Skip to content

build(deps): bump requests from 2.31.0 to 2.32.2 in /drivers/gpu/drm/ci/xfails #63

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10,000 commits into
base: develop
Choose a base branch
from
Open

build(deps): bump requests from 2.31.0 to 2.32.2 in /drivers/gpu/drm/ci/xfails #63

wants to merge 10,000 commits into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github May 12, 2025
edited
Loading

Bumps requests from 2.31.0 to 2.32.2.

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits
  • 88dce9d v2.32.2
  • c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
  • 92075b3 Add deprecation warning
  • aa1461b Move _get_connection to get_connection_with_tls_context
  • 970e8ce v2.32.1
  • d6ebc4a v2.32.0
  • 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
  • 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
  • 555b870 Allow character detection dependencies to be optional in post-packaging steps
  • d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Andrea Righi and others added 30 commits April 15, 2025 11:23
@mrphilcox
UBUNTU: [Config] aws: disable Rust support
0681112 
BugLink: https://bugs.launchpad.net/bugs/2015867

Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Start new release
fcbf216 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
ebd25df 
BugLink: https://bugs.launchpad.net/bugs/2016251
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.2.0-1004.4
31893ba 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@rtg-canonical @mrphilcox
UBUNTU: Move sev-guest to linux-modules
e402455 
BugLink: https://bugs.launchpad.net/bugs/2018303

Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: John Cabaj <john.cabaj@canonical.com>
Acked-by: Cengiz Can <cengiz.can@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
@mrphilcox
UBUNTU: [Packaging] update.conf: switch to mantic/linux-unstable
9f74f22 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: [Packaging] move to mantic with linux 6.5
d5321ba 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: [Config] update annotations after rebase to 6.5
1a0e7c7 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: [Packaging] aws: ZSTD compress module
46ec9dd 
Add zstd to the build dependencies to support compressed zstd modules.

BugLink: https://bugs.launchpad.net/bugs/2028568
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: [Packaging] aws: add libstdc++-dev to the build dependencies
c0390f6 
perf now requires libstdc++-dev to build.

Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Start new release
088880e 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
ed5c7a4 
BugLink: https://bugs.launchpad.net/bugs/2029220
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.5.0-1001.1
fc4a8b9 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: [Packaging] aws: add python3-dev to build-depends
4d96bb7 
python3-dev is now required by the regular kernel build process, add it
to build-depends.

Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Start new release
3d595c4 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
de4b35f 
BugLink: https://bugs.launchpad.net/bugs/2029364
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.5.0-1002.2
014d6ba 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: [Packaging] update update.conf
28eb61d 
BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Start new release
31c92c1 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
93b9f1a 
BugLink: https://bugs.launchpad.net/bugs/2033021
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: [Config] aws: update toolchain versions in annotations
b29c410 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.5.0-1003.3
591569a 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Start new release
9af998e 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
beb2555 
BugLink: https://bugs.launchpad.net/bugs/2034043
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.5.0-1004.4
2cc671e 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Start new release
30ab014 
Ignore: yes
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
aed8f99 
BugLink: https://bugs.launchpad.net/bugs/2034547
Properties: no-test-build
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.5.0-1005.5
48620f6 
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
@piso77 @mrphilcox
UBUNTU: Start new release
4ccfa65 
Ignore: yes
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
@piso77 @mrphilcox
UBUNTU: link-to-tracker: update tracking bug
b4337a1 
BugLink: https://bugs.launchpad.net/bugs/2035596
Properties: no-test-build
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
nicolinc and others added 16 commits April 15, 2025 11:23
@nicolinc @mrphilcox
iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding
1f7be3d 
BugLink: https://bugs.launchpad.net/bugs/2101185

The hardware limitation "max=19" actually comes from SMMU Command Queue.
So, it'd be more natural for tegra241-cmdqv driver to read it out rather
than hardcoding it itself.

This is not an issue yet for a kernel on a baremetal system, but a guest
kernel setting the queue base/size in form of IPA/gPA might result in a
noncontiguous queue in the physical address space, if underlying physical
pages backing up the guest RAM aren't contiguous entirely: e.g. 2MB-page
backed guest RAM cannot guarantee a contiguous queue if it is 8MB (capped
to VCMDQ_LOG2SIZE_MAX=19). This might lead to command errors when HW does
linear-read from a noncontiguous queue memory.

Adding this extra IDR1.CMDQS cap (in the guest kernel) allows VMM to set
SMMU's IDR1.CMDQS=17 for the case mentioned above, so a guest-level queue
will be capped to maximum 2MB, ensuring a contiguous queue memory.

Fixes: a379971 ("iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift")
Reported-by: Ian Kalinowski <ikalinowski@nvidia.com>
Cc: stable@vger.kernel.org
Signed-off-by: Nicolin Chen <nicolinc@nvidia.com>
Link: https://lore.kernel.org/r/20241219051421.1850267-1-nicolinc@nvidia.com
Signed-off-by: Will Deacon <will@kernel.org>
(cherry picked from commit e94dc6d)
Signed-off-by: Magali Lemes <magali.lemes@canonical.com>
Acked-by: Philip Cox <philip.cox@canonical.com>
Acked-by: Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>
Signed-off-by: Magali Lemes <magali.lemes@canonical.com>
@mrphilcox
UBUNTU: Start new release
87f3efe 
Ignore: yes
Signed-off-by: Philip Cox <philip.cox@canonical.com>
@mrphilcox
UBUNTU: [Packaging]: wdat_wdt.ko is moved from "linux-modules-extra-*…
2e843ec 
…-generic" to "linux-modules-*-generic"

BugLink: https://bugs.launchpad.net/bugs/2098554

Linux supports the virtual watchdog timer through the "wdat_wdt" module.
In Ubuntu 24.04 LTS on amd64, this module is in the
"linux-modules-extra-*-generic" series of packages. These are depended on by
the "linux-image-generic" package, but not by the "linux-image-virtual"
package. The latter is what is included in Ubuntu Official Cloud Images.

Installing "linux-image-virtual" on amd64 should get the "wdat_wdt" module
because it's necessary to fully support a common hypervisor. And to be
consistent, we should do the same for other architectures too.

Signed-off-by: Mehmet Basaran<mehmet.basaran@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Agathe Porte <agathe.porte@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
(copied from master)
Signed-off-by: Philip Cox <philip.cox@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
0da4008 
BugLink: https://bugs.launchpad.net/bugs/2102494
Properties: no-test-build
Signed-off-by: Philip Cox <philip.cox@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.8.0-1027.29
e8bce3d 
Signed-off-by: Philip Cox <philip.cox@canonical.com>
@mrphilcox
UBUNTU: Start new release
11c5a47 
Ignore: yes
Signed-off-by: Philip Cox <philip.cox@canonical.com>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
0bb940a 
BugLink: https://bugs.launchpad.net/bugs/2107043
Properties: no-test-build
Signed-off-by: Philip Cox <philip.cox@canonical.com>
@mrphilcox
UBUNTU: Ubuntu-aws-6.8.0-1028.30
b0e23ce 
Signed-off-by: Philip Cox <philip.cox@canonical.com>
@jwk404
@@DELPHIX_PATCHSET_START@@
8bd456b 
This is a placeholder commit to separate the Ubuntu kernel source and
our patches. Used by kernel_merge_with_upstream() in the linux-pkg repo.
@pzakha
DLPX-71852 iSCSI: journal flooded with "Unable to locate Target IQN" …
79ae44d 
…messages (#2)
@pzakha
DLPX-72065 Aborted iSCSI command never completes after LUN reset (#4)
806187c
@pcd1193182
DLPX-83697 iscsi target login should wait until tx/rx threads have pr…
30c0a7e 
…operly started (#14)
DLPX-83701 Make function mnt_add_count() traceable (#16)
286a880
@palash-gandhi
Extract PKG_ABI from mutated string
4309eee
@sebroy
Reintroduce fix from DLPX-87344 to build only with amd64 annotations
8da87df
@dependabot
build(deps): bump requests in /drivers/gpu/drm/ci/xfails
f60e698 
Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.2.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.31.0...v2.32.2)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 12, 2025
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jun 10, 2025

A newer version of requests exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

@delphix-devops-bot delphix-devops-bot force-pushed the develop branch 2 times, most recently from 29c9032 to 6760015 Compare October 3, 2025 17:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.