19. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: botocore-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore from 1.24.16 to 1.24.19 Bumps [botocore](https://github.com/boto/botocore) from 1.24.16 to 1.24.19. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.24.16...1.24.19) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump alembic from 1.7.6 to 1.7.7 Bumps [alembic](https://github.com/sqlalchemy/alembic) from 1.7.6 to 1.7.7. - [Release notes](https://github.com/sqlalchemy/alembic/releases) - [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/alembic/commits) --- updated-dependencies: - dependency-name: alembic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.16 to 1.21.19 Bumps [boto3](https://github.com/boto/boto3) from 1.21.16 to 1.21.19. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.16...1.21.19) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mypy-zope from 0.3.5 to 0.3.6 Bumps [mypy-zope](https://github.com/Shoobx/mypy-zope) from 0.3.5 to 0.3.6. - [Release notes](https://github.com/Shoobx/mypy-zope/releases) - [Changelog](https://github.com/Shoobx/mypy-zope/blob/master/CHANGELOG.md) - [Commits](Shoobx/mypy-zope@0.3.5...0.3.6) --- updated-dependencies: - dependency-name: mypy-zope dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump importlib-metadata from 4.11.2 to 4.11.3 Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.11.2 to 4.11.3. - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) - [Commits](python/importlib_metadata@v4.11.2...v4.11.3) --- updated-dependencies: - dependency-name: importlib-metadata dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-urllib3 from 1.26.10 to 1.26.11 Bumps [types-urllib3](https://github.com/python/typeshed) from 1.26.10 to 1.26.11. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-urllib3 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pyramid-jinja2 from 2.8 to 2.9.1 Bumps [pyramid-jinja2](https://github.com/Pylons/pyramid_jinja2) from 2.8 to 2.9.1. - [Release notes](https://github.com/Pylons/pyramid_jinja2/releases) - [Changelog](https://github.com/Pylons/pyramid_jinja2/blob/master/CHANGES.rst) - [Commits](Pylons/pyramid_jinja2@2.8...2.9.1) --- updated-dependencies: - dependency-name: pyramid-jinja2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-requests from 2.27.11 to 2.27.12 Bumps [types-requests](https://github.com/python/typeshed) from 2.27.11 to 2.27.12. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pycurl from 7.44.1 to 7.45.1 Bumps [pycurl](https://github.com/pycurl/pycurl) from 7.44.1 to 7.45.1. - [Release notes](https://github.com/pycurl/pycurl/releases) - [Changelog](https://github.com/pycurl/pycurl/blob/master/ChangeLog) - [Commits](https://github.com/pycurl/pycurl/commits) --- updated-dependencies: - dependency-name: pycurl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pytest from 7.0.1 to 7.1.0 Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.0.1 to 7.1.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.0.1...7.1.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump readme-renderer[md] from 33.0 to 34.0 Bumps [readme-renderer[md]](https://github.com/pypa/readme_renderer) from 33.0 to 34.0. - [Release notes](https://github.com/pypa/readme_renderer/releases) - [Changelog](https://github.com/pypa/readme_renderer/blob/main/CHANGES.rst) - [Commits](pypa/readme_renderer@33.0...34.0) --- updated-dependencies: - dependency-name: readme-renderer[md] dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pyramid-tm from 2.4 to 2.5 Bumps [pyramid-tm](https://github.com/Pylons/pyramid_tm) from 2.4 to 2.5. - [Release notes](https://github.com/Pylons/pyramid_tm/releases) - [Changelog](https://github.com/Pylons/pyramid_tm/blob/master/CHANGES.rst) - [Commits](Pylons/pyramid_tm@2.4...2.5) --- updated-dependencies: - dependency-name: pyramid-tm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump mako from 1.1.6 to 1.2.0 Bumps [mako](https://github.com/sqlalchemy/mako) from 1.1.6 to 1.2.0. - [Release notes](https://github.com/sqlalchemy/mako/releases) - [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/mako/commits) --- updated-dependencies: - dependency-name: mako dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump yara-python from 4.1.3 to 4.2.0 Bumps [yara-python](https://github.com/VirusTotal/yara-python) from 4.1.3 to 4.2.0. - [Release notes](https://github.com/VirusTotal/yara-python/releases) - [Commits](VirusTotal/yara-python@v4.1.3...v4.2.0) --- updated-dependencies: - dependency-name: yara-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump limits from 2.3.3 to 2.4.0 Bumps [limits](https://github.com/alisaifee/limits) from 2.3.3 to 2.4.0. - [Release notes](https://github.com/alisaifee/limits/releases) - [Changelog](https://github.com/alisaifee/limits/blob/master/HISTORY.rst) - [Commits](alisaifee/limits@2.3.3...2.4.0) --- updated-dependencies: - dependency-name: limits dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [cryptography](https://github.com/pyca/cryptography) from 36.0.1 to 36.0.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@36.0.1...36.0.2) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Don't attempt to translate session invalidation message * Update translations

Introduced in pypi#1414 in 2016 Replaced in twine in pypa/twine#201 The DNS entry no longer resolves either. $ host upload.pypi.io Host upload.pypi.io not found: 3(NXDOMAIN) Signed-off-by: Mike Fiedler <miketheman@gmail.com>

When moving all development actions to containers in pypi#10803, this step remained outside on the host OS. As `xz-utils` are installed in the `web` image already, use those instead of relying on the host to install them. Refs: pypi#5872 Closes: pypi#5980 Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* Bump sentry-sdk from 1.5.7 to 1.5.8 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.7 to 1.5.8. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.7...1.5.8) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pyramid-jinja2 from 2.9.1 to 2.9.2 Bumps [pyramid-jinja2](https://github.com/Pylons/pyramid_jinja2) from 2.9.1 to 2.9.2. - [Release notes](https://github.com/Pylons/pyramid_jinja2/releases) - [Changelog](https://github.com/Pylons/pyramid_jinja2/blob/master/CHANGES.rst) - [Commits](Pylons/pyramid_jinja2@2.9.1...2.9.2) --- updated-dependencies: - dependency-name: pyramid-jinja2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore from 1.24.19 to 1.24.22 Bumps [botocore](https://github.com/boto/botocore) from 1.24.19 to 1.24.22. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.24.19...1.24.22) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pytz from 2021.3 to 2022.1 Bumps [pytz](https://github.com/stub42/pytz) from 2021.3 to 2022.1. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](stub42/pytz@release_2021.3...release_2022.1) --- updated-dependencies: - dependency-name: pytz dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-pytz from 2021.3.5 to 2021.3.6 Bumps [types-pytz](https://github.com/python/typeshed) from 2021.3.5 to 2021.3.6. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-pytz dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.19 to 1.21.22 Bumps [boto3](https://github.com/boto/boto3) from 1.21.19 to 1.21.22. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.19...1.21.22) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore-stubs from 1.24.19 to 1.24.22 Bumps [botocore-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.24.19 to 1.24.22. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: botocore-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3-stubs from 1.21.19 to 1.21.22 Bumps [boto3-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.21.19 to 1.21.22. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: boto3-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-requests from 2.27.12 to 2.27.14 Bumps [types-requests](https://github.com/python/typeshed) from 2.27.12 to 2.27.14. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump responses from 0.19.0 to 0.20.0 Bumps [responses](https://github.com/getsentry/responses) from 0.19.0 to 0.20.0. - [Release notes](https://github.com/getsentry/responses/releases) - [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES) - [Commits](getsentry/responses@0.19.0...0.20.0) --- updated-dependencies: - dependency-name: responses dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump googleapis-common-protos from 1.55.0 to 1.56.0 Bumps [googleapis-common-protos](https://github.com/googleapis/python-api-common-protos) from 1.55.0 to 1.56.0. - [Release notes](https://github.com/googleapis/python-api-common-protos/releases) - [Changelog](https://github.com/googleapis/python-api-common-protos/blob/main/CHANGELOG.md) - [Commits](googleapis/python-api-common-protos@v1.55.0...v1.56.0) --- updated-dependencies: - dependency-name: googleapis-common-protos dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-auth from 2.6.0 to 2.6.2 Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.6.0 to 2.6.2. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.6.0...v2.6.2) --- updated-dependencies: - dependency-name: google-auth dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump freezegun from 1.2.0 to 1.2.1 Bumps [freezegun](https://github.com/spulec/freezegun) from 1.2.0 to 1.2.1. - [Release notes](https://github.com/spulec/freezegun/releases) - [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG) - [Commits](spulec/freezegun@1.2.0...1.2.1) --- updated-dependencies: - dependency-name: freezegun dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump trove-classifiers from 2022.3.10 to 2022.3.17 Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2022.3.10 to 2022.3.17. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pytest from 7.1.0 to 7.1.1 Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.0 to 7.1.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.1.0...7.1.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump waitress from 2.1.0 to 2.1.1 Bumps [waitress](https://github.com/Pylons/waitress) from 2.1.0 to 2.1.1. - [Release notes](https://github.com/Pylons/waitress/releases) - [Changelog](https://github.com/Pylons/waitress/blob/master/CHANGES.txt) - [Commits](Pylons/waitress@v2.1.0...v2.1.1) --- updated-dependencies: - dependency-name: waitress dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump setuptools from 60.9.3 to 60.10.0 Bumps [setuptools](https://github.com/pypa/setuptools) from 60.9.3 to 60.10.0. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v60.9.3...v60.10.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump urllib3 from 1.26.8 to 1.26.9 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.8 to 1.26.9. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/1.26.9/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.8...1.26.9) --- updated-dependencies: - dependency-name: urllib3 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-redis from 4.1.17 to 4.1.18 Bumps [types-redis](https://github.com/python/typeshed) from 4.1.17 to 4.1.18. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-setuptools from 57.4.10 to 57.4.11 Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.10 to 57.4.11. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-psycopg2 from 2.9.8 to 2.9.9 Bumps [types-psycopg2](https://github.com/python/typeshed) from 2.9.8 to 2.9.9. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-storage from 2.2.0 to 2.2.1 Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](googleapis/python-storage@v2.2.0...v2.2.1) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump asn1crypto from 1.5.0 to 1.5.1 Bumps [asn1crypto](https://github.com/wbond/asn1crypto) from 1.5.0 to 1.5.1. - [Release notes](https://github.com/wbond/asn1crypto/releases) - [Changelog](https://github.com/wbond/asn1crypto/blob/master/changelog.md) - [Commits](wbond/asn1crypto@1.5.0...1.5.1) --- updated-dependencies: - dependency-name: asn1crypto dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump markupsafe from 2.1.0 to 2.1.1 Bumps [markupsafe](https://github.com/pallets/markupsafe) from 2.1.0 to 2.1.1. - [Release notes](https://github.com/pallets/markupsafe/releases) - [Changelog](https://github.com/pallets/markupsafe/blob/main/CHANGES.rst) - [Commits](pallets/markupsafe@2.1.0...2.1.1) --- updated-dependencies: - dependency-name: markupsafe dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix typo in recovery_codes-burn.html Remove the extra "a" * Update translations template Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* test: update cache_url examples to valid redis URL The examples provided are `https://` and to conform to redis-py connection spec, use `rediss://` URLs instead. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * test: replace fakeredis with a simpler class Removes usage of unmaintained `fakeredis` by creating a class that behaves just enough like `redis-py` for our purposes of validating that key/values are set and retrieved. Signed-off-by: Mike Fiedler <miketheman@gmail.com> * chore(deps): remove fakeredis from test deps Signed-off-by: Mike Fiedler <miketheman@gmail.com> * Bump redis from 4.1.4 to 4.2.0 Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

Bumps [black](https://github.com/psf/black) from 22.1.0 to 22.3.0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@22.1.0...22.3.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump boto3-stubs from 1.21.22 to 1.21.29 Bumps [boto3-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.21.22 to 1.21.29. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: boto3-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.22 to 1.21.29 Bumps [boto3](https://github.com/boto/boto3) from 1.21.22 to 1.21.29. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.22...1.21.29) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump curlylint from 0.13.0 to 0.13.1 Bumps [curlylint](https://github.com/thibaudcolas/curlylint) from 0.13.0 to 0.13.1. - [Release notes](https://github.com/thibaudcolas/curlylint/releases) - [Changelog](https://github.com/thibaudcolas/curlylint/blob/main/CHANGELOG.md) - [Commits](thibaudcolas/curlylint@v0.13.0...v0.13.1) --- updated-dependencies: - dependency-name: curlylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump faker from 13.3.2 to 13.3.4 Bumps [faker](https://github.com/joke2k/faker) from 13.3.2 to 13.3.4. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v13.3.2...v13.3.4) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-requests from 2.27.14 to 2.27.15 Bumps [types-requests](https://github.com/python/typeshed) from 2.27.14 to 2.27.15. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sphinx from 4.4.0 to 4.5.0 Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/sphinx-doc/sphinx/releases) - [Changelog](https://github.com/sphinx-doc/sphinx/blob/4.x/CHANGES) - [Commits](sphinx-doc/sphinx@v4.4.0...v4.5.0) --- updated-dependencies: - dependency-name: sphinx dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump setuptools from 60.10.0 to 61.2.0 Bumps [setuptools](https://github.com/pypa/setuptools) from 60.10.0 to 61.2.0. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v60.10.0...v61.2.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pyramid-jinja2 from 2.9.2 to 2.10 Bumps [pyramid-jinja2](https://github.com/Pylons/pyramid_jinja2) from 2.9.2 to 2.10. - [Release notes](https://github.com/Pylons/pyramid_jinja2/releases) - [Changelog](https://github.com/Pylons/pyramid_jinja2/blob/master/CHANGES.rst) - [Commits](Pylons/pyramid_jinja2@2.9.2...2.10) --- updated-dependencies: - dependency-name: pyramid-jinja2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump itsdangerous from 2.1.1 to 2.1.2 Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 2.1.1 to 2.1.2. - [Release notes](https://github.com/pallets/itsdangerous/releases) - [Changelog](https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst) - [Commits](pallets/itsdangerous@2.1.1...2.1.2) --- updated-dependencies: - dependency-name: itsdangerous dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump requests-aws4auth from 1.1.1 to 1.1.2 Bumps [requests-aws4auth](https://github.com/tedder/requests-aws4auth) from 1.1.1 to 1.1.2. - [Release notes](https://github.com/tedder/requests-aws4auth/releases) - [Changelog](https://github.com/tedder/requests-aws4auth/blob/main/HISTORY.md) - [Commits](tedder/requests-aws4auth@v.1.1.1...v1.1.2) --- updated-dependencies: - dependency-name: requests-aws4auth dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump grpcio-status from 1.44.0 to 1.45.0 Bumps [grpcio-status](https://grpc.io) from 1.44.0 to 1.45.0. --- updated-dependencies: - dependency-name: grpcio-status dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump jmespath from 0.10.0 to 1.0.0 Bumps [jmespath](https://github.com/jmespath/jmespath.py) from 0.10.0 to 1.0.0. - [Release notes](https://github.com/jmespath/jmespath.py/releases) - [Changelog](https://github.com/jmespath/jmespath.py/blob/develop/CHANGELOG.rst) - [Commits](jmespath/jmespath.py@0.10.0...1.0.0) --- updated-dependencies: - dependency-name: jmespath dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump trove-classifiers from 2022.3.17 to 2022.3.21 Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2022.3.17 to 2022.3.21. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore-stubs from 1.24.22 to 1.24.29 Bumps [botocore-stubs](https://github.com/vemel/mypy_boto3_builder) from 1.24.22 to 1.24.29. - [Release notes](https://github.com/vemel/mypy_boto3_builder/releases) - [Commits](https://github.com/vemel/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: botocore-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add clarifying link * Fix count of reasons * Update translations

* Add user timezone to localized dates' alt text * Display timezone using date-fns format function * Fix forgotten test * Make sure Z stands for timezone * Fix static tests for localized-time controller - localized-time controller expects datetime in UTC only. - Static tests run in UTC. Co-authored-by: Ee Durbin <ewdurbin@gmail.com> Co-authored-by: Chris Lei <chris@divbzero.com> Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Add an `is_recent` jinja filter This determines if the given timestamp has occurred w/in a given window (currently the last 30 days) * Tell googlebot not to index recent projects If a project has been created in the last 30 days, tell googlebot not to index it. This will be removed after 30 days and the project will be able to be indexed. * Update translations

* warehouse/oidc: rough model skeleton * warehouse/oidc: fix imports * warehouse/migrations: add migration for OIDC models * warehouse/migrations: reformat * warehouse/oidc: add basic verification logic * oidc/services: reduce clock skew leeway to 30s * warehouse/oidc: refactor claim verification * oidc/models: fill in missing properties * warehouse/migrations: remove original OIDC migration Add many-many project-provider association. * warehouse: add OIDC migration, fix association * warehouse: reformat * warehouse: OIDC route/view skeleton work * warehouse: form, view logic for adding OIDC providers * manage/views: disable HTTP cache, add TODO * warehouse: move oidc views to "publishing" ...and make it a sub-page for project management. * warehouse: provider deletion routing * warehouse: shore up constraints, better error flashes * warehouse/migrations: rebase revision * warehouse/templates: update OIDC language Refer to OIDC providers as "OpenID Connect publishers" * warehouse: OIDC rate limiting groundwork * manage/views: clean up OIDC events * warehouse: use GitHub token for API requests, when available * oidc/forms: special casing for rate limiting Record errors with Sentry. * warehouse: split user/repo form inputs apart * warehouse/templates: link to GitHub's OIDC docs * oidc/models: remove actor from checked claims * templates/email: add OIDC email templates * warehouse: fix templates, add email sending logic * warehouse: add an AdminFlag for OIDC control * oidc/models: use set operators * oidc/forms: exception driven handling for GitHub API errors * warehouse: OIDC ratelimiting logic Also some small HTML fixes. * warehouse/locale: update translations * warehouse: lintage * templates/manage/settings: remove vestigial HTML * warehouse: address feedback * Simplify form handling * Validate GitHub usernames against a regex * Fix form error presentation * manage/views: more feedback addressing * Prevent an infoleak in a session flash * Reword a confusing comment * Update warehouse/manage/views.py Co-authored-by: Dustin Ingram <di@users.noreply.github.com> * manage/views: fixups * warehouse: add "OIDC provider removed" emails * oidc/forms: use GH org regex in callable validator body * warehouse/locale: update translations * tests, warehouse: begin writing unit tests * More tests, restructure for testing * tests: fill in GitHubProviderForm tests * tests, warehouse: more tests, adaptations for testing * tests: more manage/view tests * tests, warehouse: ratelimit tests, fix bug * tests: round out ratelimiting * tests: more tests * tests, warehouse: OIDC deletion tests Also, gets some coverage for free by reusing a helper. * tests, warehouse: fill in model checks Accommodations for testing. * oidc/models: type hints * warehouse/locale: `make translations` * tests, warehouse: site-wide OIDC feature flag * warehouse: `make translations` * treewide: route to 404 when OIDC is disabled Enable OIDC by default for development environments; update tests. * warehouse: `make translations` * Update warehouse/templates/manage/publishing.html Co-authored-by: Joachim Jablon <ewjoachim@gmail.com> * oidc/{interfaces,services}: simplify API * tests: update * warehouse/migrations: rebase * tests, warehouse: move ratelimit hit up * warehouse: `make translations` * warehouse: plug in more OIDC metrics Adds additional metrics on: * Publisher configuration (attempt + ok) * Publisher removal (attempt + ok) * JWT signature verification (attempt + ok) * warehouse/oidc: add a `verify_for_helper` iface method This encapsulates the entire JWT verification process. It isn't hooked up to anything yet, but just to get something down. * manage/views: add provider names to metrics * oidc/services: add project tag to metrics during JWT verification * oidc/services: include provider name in metrics too * tests/unit: plumb metrics through OIDC unit tests * tests/unit: fill in coverage * warehouse: `make translations` * tests, warehouse: disable `job_workflow_ref` For now. * Apply suggestions from code review Co-authored-by: Dustin Ingram <di@users.noreply.github.com> * tests, warehouse: update tests for changes Also use `workflow_filename` consistently. * warehouse, tests: email all users on OIDC changes Instead of just owners. * warehouse, tests: include publisher info in OIDC emails * warehouse: `make translations` Co-authored-by: Dustin Ingram <di@users.noreply.github.com> Co-authored-by: Joachim Jablon <ewjoachim@gmail.com>

* Bump boto3 from 1.21.29 to 1.21.34 Bumps [boto3](https://github.com/boto/boto3) from 1.21.29 to 1.21.34. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.29...1.21.34) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3-stubs from 1.21.29 to 1.21.34.post1 Bumps [boto3-stubs](https://github.com/youtype/mypy_boto3_builder) from 1.21.29 to 1.21.34.post1. - [Release notes](https://github.com/youtype/mypy_boto3_builder/releases) - [Commits](https://github.com/youtype/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: boto3-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-setuptools from 57.4.11 to 57.4.12 Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.11 to 57.4.12. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore-stubs from 1.24.29 to 1.24.34.post1 Bumps [botocore-stubs](https://github.com/youtype/mypy_boto3_builder) from 1.24.29 to 1.24.34.post1. - [Release notes](https://github.com/youtype/mypy_boto3_builder/releases) - [Commits](https://github.com/youtype/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: botocore-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-html5lib from 1.1.5 to 1.1.6 Bumps [types-html5lib](https://github.com/python/typeshed) from 1.1.5 to 1.1.6. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-html5lib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump celery[sqs] from 5.2.2 to 5.2.6 Bumps [celery[sqs]](https://github.com/celery/celery) from 5.2.2 to 5.2.6. - [Release notes](https://github.com/celery/celery/releases) - [Changelog](https://github.com/celery/celery/blob/v5.2.6/Changelog.rst) - [Commits](celery/celery@v5.2.2...v5.2.6) --- updated-dependencies: - dependency-name: celery[sqs] dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump prompt-toolkit from 3.0.28 to 3.0.29 Bumps [prompt-toolkit](https://github.com/prompt-toolkit/python-prompt-toolkit) from 3.0.28 to 3.0.29. - [Release notes](https://github.com/prompt-toolkit/python-prompt-toolkit/releases) - [Changelog](https://github.com/prompt-toolkit/python-prompt-toolkit/blob/master/CHANGELOG) - [Commits](prompt-toolkit/python-prompt-toolkit@3.0.28...3.0.29) --- updated-dependencies: - dependency-name: prompt-toolkit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump setuptools from 61.2.0 to 62.0.0 Bumps [setuptools](https://github.com/pypa/setuptools) from 61.2.0 to 62.0.0. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v61.2.0...v62.0.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump redis from 4.2.0 to 4.2.2 Bumps [redis](https://github.com/redis/redis-py) from 4.2.0 to 4.2.2. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v4.2.0...v4.2.2) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-redis from 4.1.18 to 4.1.19 Bumps [types-redis](https://github.com/python/typeshed) from 4.1.18 to 4.1.19. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump zipp from 3.7.0 to 3.8.0 Bumps [zipp](https://github.com/jaraco/zipp) from 3.7.0 to 3.8.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/CHANGES.rst) - [Commits](jaraco/zipp@v3.7.0...v3.8.0) --- updated-dependencies: - dependency-name: zipp dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-boto3 from 1.0.1 to 1.0.2 Bumps [types-boto3](https://github.com/youtype/mypy_boto3_builder) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/youtype/mypy_boto3_builder/releases) - [Commits](youtype/mypy_boto3_builder@1.0.1...1.0.2) --- updated-dependencies: - dependency-name: types-boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-requests from 2.27.15 to 2.27.16 Bumps [types-requests](https://github.com/python/typeshed) from 2.27.15 to 2.27.16. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump protobuf from 3.19.4 to 3.20.0 Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 3.19.4 to 3.20.0. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py) - [Commits](protocolbuffers/protobuf@v3.19.4...v3.20.0) --- updated-dependencies: - dependency-name: protobuf dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump doc8 from 0.10.1 to 0.11.1 Bumps [doc8](https://github.com/pycqa/doc8) from 0.10.1 to 0.11.1. - [Release notes](https://github.com/pycqa/doc8/releases) - [Commits](PyCQA/doc8@0.10.1...0.11.1) --- updated-dependencies: - dependency-name: doc8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sqlalchemy[asyncio] from 1.4.32 to 1.4.34 Bumps [sqlalchemy[asyncio]](https://github.com/sqlalchemy/sqlalchemy) from 1.4.32 to 1.4.34. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy[asyncio] dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump click from 8.0.4 to 8.1.2 Bumps [click](https://github.com/pallets/click) from 8.0.4 to 8.1.2. - [Release notes](https://github.com/pallets/click/releases) - [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst) - [Commits](pallets/click@8.0.4...8.1.2) --- updated-dependencies: - dependency-name: click dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump trove-classifiers from 2022.3.21 to 2022.3.30 Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2022.3.21 to 2022.3.30. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Cryptex <alvinsze837@gmail.com> Co-authored-by: Cube Kassaki <2524737581@qq.com> Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Jonáš Hanulík <jonashanulik@gmail.com> Co-authored-by: Matin <MatiinBaloochestani@gmail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: Yuuka <flamango760717@163.com> Co-authored-by: simberaj <simbera.jan@gmail.com> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Cryptex <alvinsze837@gmail.com> Co-authored-by: Cube Kassaki <2524737581@qq.com> Co-authored-by: Eric <alchemillatruth@purelymail.com> Co-authored-by: Jonáš Hanulík <jonashanulik@gmail.com> Co-authored-by: Matin <MatiinBaloochestani@gmail.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Co-authored-by: Rafael Fontenelle <rafaelff@gnome.org> Co-authored-by: Sviatoslav Sydorenko <wk+weblate.org@sydorenko.org.ua> Co-authored-by: Yuuka <flamango760717@163.com> Co-authored-by: simberaj <simbera.jan@gmail.com>

As far as I can tell, `make tests` executes bin/tests and only runs pytest for our Python code. `make static_tests` is required to execute bin/static_tests and run jest for our JavaScript code.

maildev, the mock email service used for development, wasn't working: 1. The `warehouse.email.send_email` task hit `ConnectionRefusedError`. 2. The maildev interface http://localhost:1080/ wouldn't load. Turns out that maildev ports were updated with v1.1.1. Updating ports according to maildev/maildev#281 resolved both issues, and pinning the version to v2.0.2 will prevent unexpected changes in the future.

* warehouse, tests: pick DB changes from pypi#11122 * warehouse: `make translations` * manage/views: remove outdated note * warehouse, tests: `Macaroon.permissions -> Macaroon.permissions_caveat` Emphasizes that this is the entire caveat, and not just the permissions body. * warehouse: `make translations` * warehouse/templates: handle stale event caveats Prior to these changes, the `caveats` field in API token events was a dictionary, not a list. * warehouse: `make translations`

* Bump trove-classifiers from 2022.3.30 to 2022.4.11 Bumps [trove-classifiers](https://github.com/pypa/trove-classifiers) from 2022.3.30 to 2022.4.11. - [Release notes](https://github.com/pypa/trove-classifiers/releases) - [Commits](https://github.com/pypa/trove-classifiers/commits/2022.4.11) --- updated-dependencies: - dependency-name: trove-classifiers dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-core from 2.2.3 to 2.3.0 Bumps [google-cloud-core](https://github.com/googleapis/python-cloud-core) from 2.2.3 to 2.3.0. - [Release notes](https://github.com/googleapis/python-cloud-core/releases) - [Changelog](https://github.com/googleapis/python-cloud-core/blob/main/CHANGELOG.md) - [Commits](googleapis/python-cloud-core@v2.2.3...v2.3.0) --- updated-dependencies: - dependency-name: google-cloud-core dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sentry-sdk from 1.5.8 to 1.5.9 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.8 to 1.5.9. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.8...1.5.9) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore-stubs from 1.24.34.post1 to 1.24.38 Bumps [botocore-stubs](https://github.com/youtype/mypy_boto3_builder) from 1.24.34.post1 to 1.24.38. - [Release notes](https://github.com/youtype/mypy_boto3_builder/releases) - [Commits](https://github.com/youtype/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: botocore-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore from 1.24.34 to 1.24.38 Bumps [botocore](https://github.com/boto/botocore) from 1.24.34 to 1.24.38. - [Release notes](https://github.com/boto/botocore/releases) - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.24.34...1.24.38) --- updated-dependencies: - dependency-name: botocore dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3-stubs from 1.21.34.post1 to 1.21.38 Bumps [boto3-stubs](https://github.com/youtype/mypy_boto3_builder) from 1.21.34.post1 to 1.21.38. - [Release notes](https://github.com/youtype/mypy_boto3_builder/releases) - [Commits](https://github.com/youtype/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: boto3-stubs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.34 to 1.21.38 Bumps [boto3](https://github.com/boto/boto3) from 1.21.34 to 1.21.38. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.34...1.21.38) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump setuptools from 62.0.0 to 62.1.0 Bumps [setuptools](https://github.com/pypa/setuptools) from 62.0.0 to 62.1.0. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](pypa/setuptools@v62.0.0...v62.1.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump beautifulsoup4 from 4.10.0 to 4.11.1 Bumps [beautifulsoup4](https://www.crummy.com/software/BeautifulSoup/bs4/) from 4.10.0 to 4.11.1. --- updated-dependencies: - dependency-name: beautifulsoup4 dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pyparsing from 3.0.7 to 3.0.8 Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 3.0.7 to 3.0.8. - [Release notes](https://github.com/pyparsing/pyparsing/releases) - [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) - [Commits](pyparsing/pyparsing@pyparsing_3.0.7...pyparsing_3.0.8) --- updated-dependencies: - dependency-name: pyparsing dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump bleach from 4.1.0 to 5.0.0 Bumps [bleach](https://github.com/mozilla/bleach) from 4.1.0 to 5.0.0. - [Release notes](https://github.com/mozilla/bleach/releases) - [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES) - [Commits](mozilla/bleach@v4.1.0...v5.0.0) --- updated-dependencies: - dependency-name: bleach dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-psycopg2 from 2.9.9 to 2.9.10 Bumps [types-psycopg2](https://github.com/python/typeshed) from 2.9.9 to 2.9.10. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-auth from 2.6.2 to 2.6.3 Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.6.2 to 2.6.3. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.6.2...v2.6.3) --- updated-dependencies: - dependency-name: google-auth dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump disposable-email-domains from 0.0.78 to 0.0.79 Bumps [disposable-email-domains](https://github.com/disposable-email-domains/disposable-email-domains) from 0.0.78 to 0.0.79. - [Release notes](https://github.com/disposable-email-domains/disposable-email-domains/releases) - [Commits](https://github.com/disposable-email-domains/disposable-email-domains/commits) --- updated-dependencies: - dependency-name: disposable-email-domains dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump webauthn from 1.4.0 to 1.5.0 Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/duo-labs/py_webauthn/releases) - [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md) - [Commits](duo-labs/py_webauthn@v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: webauthn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sqlalchemy[asyncio] from 1.4.34 to 1.4.35 Bumps [sqlalchemy[asyncio]](https://github.com/sqlalchemy/sqlalchemy) from 1.4.34 to 1.4.35. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy[asyncio] dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump soupsieve from 2.3.1 to 2.3.2 Bumps [soupsieve](https://github.com/facelessuser/soupsieve) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/facelessuser/soupsieve/releases) - [Commits](facelessuser/soupsieve@2.3.1...2.3.2) --- updated-dependencies: - dependency-name: soupsieve dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Nathan <bonnemainsnathan@gmail.com> Translate-URL: https://hosted.weblate.org/projects/pypa/warehouse/ Translation: pypa/warehouse Co-authored-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Co-authored-by: Nathan <bonnemainsnathan@gmail.com>

* feat(dev): express dependencies better Currently, a developer is expected to perform `make serve` prior to running `make initdb`, as the `serve` command will start **all** services expressed in `docker-compose.yml`. By using a `healthcheck` on `db` that uses a built-in CLI tool to test for health, and Docker Compose 3.9 Long Syntax for the conditions, we can now run `make initdb` in one command, followed by `make serve`. This enables pre-build behaviors to establish the `postgres` and `elasticsearch` databases prior to other apps starting. Refs: https://docs.docker.com/compose/compose-file/#healthcheck Refs: https://www.postgresql.org/docs/10/app-pg-isready.html Refs: https://docs.docker.com/compose/compose-file/#long-syntax-1 Signed-off-by: Mike Fiedler <miketheman@gmail.com> * docs: reorder commands to reflect usage Removes the secondary terminal session as a result! Signed-off-by: Mike Fiedler <miketheman@gmail.com>

While the previous command works, and reports that the db is indeed ready and live for traffic, it emits wanrings in the logs that the role named "root" does not exist, since it's executing under the user context it was started with. The healthcheck runs at 30 second intervals, so gets noisy. Pass the explicit user role to prevent these warnings. Signed-off-by: Mike Fiedler <miketheman@gmail.com>

dev db dump is years old, screenshots using my user account are painful

* warehouse, tests: add and test `ExpiryCaveat` * warehouse, tests: refactor macaroon failure handling Add tests for success/failure conditions in the top-level verifier. * tests: lint and format * macaroons/caveats: remove `_fail` API This was a misdesign. Co-authored-by: Ee Durbin <ewdurbin@gmail.com>

* Generic events * Update migration to rename table/columns in place * Use AbstractConcreteBase * Address feedback from review * Remove commented out line * Linting

@ewdurbin

* admin-new-organization-requested email template * new-orgnization-requested email template * Test admin-new-organization-requested email * Test new-organization-requested email * Translate *-organization-requested consistently * `make translations` for *-organization-requested * Remove translations from admin-* emails On second thought, we probably don't want localization for admin emails. * Initial cut at db model architecture * Ran code thru make reformat and lint (pypa#11070) * Added tests for new db models (pypa#11070) * Numerous tweaks to db models * Require value for is_active and ran reformat. * Regenerate migrations for Organization models docker-compose run web python -m warehouse db revision --autogenerate --message "Create Organization models" make reformat Forced to regenerate migrations due to recent database changes (pypi#11157). * Numerous tweaks to alembic scripts * Initial implementation of organization service. * Implementing organization events functionality. * Added tests for organization services. * Added OrganizationFactory class for model. * Blank /manage/organizations/ page * Create organization form on /manage/organizations/ - Organization account name - Organization name - Organization URL - Organization description - Organization type * Register DatabaseOrganizationService Found the droids that we're looking for. * POST /manage/organizations/ database updates * Add .get_admins method to user service * POST /manage/organizations/ email notifications * Blank /admin/organizations/approve/ page This is a placeholder so we can reference `admin.organization.approve` as a route in the admin-new-organization-requested email. * Test GET /manage/organizations/ - `ManageOrganizationsViews.default_response` - `ManageOrganizationsViews.manage_organizations()` * Translations for /manage/organizations/ make translations * Fixed OrganizationType enum. * Test POST /manage/organizations/ - `ManageOrganizationsViews.create_organization()` * Test CreateOrganizationForm * Placeholder to test /admin/organizations/approve/ Provides code coverage for the blank page added in 2c70616. * Test `DatabaseUserService.get_admins()` * NFC: Add comments about intentionally blank page * Record events for POST /manage/organizations/ Co-Authored-By: sterbo <matt.sterba@gmail.com> * Test record events for POST /manage/organizations/ * Functional test for POST /manage/organizations/ * Comment out `OrganizationFactory` for future use Co-Authored-By: sterbo <matt.sterba@gmail.com> * NFC: Fix camel case for class names * Converted OrganizationRoleType to SQLAlchemy Enum * Add disable-organizations global admin flag * Add `AdminFlagValue.DISABLE_ORGANIZATIONS` * Modified org name catalog to store normalized name * {OrganizationEvents => Organization.Events} - Remove `OrganizationEvents` class - Add `HasEvents` mixing to `Organization` - Update references {OrganizationEvents => Organization.Events} - Update database migration {organization_id => source_id} * Store id instead of username in new events `Organization.Event` with tag: - organization:create - organization:catalog_entry:add - organization:organization_role:invite - organization:organization_role:accepted `User.Event` with tag: - account:organization_role:accepted * Display CreateOrganizationForm errors If there is a validation error, return the existing invalid form instead of a new blank form so user can actually see that validation error. * Tweak naming in events data {*_id => *_user_id} - {created_by_id => created_by_user_id} - {submitted_by_id => submitted_by_user_id} Discussed with @ewdurbin. Using `*_user_id` seems more clear. Co-authored-by: sterbo <matt.sterba@gmail.com>

The mailing list was shut down at the end of 2021. Remove the reference from the Help page and translations. Refs: https://mail.python.org/archives/list/distutils-sig@python.org/message/TINMM5LQKQTTJDVGC224RMG7JGPXL4MQ/ Signed-off-by: Mike Fiedler <miketheman@gmail.com>

* [WIP] initial renamings and migration * migrations: bump revision * Revert "migrations: bump revision" This reverts commit 38035bd. * tests, warehouse: update tests * migrations: rename instead of drop/add

* Add the missing index for the events tables * Bring project_events foreign key inline with other tables

* Remove 'add another token' form from token creation page * Update translations

The `bin/static_lint` step of `make lint` was throwing an error: + export LC_ALL=en_US.UTF-8 + LC_ALL=en_US.UTF-8 + export LANG=en_US.UTF-8 + LANG=en_US.UTF-8 + ./node_modules/.bin/eslint 'warehouse/static/js/**' '**.js' 'tests/frontend/**' --ignore-pattern 'warehouse/static/js/vendor/**' bin/static_lint: line 12: ./node_modules/.bin/eslint: No such file or directory make: *** [lint] Error 1 Fixed by running `bin/static_lint` in the `static` Docker container.

* Focus 2FA TOTP field * i18n Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

* Bump cryptography from 36.0.2 to 37.0.0 Bumps [cryptography](https://github.com/pyca/cryptography) from 36.0.2 to 37.0.0. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@36.0.2...37.0.0) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump botocore-stubs from 1.24.38 to 1.25.1 Bumps [botocore-stubs](https://github.com/youtype/mypy_boto3_builder) from 1.24.38 to 1.25.1. - [Release notes](https://github.com/youtype/mypy_boto3_builder/releases) - [Commits](https://github.com/youtype/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: botocore-stubs dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3-stubs from 1.21.38 to 1.22.1 Bumps [boto3-stubs](https://github.com/youtype/mypy_boto3_builder) from 1.21.38 to 1.22.1. - [Release notes](https://github.com/youtype/mypy_boto3_builder/releases) - [Commits](https://github.com/youtype/mypy_boto3_builder/commits) --- updated-dependencies: - dependency-name: boto3-stubs dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sqlalchemy[asyncio] from 1.4.35 to 1.4.36 Bumps [sqlalchemy[asyncio]](https://github.com/sqlalchemy/sqlalchemy) from 1.4.35 to 1.4.36. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy[asyncio] dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump boto3 from 1.21.38 to 1.22.1 Bumps [boto3](https://github.com/boto/boto3) from 1.21.38 to 1.22.1. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.21.38...1.22.1) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump limits from 2.4.0 to 2.6.1 Bumps [limits](https://github.com/alisaifee/limits) from 2.4.0 to 2.6.1. - [Release notes](https://github.com/alisaifee/limits/releases) - [Changelog](https://github.com/alisaifee/limits/blob/master/HISTORY.rst) - [Commits](alisaifee/limits@2.4.0...2.6.1) --- updated-dependencies: - dependency-name: limits dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-redis from 4.1.19 to 4.2.0 Bumps [types-redis](https://github.com/python/typeshed) from 4.1.19 to 4.2.0. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-redis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pytest from 7.1.1 to 7.1.2 Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.1 to 7.1.2. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.1.1...7.1.2) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pygments from 2.11.2 to 2.12.0 Bumps [pygments](https://github.com/pygments/pygments) from 2.11.2 to 2.12.0. - [Release notes](https://github.com/pygments/pygments/releases) - [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES) - [Commits](pygments/pygments@2.11.2...2.12.0) --- updated-dependencies: - dependency-name: pygments dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump faker from 13.3.4 to 13.4.0 Bumps [faker](https://github.com/joke2k/faker) from 13.3.4 to 13.4.0. - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v13.3.4...v13.4.0) --- updated-dependencies: - dependency-name: faker dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump protobuf from 3.20.0 to 3.20.1 Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 3.20.0 to 3.20.1. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py) - [Commits](protocolbuffers/protobuf@v3.20.0...v3.20.1) --- updated-dependencies: - dependency-name: protobuf dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-auth from 2.6.3 to 2.6.6 Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.6.3 to 2.6.6. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.6.3...v2.6.6) --- updated-dependencies: - dependency-name: google-auth dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-psycopg2 from 2.9.10 to 2.9.13 Bumps [types-psycopg2](https://github.com/python/typeshed) from 2.9.10 to 2.9.13. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-psycopg2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump babel from 2.9.1 to 2.10.1 Bumps [babel](https://github.com/python-babel/babel) from 2.9.1 to 2.10.1. - [Release notes](https://github.com/python-babel/babel/releases) - [Changelog](https://github.com/python-babel/babel/blob/master/CHANGES.rst) - [Commits](python-babel/babel@v2.9.1...v2.10.1) --- updated-dependencies: - dependency-name: babel dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-requests from 2.27.16 to 2.27.20 Bumps [types-requests](https://github.com/python/typeshed) from 2.27.16 to 2.27.20. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump readme-renderer[md] from 34.0 to 35.0 Bumps [readme-renderer[md]](https://github.com/pypa/readme_renderer) from 34.0 to 35.0. - [Release notes](https://github.com/pypa/readme_renderer/releases) - [Changelog](https://github.com/pypa/readme_renderer/blob/main/CHANGES.rst) - [Commits](pypa/readme_renderer@34.0...35.0) --- updated-dependencies: - dependency-name: readme-renderer[md] dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-setuptools from 57.4.12 to 57.4.14 Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.12 to 57.4.14. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-html5lib from 1.1.6 to 1.1.7 Bumps [types-html5lib](https://github.com/python/typeshed) from 1.1.6 to 1.1.7. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-html5lib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-python-slugify from 5.0.3 to 5.0.4 Bumps [types-python-slugify](https://github.com/python/typeshed) from 5.0.3 to 5.0.4. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-python-slugify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump types-urllib3 from 1.26.11 to 1.26.13 Bumps [types-urllib3](https://github.com/python/typeshed) from 1.26.11 to 1.26.13. - [Release notes](https://github.com/python/typeshed/releases) - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-urllib3 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump amqp from 5.1.0 to 5.1.1 Bumps [amqp](https://github.com/celery/py-amqp) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/celery/py-amqp/releases) - [Changelog](https://github.com/celery/py-amqp/blob/master/Changelog) - [Commits](celery/py-amqp@v5.1.0...v5.1.1) --- updated-dependencies: - dependency-name: amqp dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump platformdirs from 2.5.1 to 2.5.2 Bumps [platformdirs](https://github.com/platformdirs/platformdirs) from 2.5.1 to 2.5.2. - [Release notes](https://github.com/platformdirs/platformdirs/releases) - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst) - [Commits](tox-dev/platformdirs@2.5.1...2.5.2) --- updated-dependencies: - dependency-name: platformdirs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump sentry-sdk from 1.5.9 to 1.5.10 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.9 to 1.5.10. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.5.9...1.5.10) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump soupsieve from 2.3.2 to 2.3.2.post1 Bumps [soupsieve](https://github.com/facelessuser/soupsieve) from 2.3.2 to 2.3.2.post1. - [Release notes](https://github.com/facelessuser/soupsieve/releases) - [Commits](facelessuser/soupsieve@2.3.2...2.3.2.post1) --- updated-dependencies: - dependency-name: soupsieve dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google-cloud-storage from 2.2.1 to 2.3.0 Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.2.1 to 2.3.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](googleapis/python-storage@v2.2.1...v2.3.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…cified in the pkginfo twice (in the Home-page or Download-URL field and again in one of the Project-URL fields). closes pypi#11220 (pypi#11273)

Bumps [cryptography](https://github.com/pyca/cryptography) from 37.0.0 to 37.0.1. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@37.0.0...37.0.1) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* tests, warehouse: validate job_workflow_ref Add a bunch of counterexample tests to be certain. * oidc/models: wrap `re.match` to make mypy happy * tests/oidc: update * warehouse, tests: fix `job_workflow_ref` regex * tests, warehouse: refactor `job_workflow_ref` again * warehouse, tests: refactor `job_workflow_ref` verification again Co-authored-by: Dustin Ingram <di@users.noreply.github.com>

@ewdurbin

* admin-new-organization-approved email template * admin-new-organization-declined email template * new-organization-approved email template * new-organization-declined email template * Remove translations from admin-* emails Realized that translations for admin-* emails don't really make sense. Similar to commit bec7058. * Test *new-organization-{approved,declined} emails - admin-new-organization-approved - admin-new-organization-declined - new-organization-approved - new-organization-declined * Mockup of approve organization form for admin * Add message textarea to approve organization form * Add more context to approve organization form * Rename view admin.organization.{approve => detail} * Implement GET approve organization form * Revamp UX for approve organization form As @ewdurbin pointed out, the approve organziation form in the admin interface should use the same design as the rest of the admin interface: - Changed style to AdminLTE theme. - Moved *Approve* or *Decline* dialog to *Actions* box. - Added confirmation modals for *Approve* or *Decline*. - Added *type orgnization name to confirm* to confirmation modals. The *Actions* box and confirmation modals follow the same patterns used in the user detail admin page. * Implement POST approve organization form * Get requesting user for approve organization form Used Organization.events relationship per @sterbo's suggestion. * Handle status in approve organization form - Add "Approval Status" to "Organization Request" details - Allow admin to change approval decision - Disable "Approve" button if already approved - Disable "Decline" button if already declined * Store id instead of username in new events `Organization.Event` with tag: - organization.approve - organization.decline * GET /admin/organizations/ to list organizations * Add "Organizations" to admin sidebar Show only if `AdminFlagValue.DISABLE_ORGANIZATIONS` is unchecked. * Test GET /admin/organizations/ * NFC: Rename tests *_{disallow => disable}_organizations * "Organizations" admin 404 if disable-organizations 404 Not Found for "Organizations" admin if `disable-organizations` admin flag is checked. * NFC: `organization_*` prefix for admin org views * GET /admin/organizations/?q=... faceted search * GET /admin/organizations?q=... improved search UI * Update tests for GET /admin/organizations/ * Link breadcrumb to GET /admin/organizations/ * Fix flaky tests for /admin/organizations/ - Avoid unstable sort using `.normalized_name.lower()` as key - Avoid unreliable comparison of `paginate.Page` and `list` Co-authored-by: Ee Durbin <ewdurbin@gmail.com>

* warehouse: begin using security policies WIP. * Remove pyramid-multiauth, begin switching to security policies * migrations: remove incorrectly checked in migrations * warehouse: fix principals a little bit * warehouse: begin using real security policies Also fixes the weirdness with ACLs. * warehouse: port basic auth * warehouse: port macaroon policy, remove transition shim * utils/security_policy: fix principals Again. * warehouse: fix lint * tests/unit: rename-o-rama * Improve the readabililty of the overall diff * warehouse: refactor security policies Punt principal handling further down, remove the generic identity implementation, etc. etc. * macaroons/security_policy: remove redundant route check * accounts/security_policy: lint * Update warehouse/utils/security_policy.py Co-authored-by: Joachim Jablon <ewjoachim@gmail.com> * macaroons/security_policy: avoid a DB roundtrip * utils/security_policy: simplify principals, add comment * utils/security_policy: re-add id principal * warehouse: disambiguate user IDs inside the principal set * packaging/models: blacken * tests, warehouse: the long and winding road * tests/packaging: fix ACL tests * tests, warehouse: rewrite account security policy tests * macaroons: make the tests pass * tests: finish tests * warehouse: move session invalidation to session authn * tests, warehouse: update tests * utils/security_policy: authenticated_userid only works for user identities * tests: update utils/security_policy tests Co-authored-by: Dustin Ingram <di@users.noreply.github.com> Co-authored-by: Joachim Jablon <ewjoachim@gmail.com>

Commits on Feb 4, 2022

Updates from pip-tools 6.5.0 (pypi#10687 )

di authored Feb 4, 2022

Configuration menu

View commit details

Copy full SHA for d0e5995

Browse repository at this point

Copy the full SHA

d0e5995 View commit details

Browse the repository at this point in the history

Commits on Apr 21, 2022

Strip whitespace from macaroon (pypi#11230 )

di authored Apr 21, 2022

Configuration menu

View commit details

Copy full SHA for b4d7080

Browse repository at this point

Copy the full SHA

b4d7080 View commit details

Browse the repository at this point in the history

Draft Releases Pre-Review #1

Are you sure you want to change the base?

Draft Releases Pre-Review #1

Commits on Nov 17, 2021

Commits on Nov 18, 2021

Commits on Nov 19, 2021

Commits on Nov 21, 2021

Commits on Nov 23, 2021

Commits on Nov 24, 2021

Commits on Nov 27, 2021

Commits on Nov 30, 2021

Commits on Dec 1, 2021

Commits on Dec 2, 2021

Commits on Dec 4, 2021

Commits on Dec 5, 2021

Commits on Dec 9, 2021

Commits on Dec 10, 2021

Commits on Dec 12, 2021

Commits on Dec 13, 2021

Commits on Dec 14, 2021

Commits on Dec 16, 2021

Commits on Dec 17, 2021

Commits on Dec 18, 2021

Commits on Dec 20, 2021

Commits on Jan 3, 2022

Commits on Jan 4, 2022

Commits on Jan 5, 2022

Commits on Jan 7, 2022

Commits on Jan 15, 2022

Commits on Jan 20, 2022

Commits on Jan 21, 2022

Commits on Jan 22, 2022

Commits on Jan 24, 2022

Commits on Jan 27, 2022

Commits on Feb 2, 2022

Commits on Feb 4, 2022

Commits on Feb 7, 2022

Commits on Feb 10, 2022

Commits on Feb 11, 2022

Commits on Feb 12, 2022

Commits on Feb 14, 2022

Commits on Feb 16, 2022

Commits on Feb 17, 2022

Commits on Feb 18, 2022

Commits on Feb 21, 2022

Commits on Feb 22, 2022

Commits on Feb 23, 2022

Commits on Feb 24, 2022

Commits on Feb 25, 2022

Commits on Feb 28, 2022

Commits on Mar 1, 2022

Commits on Mar 2, 2022

Commits on Mar 3, 2022

Commits on Mar 6, 2022

Commits on Mar 7, 2022

Commits on Mar 9, 2022

Commits on Mar 10, 2022

Commits on Mar 14, 2022

Commits on Mar 15, 2022

Commits on Mar 16, 2022

Commits on Mar 17, 2022

Commits on Mar 20, 2022

Commits on Mar 21, 2022

Commits on Mar 28, 2022

Commits on Mar 30, 2022

Commits on Apr 1, 2022

Commits on Apr 4, 2022

Commits on Apr 5, 2022

Commits on Apr 6, 2022

Commits on Apr 8, 2022

Commits on Apr 12, 2022

Commits on Apr 13, 2022

Commits on Apr 14, 2022

Commits on Apr 19, 2022

Commits on Apr 20, 2022

Commits on Apr 21, 2022

Commits on Apr 25, 2022

Commits on Apr 26, 2022

Commits on Apr 27, 2022

Commits on Apr 28, 2022