Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

⬆️(dependencies) update python dependencies #241

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 2, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
bandit (source, changelog) ==1.7.5 -> ==1.8.0 age adoption passing confidence
black (changelog) ==23.9.1 -> ==24.10.0 age adoption passing confidence
django-configurations (source) ==2.4.1 -> ==2.5.1 age adoption passing confidence
django-cors-headers (changelog) ==4.2.0 -> ==4.6.0 age adoption passing confidence
dockerflow ==2022.8.0 -> ==2024.4.2 age adoption passing confidence
factory-boy ==3.3.0 -> ==3.3.1 age adoption passing confidence
flake8 (changelog) ==6.1.0 -> ==7.1.1 age adoption passing confidence
gunicorn (changelog) ==21.2.0 -> ==23.0.0 age adoption passing confidence
ipython ==8.15.0 -> ==8.31.0 age adoption passing confidence
isort (source, changelog) ==5.12.0 -> ==5.13.2 age adoption passing confidence
lxml (source, changelog) ==4.9.3 -> ==5.3.0 age adoption passing confidence
msgpack (changelog) ==1.0.7 -> ==1.1.0 age adoption passing confidence
mysqlclient ==2.2.0 -> ==2.2.6 age adoption passing confidence
psycopg2-binary (source, changelog) ==2.9.8 -> ==2.9.10 age adoption passing confidence
pylint (changelog) ==2.17.6 -> ==3.3.2 age adoption passing confidence
pylint-django ==2.5.3 -> ==2.6.1 age adoption passing confidence
pytest (changelog) ==7.4.2 -> ==8.3.4 age adoption passing confidence
pytest-cov (changelog) ==4.1.0 -> ==6.0.0 age adoption passing confidence
pytest-django (changelog) ==4.5.2 -> ==4.9.0 age adoption passing confidence
pytz ==2023.3.post1 -> ==2024.2 age adoption passing confidence
responses (changelog) ==0.23.3 -> ==0.25.3 age adoption passing confidence
sentry-sdk (changelog) ==1.31.0 -> ==2.19.2 age adoption passing confidence
time-machine (changelog) ==2.13.0 -> ==2.16.0 age adoption passing confidence
twine ==4.0.2 -> ==6.0.1 age adoption passing confidence

Release Notes

PyCQA/bandit (bandit)

v1.8.0

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.7.10...1.8.0

v1.7.10

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.9...1.7.10

v1.7.9

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.8...1.7.9

v1.7.8

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.7...1.7.8

v1.7.7

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.6...1.7.7

v1.7.6

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.5...1.7.6

psf/black (black)

v24.10.0

Compare Source

Highlights
  • Black is now officially tested with Python 3.13 and provides Python 3.13
    mypyc-compiled wheels. (#​4436) (#​4449)
  • Black will issue an error when used with Python 3.12.5, due to an upstream memory
    safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please
    use Python 3.12.6 or Python 3.12.4 instead. (#​4447)
  • Black no longer supports running with Python 3.8 (#​4452)
Stable style
  • Fix crashes involving comments in parenthesised return types or X | Y style unions.
    (#​4453)
  • Fix skipping Jupyter cells with unknown %% magic (#​4462)
Preview style
  • Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#​4440)
Caching
  • Fix bug where the cache was shared between runs with and without --unstable (#​4466)
Packaging
  • Upgrade version of mypyc used to 1.12 beta (#​4450) (#​4449)
  • blackd now requires a newer version of aiohttp. (#​4451)
Output
  • Added Python target version information on parse error (#​4378)
  • Add information about Black version to internal error messages (#​4457)

v24.8.0

Compare Source

Stable style
  • Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#​4363)
Packaging
  • Packaging metadata updated: docs are explictly linked, the issue tracker is now also
    linked. This improves the PyPI listing for Black. (#​4345)
Parser
  • Fix regression where Black failed to parse a multiline f-string containing another
    multiline string (#​4339)
  • Fix regression where Black failed to parse an escaped single quote inside an f-string
    (#​4401)
  • Fix bug with Black incorrectly parsing empty lines with a backslash (#​4343)
  • Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#​4422)
  • Fix incorrect line numbers in the tokenizer for certain tokens within f-strings
    (#​4423)
Performance
  • Improve performance when a large directory is listed in .gitignore (#​4415)
Blackd
  • Fix blackd (and all extras installs) for docker container (#​4357)

v24.4.2

Compare Source

This is a bugfix release to fix two regressions in the new f-string parser introduced in
24.4.1.

Parser
  • Fix regression where certain complex f-strings failed to parse (#​4332)
Performance
  • Fix bad performance on certain complex string literals (#​4331)

v24.4.1

Compare Source

Highlights
  • Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#​3822)
Stable style
  • Fix crash involving indented dummy functions containing newlines (#​4318)
Parser
  • Add support for type parameter defaults, a new syntactic feature added to Python 3.13
    by PEP 696 (#​4327)
Integrations
  • Github Action now works even when git archive is skipped (#​4313)

v24.4.0

Compare Source

Stable style
  • Fix unwanted crashes caused by AST equivalency check (#​4290)
Preview style
  • if guards in case blocks are now wrapped in parentheses when the line is too long.
    (#​4269)
  • Stop moving multiline strings to a new line unless inside brackets (#​4289)
Integrations
  • Add a new option use_pyproject to the GitHub Action psf/black. This will read the
    Black version from pyproject.toml. (#​4294)

v24.3.0

Compare Source

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you
run Black on untrusted input, or if you habitually put thousands of leading tab
characters in your docstrings, you are strongly encouraged to upgrade immediately to fix
CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make
incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style
  • Don't move comments along with delimiters, which could cause crashes (#​4248)
  • Strengthen AST safety check to catch more unsafe changes to strings. Previous versions
    of Black would incorrectly format the contents of certain unusual f-strings containing
    nested strings with the same quote type. Now, Black will crash on such strings until
    support for the new f-string syntax is implemented. (#​4270)
  • Fix a bug where line-ranges exceeding the last code line would not work as expected
    (#​4273)
Performance
  • Fix catastrophic performance on docstrings that contain large numbers of leading tab
    characters. This fixes
    CVE-2024-21503.
    (#​4278)
Documentation
  • Note what happens when --check is used with --quiet (#​4236)

v24.2.0

Compare Source

Stable style
  • Fixed a bug where comments where mistakenly removed along with redundant parentheses
    (#​4218)
Preview style
  • Move the hug_parens_with_braces_and_square_brackets feature to the unstable style
    due to an outstanding crash and proposed formatting tweaks (#​4198)
  • Fixed a bug where base expressions caused inconsistent formatting of ** in tenary
    expression (#​4154)
  • Checking for newline before adding one on docstring that is almost at the line limit
    (#​4185)
  • Remove redundant parentheses in case statement if guards (#​4214).
Configuration
  • Fix issue where Black would ignore input files in the presence of symlinks (#​4222)
  • Black now ignores pyproject.toml that is missing a tool.black section when
    discovering project root and configuration. Since Black continues to use version
    control as an indicator of project root, this is expected to primarily change behavior
    for users in a monorepo setup (desirably). If you wish to preserve previous behavior,
    simply add an empty [tool.black] to the previously discovered pyproject.toml
    (#​4204)
Output
  • Black will swallow any SyntaxWarnings or DeprecationWarnings produced by the ast
    module when performing equivalence checks (#​4189)
Integrations
  • Add a JSONSchema and provide a validate-pyproject entry-point (#​4181)

v24.1.1

Compare Source

Bugfix release to fix a bug that made Black unusable on certain file systems with strict
limits on path length.

Preview style
  • Consistently add trailing comma on typed parameters (#​4164)
Configuration
  • Shorten the length of the name of the cache file to fix crashes on file systems that
    do not support long paths (#​4176)

v24.1.0

Compare Source

Highlights

This release introduces the new 2024 stable style (#​4106), stabilizing the following
changes:

  • Add parentheses around if-else expressions (#​2278)
  • Dummy class and function implementations consisting only of ... are formatted more
    compactly (#​3796)
  • If an assignment statement is too long, we now prefer splitting on the right-hand side
    (#​3368)
  • Hex codes in Unicode escape sequences are now standardized to lowercase (#​2916)
  • Allow empty first lines at the beginning of most blocks (#​3967, #​4061)
  • Add parentheses around long type annotations (#​3899)
  • Enforce newline after module docstrings (#​3932, #​4028)
  • Fix incorrect magic trailing comma handling in return types (#​3916)
  • Remove blank lines before class docstrings (#​3692)
  • Wrap multiple context managers in parentheses if combined in a single with statement
    (#​3489)
  • Fix bug in line length calculations for power operations (#​3942)
  • Add trailing commas to collection literals even if there's a comment after the last

Configuration

📅 Schedule: Branch creation - "before 7am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Dependency-related tasks. label Oct 2, 2023
@renovate renovate bot force-pushed the renovate/python-dependencies branch 4 times, most recently from 1058e73 to 6df49c1 Compare October 5, 2023 22:43
@renovate renovate bot force-pushed the renovate/python-dependencies branch 2 times, most recently from 31b5add to 36dc4e6 Compare October 17, 2023 17:16
@renovate renovate bot force-pushed the renovate/python-dependencies branch 6 times, most recently from d8f34d4 to af910e6 Compare October 24, 2023 21:33
@renovate renovate bot force-pushed the renovate/python-dependencies branch 6 times, most recently from 31c76bd to a49cd4f Compare November 3, 2023 16:33
@renovate renovate bot force-pushed the renovate/python-dependencies branch 5 times, most recently from f04cb9d to 7aca974 Compare November 15, 2023 00:43
@renovate renovate bot force-pushed the renovate/python-dependencies branch 4 times, most recently from 99b9ceb to c293ba1 Compare November 27, 2023 10:46
@renovate renovate bot force-pushed the renovate/python-dependencies branch from c293ba1 to 8113008 Compare November 29, 2023 13:57
@renovate renovate bot force-pushed the renovate/python-dependencies branch from 8113008 to d4bbfd9 Compare December 9, 2023 05:02
@renovate renovate bot force-pushed the renovate/python-dependencies branch 4 times, most recently from 9ee514b to 640e653 Compare September 11, 2024 05:01
@renovate renovate bot force-pushed the renovate/python-dependencies branch 3 times, most recently from a4ffdff to 23c89ac Compare September 24, 2024 11:59
@renovate renovate bot force-pushed the renovate/python-dependencies branch 2 times, most recently from 744f771 to b58eb97 Compare October 3, 2024 02:14
@renovate renovate bot force-pushed the renovate/python-dependencies branch 4 times, most recently from 5ec0a02 to 377a5a3 Compare October 17, 2024 11:01
@renovate renovate bot force-pushed the renovate/python-dependencies branch 2 times, most recently from 5f9c13c to 8ae1bf7 Compare October 25, 2024 10:15
@renovate renovate bot force-pushed the renovate/python-dependencies branch 3 times, most recently from d5c7968 to f90b7bc Compare November 4, 2024 16:48
@renovate renovate bot force-pushed the renovate/python-dependencies branch from f90b7bc to 161d1f3 Compare November 13, 2024 06:45
@renovate renovate bot force-pushed the renovate/python-dependencies branch 2 times, most recently from 7b275c6 to c05b025 Compare November 27, 2024 03:31
@renovate renovate bot force-pushed the renovate/python-dependencies branch 6 times, most recently from 85a3387 to d26d2f7 Compare December 5, 2024 15:35
@renovate renovate bot force-pushed the renovate/python-dependencies branch from d26d2f7 to 1b97958 Compare December 6, 2024 11:27
@renovate renovate bot force-pushed the renovate/python-dependencies branch from 1b97958 to aa60244 Compare December 20, 2024 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Dependency-related tasks.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants