Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the pip-minor group across 1 directory with 6 updates #204

Merged
merged 1 commit into from
Nov 25, 2024
Merged

Bump the pip-minor group across 1 directory with 6 updates #204

merged 1 commit into from
Nov 25, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 25, 2024
edited
Loading

Bumps the pip-minor group with 6 updates in the / directory:

Package From To
flask 3.0.3 3.1.0
werkzeug 3.1.1 3.1.3
cloud-sql-python-connector 1.13.0 1.14.0
pyjwt 2.9.0 2.10.0
sentry-sdk[flask] 2.17.0 2.19.0
ruff 0.7.2 0.8.0

Updates flask from 3.0.3 to 3.1.0

Release notes

Sourced from flask's releases.

3.1.0

This is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/Flask/3.1.0/ Changes: https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0 Milestone: https://github.com/pallets/flask/milestone/33?closed=1

  • Drop support for Python 3.8. #5623
  • Update minimum dependency versions to latest feature releases. Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. #5624, #5633
  • Provide a configuration option to control automatic option responses. #5496
  • Flask.open_resource/open_instance_resource and Blueprint.open_resource take an encoding parameter to use when opening in text mode. It defaults to utf-8. #5504
  • Request.max_content_length can be customized per-request instead of only through the MAX_CONTENT_LENGTH config. Added MAX_FORM_MEMORY_SIZE and MAX_FORM_PARTS config. Added documentation about resource limits to the security page. #5625
  • Add support for the Partitioned cookie attribute (CHIPS), with the SESSION_COOKIE_PARTITIONED config. #5472
  • -e path takes precedence over default .env and .flaskenv files. load_dotenv loads default files in addition to a path unless load_defaults=False is passed. #5628
  • Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. #5621
  • Fix how setting host_matching=True or subdomain_matching=False interacts with SERVER_NAME. Setting SERVER_NAME no longer restricts requests to only that domain. #5553
  • Request.trusted_hosts is checked during routing, and can be set through the TRUSTED_HOSTS config. #5636
Changelog

Sourced from flask's changelog.

Version 3.1.0

Released 2024-11-13

  • Drop support for Python 3.8. :pr:5623
  • Update minimum dependency versions to latest feature releases. Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. :pr:5624,5633
  • Provide a configuration option to control automatic option responses. :pr:5496
  • Flask.open_resource/open_instance_resource and Blueprint.open_resource take an encoding parameter to use when opening in text mode. It defaults to utf-8. :issue:5504
  • Request.max_content_length can be customized per-request instead of only through the MAX_CONTENT_LENGTH config. Added MAX_FORM_MEMORY_SIZE and MAX_FORM_PARTS config. Added documentation about resource limits to the security page. :issue:5625
  • Add support for the Partitioned cookie attribute (CHIPS), with the SESSION_COOKIE_PARTITIONED config. :issue:5472
  • -e path takes precedence over default .env and .flaskenv files. load_dotenv loads default files in addition to a path unless load_defaults=False is passed. :issue:5628
  • Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. :issue:5621
  • Fix how setting host_matching=True or subdomain_matching=False interacts with SERVER_NAME. Setting SERVER_NAME no longer restricts requests to only that domain. :issue:5553
  • Request.trusted_hosts is checked during routing, and can be set through the TRUSTED_HOSTS config. :issue:5636
Commits
  • ab81496 release version 3.1.0
  • 70602a1 remove test pypi
  • 6748a09 update dev dependencies
  • 22c48a7 Merge remote-tracking branch 'origin/stable'
  • 2eab96a use generic bases for session (#5638)
  • f49dbfd use generic bases for session
  • 7b21d43 configure and check request.trusted_hosts (#5637)
  • 4f7156f configure and check trusted_hosts
  • 10bdf61 setting SERVER_NAME does not restrict routing for both subdomain_matching...
  • 4995a77 fix subdomain_matching=False behavior
  • Additional commits viewable in compare view

Updates werkzeug from 3.1.1 to 3.1.3

Release notes

Sourced from werkzeug's releases.

3.1.3

This is the Werkzeug 3.1.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.

PyPI: https://pypi.org/project/Werkzeug/3.1.3/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3 Milestone: https://github.com/pallets/werkzeug/milestone/41?closed=1

  • Initial data passed to MultiDict and similar interfaces only accepts list, tuple, or set when passing multiple values. It had been changed to accept any Collection, but this matched types that should be treated as single values, such as bytes. #2994
  • When the Host header is not set and Request.host falls back to the WSGI SERVER_NAME value, if that value is an IPv6 address it is wrapped in [] to match the Host header. #2993

3.1.2

This is the Werkzeug 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.

PyPI: https://pypi.org/project/Werkzeug/3.1.2/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2 Milestone: https://github.com/pallets/werkzeug/milestone/40?closed=1

  • Improve type annotation for TypeConversionDict.get to allow the type parameter to be a callable. #2988
  • Headers does not inherit from MutableMapping, as it is does not exactly match that interface. #2989
Changelog

Sourced from werkzeug's changelog.

Version 3.1.3

Released 2024-11-08

  • Initial data passed to MultiDict and similar interfaces only accepts list, tuple, or set when passing multiple values. It had been changed to accept any Collection, but this matched types that should be treated as single values, such as bytes. :issue:2994
  • When the Host header is not set and Request.host falls back to the WSGI SERVER_NAME value, if that value is an IPv6 address it is wrapped in [] to match the Host header. :issue:2993

Version 3.1.2

Released 2024-11-04

  • Improve type annotation for TypeConversionDict.get to allow the type parameter to be a callable. :issue:2988
  • Headers does not inherit from MutableMapping, as it is does not exactly match that interface. :issue:2989
Commits

Updates cloud-sql-python-connector from 1.13.0 to 1.14.0

Release notes

Sourced from cloud-sql-python-connector's releases.

v1.14.0

1.14.0 (2024-11-20)

Features

Changelog

Sourced from cloud-sql-python-connector's changelog.

1.14.0 (2024-11-20)

Features

Commits

Updates pyjwt from 2.9.0 to 2.10.0

Release notes

Sourced from pyjwt's releases.

2.10.0

What's Changed

New Contributors

Full Changelog: jpadilla/pyjwt@2.9.0...2.10.0

Changelog

Sourced from pyjwt's changelog.

v2.10.0 <https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0>__

Changed


- Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @luhn in `[#975](https://github.com/jpadilla/pyjwt/issues/975) <https://github.com/jpadilla/pyjwt/pull/975>`__
- Use ``Sequence`` for parameter types rather than ``List`` where applicable by @imnotjames in `[#970](https://github.com/jpadilla/pyjwt/issues/970) <https://github.com/jpadilla/pyjwt/pull/970>`__
- Add JWK support to JWT encode by @luhn in `[#979](https://github.com/jpadilla/pyjwt/issues/979) <https://github.com/jpadilla/pyjwt/pull/979>`__
- Encoding and decoding payloads using the `none` algorithm by @jpadilla in `#c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>`

Before:


.. code-block:: pycon


>>> import jwt
>>> jwt.encode({"payload": "abc"}, key=None, algorithm=None)


After:


.. code-block:: pycon


>>> import jwt
>>> jwt.encode({"payload": "abc"}, key=None, algorithm="none")


    

  • Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @​Divan009 in [#1005](https://github.com/jpadilla/pyjwt/issues/1005) &lt;https://github.com/jpadilla/pyjwt/pull/1005&gt;__
    • 

  • Refactor project configuration files from setup.cfg to pyproject.toml by @​cleder in [#995](https://github.com/jpadilla/pyjwt/issues/995) &lt;https://github.com/jpadilla/pyjwt/pull/995&gt;__
    • 

  • Ruff linter and formatter changes by @​gagandeepp in [#1001](https://github.com/jpadilla/pyjwt/issues/1001) &lt;https://github.com/jpadilla/pyjwt/pull/1001&gt;__
    • 

  • Drop support for Python 3.8 (EOL) by @​kkirsche in [#1007](https://github.com/jpadilla/pyjwt/issues/1007) &lt;https://github.com/jpadilla/pyjwt/pull/1007&gt;__
    • 



Fixed



- Encode EC keys with a fixed bit length by @etianen in `[#990](https://github.com/jpadilla/pyjwt/issues/990) &lt;https://github.com/jpadilla/pyjwt/pull/990&gt;`__
- Add an RTD config file to resolve Read the Docs build failures by @kurtmckee in `[#977](https://github.com/jpadilla/pyjwt/issues/977) &lt;https://github.com/jpadilla/pyjwt/pull/977&gt;`__
- Docs: Update ``iat`` exception docs by @pachewise in `[#974](https://github.com/jpadilla/pyjwt/issues/974) &lt;https://github.com/jpadilla/pyjwt/pull/974&gt;`__
- Docs: Fix ``decode_complete`` scope and algorithms by @RbnRncn in `[#982](https://github.com/jpadilla/pyjwt/issues/982) &lt;https://github.com/jpadilla/pyjwt/pull/982&gt;`__
- Fix doctest for ``docs/usage.rst`` by @pachewise in `[#986](https://github.com/jpadilla/pyjwt/issues/986) &lt;https://github.com/jpadilla/pyjwt/pull/986&gt;`__
- Fix ``test_utils.py`` not to xfail by @pachewise in `[#987](https://github.com/jpadilla/pyjwt/issues/987) &lt;https://github.com/jpadilla/pyjwt/pull/987&gt;`__
- Docs: Correct `jwt.decode` audience param doc expression by @peter279k in `[#994](https://github.com/jpadilla/pyjwt/issues/994) &lt;https://github.com/jpadilla/pyjwt/pull/994&gt;`__

Added




    

  • Add support for python 3.13 by @​hugovk in [#972](https://github.com/jpadilla/pyjwt/issues/972) &lt;https://github.com/jpadilla/pyjwt/pull/972&gt;__
    • 

  • Create SECURITY.md by @​auvipy and @​jpadilla in [#973](https://github.com/jpadilla/pyjwt/issues/973) &lt;https://github.com/jpadilla/pyjwt/pull/973&gt;__
    • 

  • Docs: Add PS256 encoding and decoding usage by @​peter279k in [#992](https://github.com/jpadilla/pyjwt/issues/992) &lt;https://github.com/jpadilla/pyjwt/pull/992&gt;__
</tr></table>

... (truncated)

Commits

Updates sentry-sdk[flask] from 2.17.0 to 2.19.0

Release notes

Sourced from sentry-sdk[flask]'s releases.

2.19.0

Various fixes & improvements

2.18.0

Various fixes & improvements

... (truncated)

Changelog

Sourced from sentry-sdk[flask]'s changelog.

2.19.0

Various fixes & improvements

2.18.0

Various fixes & improvements

... (truncated)

Commits

Updates ruff from 0.7.2 to 0.8.0

Release notes

Sourced from ruff's releases.

0.8.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

  • Default to Python 3.9

    Ruff now defaults to Python 3.9 instead of 3.8 if no explicit Python version is configured using ruff.target-version or project.requires-python (#13896)

  • Changed location of pydoclint diagnostics

    pydoclint diagnostics now point to the first-line of the problematic docstring. Previously, this was not the case.

    If you've opted into these preview rules but have them suppressed using noqa comments in some places, this change may mean that you need to move the noqa suppression comments. Most users should be unaffected by this change.

  • Use XDG (i.e. ~/.local/bin) instead of the Cargo home directory in the standalone installer

    Previously, Ruff's installer used $CARGO_HOME or ~/.cargo/bin for its target install directory. Now, Ruff will be installed into $XDG_BIN_HOME, $XDG_DATA_HOME/../bin, or ~/.local/bin (in that order).

    This change is only relevant to users of the standalone Ruff installer (using the shell or PowerShell script). If you installed Ruff using uv or pip, you should be unaffected.

  • Changes to the line width calculation

    Ruff now uses a new version of the unicode-width Rust crate to calculate the line width. In very rare cases, this may lead to lines containing Unicode characters being reformatted, or being considered too long when they were not before (E501).

Removed Rules

The following deprecated rules have been removed:

Remapped rules

The following rules have been remapped to new rule codes:

Stabilization

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

  • Default to Python 3.9

    Ruff now defaults to Python 3.9 instead of 3.8 if no explicit Python version is configured using ruff.target-version or project.requires-python (#13896)

  • Changed location of pydoclint diagnostics

    pydoclint diagnostics now point to the first-line of the problematic docstring. Previously, this was not the case.

    If you've opted into these preview rules but have them suppressed using noqa comments in some places, this change may mean that you need to move the noqa suppression comments. Most users should be unaffected by this change.

  • Use XDG (i.e. ~/.local/bin) instead of the Cargo home directory in the standalone installer

    Previously, Ruff's installer used $CARGO_HOME or ~/.cargo/bin for its target install directory. Now, Ruff will be installed into $XDG_BIN_HOME, $XDG_DATA_HOME/../bin, or ~/.local/bin (in that order).

    This change is only relevant to users of the standalone Ruff installer (using the shell or PowerShell script). If you installed Ruff using uv or pip, you should be unaffected.

  • Changes to the line width calculation

    Ruff now uses a new version of the unicode-width Rust crate to calculate the line width. In very rare cases, this may lead to lines containing Unicode characters being reformatted, or being considered too long when they were not before (E501).

Removed Rules

The following deprecated rules have been removed:

Remapped rules

The following rules have been remapped to new rule codes:

Stabilization

... (truncated)

Commits

@dependabot
Bump the pip-minor group across 1 directory with 6 updates
e00970a 
Bumps the pip-minor group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [flask](https://github.com/pallets/flask) | `3.0.3` | `3.1.0` |
| [werkzeug](https://github.com/pallets/werkzeug) | `3.1.1` | `3.1.3` |
| [cloud-sql-python-connector](https://github.com/GoogleCloudPlatform/cloud-sql-python-connector) | `1.13.0` | `1.14.0` |
| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.9.0` | `2.10.0` |
| [sentry-sdk[flask]](https://github.com/getsentry/sentry-python) | `2.17.0` | `2.19.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.7.2` | `0.8.0` |



Updates `flask` from 3.0.3 to 3.1.0
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@3.0.3...3.1.0)

Updates `werkzeug` from 3.1.1 to 3.1.3
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@3.1.1...3.1.3)

Updates `cloud-sql-python-connector` from 1.13.0 to 1.14.0
- [Release notes](https://github.com/GoogleCloudPlatform/cloud-sql-python-connector/releases)
- [Changelog](https://github.com/GoogleCloudPlatform/cloud-sql-python-connector/blob/main/CHANGELOG.md)
- [Commits](GoogleCloudPlatform/cloud-sql-python-connector@v1.13.0...v1.14.0)

Updates `pyjwt` from 2.9.0 to 2.10.0
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](jpadilla/pyjwt@2.9.0...2.10.0)

Updates `sentry-sdk[flask]` from 2.17.0 to 2.19.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.17.0...2.19.0)

Updates `ruff` from 0.7.2 to 0.8.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.7.2...0.8.0)

---
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor
- dependency-name: werkzeug
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-minor
- dependency-name: cloud-sql-python-connector
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor
- dependency-name: pyjwt
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor
- dependency-name: sentry-sdk[flask]
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 25, 2024
@somethingnew2-0 somethingnew2-0 merged commit 1c78836 into main Nov 25, 2024
6 checks passed
@somethingnew2-0 somethingnew2-0 deleted the dependabot/pip/pip-minor-3744a3549a branch November 25, 2024 19:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@somethingnew2-0 somethingnew2-0 somethingnew2-0 approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@somethingnew2-0