Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump virtualenv from 20.11.2 to 20.13.0 #472

Merged
merged 1 commit into from
Jan 6, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 3, 2022

Bumps virtualenv from 20.11.2 to 20.13.0.

Changelog

Sourced from virtualenv's changelog.

v20.13.0 (2022-01-02)

Features - 20.13.0

- Add downloaded wheel information in the relevant JSON embed file to
  prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](https://github.com/pypa/virtualenv/issues/2268) <https://github.com/pypa/virtualenv/issues/2268>`_)

Bugfixes - 20.13.0

  • Fix AttributeError: 'bool' object has no attribute 'error' when creating a Python 2.x virtualenv on macOS - by moreati. ([#2269](https://github.com/pypa/virtualenv/issues/2269) <https://github.com/pypa/virtualenv/issues/2269>_)
  • Fix PermissionError: [Errno 1] Operation not permitted when creating a Python 2.x virtualenv on macOS/arm64 - by moreati. ([#2271](https://github.com/pypa/virtualenv/issues/2271) <https://github.com/pypa/virtualenv/issues/2271>_)

v20.12.1 (2022-01-01)

Bugfixes - 20.12.1

- Try using previous updates of ``pip``, ``setuptools`` & ``wheel``
  when inside an update grace period rather than always falling back
  to embedded wheels - by :user:`mayeut`. (`[#2265](https://github.com/pypa/virtualenv/issues/2265) <https://github.com/pypa/virtualenv/issues/2265>`_)
- New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now
  returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](https://github.com/pypa/virtualenv/issues/2266) <https://github.com/pypa/virtualenv/issues/2266>`_)
- Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are
  not discarded by a periodic update - by :user:`mayeut`. (`[#2267](https://github.com/pypa/virtualenv/issues/2267) <https://github.com/pypa/virtualenv/issues/2267>`_)

v20.12.0 (2021-12-31)

Features - 20.12.0

  • Sign the python2 exe on Darwin arm64 - by :user:tmspicer. ([#2233](https://github.com/pypa/virtualenv/issues/2233) <https://github.com/pypa/virtualenv/issues/2233>_)

Bugfixes - 20.12.0

- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](https://github.com/pypa/virtualenv/issues/2120) <https://github.com/pypa/virtualenv/issues/2120>`_)
- Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](https://github.com/pypa/virtualenv/issues/2263) <https://github.com/pypa/virtualenv/issues/2263>`_)
Commits
  • 568136c release 20.13.0
  • e813ac1 PyPy: glob for required dlls, check they exist (#2274)
  • 856933e fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (#2272)
  • 50c5591 fix: AttributeError on macOS creating a Python 2.x virtualenv (#2270)
  • 319a540 feature: cache downloaded wheel information (#2276)
  • 5f65057 Merge pull request #2275 from pypa/release-20.12.1
  • 8799266 release 20.12.1
  • 4308ddb feature: store version update source in embed JSON file (#2273)
  • 51408e6 Merge pull request #2264 from pypa/release-20.12.0
  • 232a0b6 release 20.12.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.11.2...20.13.0)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 3, 2022
@codeclimate
Copy link

codeclimate bot commented Jan 3, 2022

Code Climate has analyzed commit 07c8bb2 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 100.0% (0.0% change).

View more on Code Climate.

@ChrisRBe
Copy link
Owner

ChrisRBe commented Jan 6, 2022

bors merge

bors bot added a commit that referenced this pull request Jan 6, 2022
472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot]

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p>
<blockquote>
<h2>v20.13.0 (2022-01-02)</h2>
<p>Features - 20.13.0</p>
<pre><code>- Add downloaded wheel information in the relevant JSON embed file to
  prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) &lt;https://github.com/pypa/virtualenv/issues/2268&gt;`_)
<p>Bugfixes - 20.13.0
</code></pre></p>
<ul>
<li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a
Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) &lt;https://github.com/pypa/virtualenv/issues/2269&gt;</code>_)</li>
<li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a
Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) &lt;https://github.com/pypa/virtualenv/issues/2271&gt;</code>_)</li>
</ul>
<h2>v20.12.1 (2022-01-01)</h2>
<p>Bugfixes - 20.12.1</p>
<pre><code>- Try using previous updates of ``pip``, ``setuptools`` &amp; ``wheel``
  when inside an update grace period rather than always falling back
  to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) &lt;https://github.com/pypa/virtualenv/issues/2265&gt;`_)
- New patch versions of ``pip``, ``setuptools`` &amp; ``wheel`` are now
  returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) &lt;https://github.com/pypa/virtualenv/issues/2266&gt;`_)
- Manual upgrades of ``pip``, ``setuptools`` &amp; ``wheel`` are
  not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) &lt;https://github.com/pypa/virtualenv/issues/2267&gt;`_)
<h2>v20.12.0 (2021-12-31)</h2>
<p>Features - 20.12.0
</code></pre></p>
<ul>
<li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) &lt;https://github.com/pypa/virtualenv/issues/2233&gt;</code>_)</li>
</ul>
<p>Bugfixes - 20.12.0</p>
<pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) &lt;https://github.com/pypa/virtualenv/issues/2120&gt;`_)
- Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) &lt;https://github.com/pypa/virtualenv/issues/2263&gt;`_)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

473: build(deps): bump astroid from 2.9.0 to 2.9.2 r=ChrisRBe a=dependabot[bot]

Bumps [astroid](https://github.com/PyCQA/astroid) from 2.9.0 to 2.9.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/PyCQA/astroid/blob/main/ChangeLog">astroid's changelog</a>.</em></p>
<blockquote>
<h1>What's New in astroid 2.9.2?</h1>
<p>Release date: 2022-01-04</p>
<ul>
<li>Fixed regression in <code>astroid.scoped_nodes</code> where <code>_is_metaclass</code>
was not accessible anymore.</li>
</ul>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a></p>
<h1>What's New in astroid 2.9.1?</h1>
<p>Release date: 2021-12-31</p>
<ul>
<li>
<p><code>NodeNG.frame()</code> and <code>NodeNG.statement()</code> will start raising <code>ParentMissingError</code>
instead of <code>AttributeError</code> in astroid 3.0. This behaviour can already be triggered
by passing <code>future=True</code> to a <code>frame()</code> or <code>statement()</code> call.</p>
</li>
<li>
<p>Prefer the module loader get_source() method in AstroidBuilder's
module_build() when possible to avoid assumptions about source
code being available on a filesystem.  Otherwise the source cannot
be found and application behavior changes when running within an
embedded hermetic interpreter environment (pyoxidizer, etc.).</p>
</li>
<li>
<p>Require Python 3.6.2 to use astroid.</p>
</li>
<li>
<p>Removed custom <code>distutils</code> handling for resolving paths to submodules.</p>
<p>Ref <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a></p>
</li>
<li>
<p>Fix <code>deque.insert()</code> signature in <code>collections</code> brain.</p>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1260">#1260</a></p>
</li>
<li>
<p>Fix <code>Module</code> nodes not having a <code>col_offset</code>, <code>end_lineno</code>, and <code>end_col_offset</code>
attributes.</p>
</li>
<li>
<p>Fix typing and update explanation for <code>Arguments.args</code> being <code>None</code>.</p>
</li>
<li>
<p>Fix crash if a variable named <code>type</code> is subscripted in a generator expression.</p>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/pylint/issues/5461">PyCQA/pylint#5461</a></p>
</li>
<li>
<p>Enable inference of dataclass import from marshmallow_dataclass.
This allows the dataclasses brain to recognize dataclasses annotated by marshmallow_dataclass.</p>
</li>
<li>
<p>Resolve symlinks in the import path
Fixes inference error when the import path includes symlinks (e.g. Python
installed on macOS via Homebrew).</p>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/823">#823</a></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/PyCQA/astroid/commit/101aed9d304cae4c3d0d9140f151b852b21c7ddf"><code>101aed9</code></a> Bump astroid to 2.9.2, update changelog</li>
<li><a href="https://github.com/PyCQA/astroid/commit/c44b1de2d5ab17898534ec44db8ee9090eb26f7f"><code>c44b1de</code></a> Fix import astroid.scoped_nodes (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/fe51be5cd051cea8699f30b338e85f7763cd2ab7"><code>fe51be5</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1328">#1328</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/21a2983826c903878bdd23e283dbc00545b32daa"><code>21a2983</code></a> Upgrade the version to 2.9.2-dev0 following 2.9.2 release</li>
<li><a href="https://github.com/PyCQA/astroid/commit/e36b4388aebb892c10ed779bafc9c1a07a325b8d"><code>e36b438</code></a> Bump astroid to 2.9.1, update changelog</li>
<li><a href="https://github.com/PyCQA/astroid/commit/51f552cecd15569cb651337fa7f8f9e27eeec579"><code>51f552c</code></a> Remove distutils path patching (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/0d1211558670cfefd95b39984b8d5f7f34837f32"><code>0d12115</code></a> Add typing to <code>brain_dataclasses</code> (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1292">#1292</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/aa4f5bed58dc6521a6c2c0927ca0e0da48fd5ea5"><code>aa4f5be</code></a> Add future=True to frame calls (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1305">#1305</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/7afd696520f70a46334adea6d39f7150379198f3"><code>7afd696</code></a> Revert &quot;Revert &quot;Remove useless NoReturn in NodeNG.statement's typing (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1304">#1304</a>)&quot;...</li>
<li><a href="https://github.com/PyCQA/astroid/commit/12e2e8ce8a33b06c9b3d97007ca89120b529c215"><code>12e2e8c</code></a> Fix frame() error on inferred node (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1263">#1263</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/PyCQA/astroid/compare/v2.9.0...v2.9.2">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=astroid&package-manager=pip&previous-version=2.9.0&new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

474: build(deps): bump requests from 2.26.0 to 2.27.0 r=ChrisRBe a=dependabot[bot]

Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.27.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p>
<blockquote>
<h2>2.27.0 (2022-01-03)</h2>
<p><strong>Improvements</strong></p>
<ul>
<li>
<p>Officially added support for Python 3.10. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5928">#5928</a>)</p>
</li>
<li>
<p>Added a <code>requests.exceptions.JSONDecodeError</code> to unify JSON exceptions between
Python 2 and 3. This gets raised in the <code>response.json()</code> method, and is
backwards compatible as it inherits from previously thrown exceptions.
Can be caught from <code>requests.exceptions.RequestException</code> as well. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5856">#5856</a>)</p>
</li>
<li>
<p>Improved error text for misnamed <code>InvalidSchema</code> and <code>MissingSchema</code>
exceptions. This is a temporary fix until exceptions can be renamed
(Schema-&gt;Scheme). (<a href="https://github-redirect.dependabot.com/psf/requests/issues/6017">#6017</a>)</p>
</li>
<li>
<p>Improved proxy parsing for proxy URLs missing a scheme. This will address
recent changes to <code>urlparse</code> in Python 3.9+. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a>)</p>
</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>
<p>Fixed defect in <code>extract_zipped_paths</code> which could result in an infinite loop
for some paths. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5851">#5851</a>)</p>
</li>
<li>
<p>Fixed handling for <code>AttributeError</code> when calculating length of files obtained
by <code>Tarfile.extractfile()</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5239">#5239</a>)</p>
</li>
<li>
<p>Fixed urllib3 exception leak, wrapping <code>urllib3.exceptions.InvalidHeader</code> with
<code>requests.exceptions.InvalidHeader</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5914">#5914</a>)</p>
</li>
<li>
<p>Fixed bug where two Host headers were sent for chunked requests. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5391">#5391</a>)</p>
</li>
<li>
<p>Fixed regression in Requests 2.26.0 where <code>Proxy-Authorization</code> was
incorrectly stripped from all requests sent with <code>Session.send</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p>
</li>
<li>
<p>Fixed performance regression in 2.26.0 for hosts with a large number of
proxies available in the environment. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p>
</li>
<li>
<p>Fixed idna exception leak, wrapping <code>UnicodeError</code> with
<code>requests.exceptions.InvalidURL</code> for URLs with a leading dot (.) in the
domain. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5414">#5414</a>)</p>
</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Requests support for Python 2.7 and 3.6 will be ending in 2022. While we
don't have exact dates, Requests 2.27.x is likely to be the last release
series providing support.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/psf/requests/commit/0192aac24123735b3eaf9b08df46429bb770c283"><code>0192aac</code></a> v2.27.0</li>
<li><a href="https://github.com/psf/requests/commit/e50dc12b0f620ff80a0d2026b5b0a5282894bfd4"><code>e50dc12</code></a> Fix doc link</li>
<li><a href="https://github.com/psf/requests/commit/17e6e27a93131b7295165408e69b4cadb098b0d7"><code>17e6e27</code></a> General cleanup for 2.27.0</li>
<li><a href="https://github.com/psf/requests/commit/ab38e2c72608b95b047b05ccfaca833edb9db1b1"><code>ab38e2c</code></a> Make the <code>data</code> vs <code>json</code> parameters more clear (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5382">#5382</a>)</li>
<li><a href="https://github.com/psf/requests/commit/77d1e9aa3e000b40fdf93cfc355e1fe7cc52b6ac"><code>77d1e9a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5894">#5894</a> from dbaxa/do-not-re-build-proxies-when-proxies-have...</li>
<li><a href="https://github.com/psf/requests/commit/b0829a869081c2a6180db2cdc41a5676922becd0"><code>b0829a8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/6020">#6020</a> from nateprewitt/pypy_37</li>
<li><a href="https://github.com/psf/requests/commit/28d537dde33b35c3b7071afd99122eff3538b42c"><code>28d537d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a> from nateprewitt/proxy_scheme_unknown_fix</li>
<li><a href="https://github.com/psf/requests/commit/86bbee71b286d6d6e968381a7a49a0831d3ab67b"><code>86bbee7</code></a> Update 3.10-dev to 3.10 and add pypy-3.7</li>
<li><a href="https://github.com/psf/requests/commit/0d5347e6281c85059be176fe650b0aa7128f1dcb"><code>0d5347e</code></a> Only compute should_bypass_proxies if needed</li>
<li><a href="https://github.com/psf/requests/commit/ef59aa0227bf463f0ed3d752b26db9b3acc64afb"><code>ef59aa0</code></a> Move from urlparse to parse_url for prepending schemes</li>
<li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.26.0...v2.27.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.26.0&new-version=2.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@bors
Copy link
Contributor

bors bot commented Jan 6, 2022

This PR was included in a batch that was canceled, it will be automatically retried

@bors
Copy link
Contributor

bors bot commented Jan 6, 2022

@bors bors bot merged commit 7f99cbf into master Jan 6, 2022
@bors bors bot deleted the dependabot/pip/virtualenv-20.13.0 branch January 6, 2022 13:11
AlexanderLill pushed a commit to AlexanderLill/PP-P2P-Parser that referenced this pull request Nov 20, 2022
394: build(deps): bump regex from 2021.9.24 to 2021.9.30 r=ChrisRBe a=dependabot[bot]

Bumps [regex](https://bitbucket.org/mrabarnett/mrab-regex) from 2021.9.24 to 2021.9.30.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://bitbucket.org/mrabarnett/mrab-regex/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=pip&previous-version=2021.9.24&new-version=2021.9.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

395: build(deps): bump filelock from 3.1.0 to 3.3.0 r=ChrisRBe a=dependabot[bot]

Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.1.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/tox-dev/py-filelock/releases">filelock's releases</a>.</em></p>
<blockquote>
<h2>Drop python 2.7+3.5 support and add type annotations</h2>
<p>No release notes provided.</p>
<h2>New documentation and enable logging of our logger on debug level</h2>
<p>No release notes provided.</p>
<h2>3.2.0</h2>
<ol>
<li><a href="https://github-redirect.dependabot.com/tox-dev/py-filelock/issues/96">#96</a> - Raise when trying to acquire in R/O or missing folder</li>
<li><a href="https://github-redirect.dependabot.com/tox-dev/py-filelock/issues/95">#95</a> - Move log from info to debug</li>
</ol>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/tox-dev/py-filelock/commit/e5b4e105e0f6cf5365e6a6454b3e3a223becd9a6"><code>e5b4e10</code></a> Drop python 2.7 and 3.5 support, add type hints (<a href="https://github-redirect.dependabot.com/tox-dev/py-filelock/issues/100">#100</a>)</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/f4b491255d519c779f6268122f6cf29badc4e409"><code>f4b4912</code></a> Document asyncio support</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/856e93543084513360a0ab48d883a68a77f96c3e"><code>856e935</code></a> fix typo (<a href="https://github-redirect.dependabot.com/tox-dev/py-filelock/issues/98">#98</a>)</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/a4f87da9658d58960d2d181c41d0ca0951e8a922"><code>a4f87da</code></a> Improve documentation</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/20f37d81fcbe67357d1eb72a104632549d3eba04"><code>20f37d8</code></a> Add readme</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/676d62f0a59d20d965ff4d4b4ed744576c2b3fe5"><code>676d62f</code></a> Changed logger name from &quot;filelock._api&quot; to &quot;filelock&quot; (<a href="https://github-redirect.dependabot.com/tox-dev/py-filelock/issues/97">#97</a>)</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/c9b6d90b8d0d6f3971b97ce7bfd1b3402d58220e"><code>c9b6d90</code></a> Raise when trying to acquire in R/O or missing folder (<a href="https://github-redirect.dependabot.com/tox-dev/py-filelock/issues/96">#96</a>)</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/684d69d4f35ee55c054fb54bda8ec7b3497b7dbd"><code>684d69d</code></a> Move lock acquire/release log from INFO to DEBUG (<a href="https://github-redirect.dependabot.com/tox-dev/py-filelock/issues/95">#95</a>)</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/30ef634ecf95c24bb22fc5a5302e70853ab07122"><code>30ef634</code></a> Fix spelling and remove ignored flake8 checks</li>
<li><a href="https://github.com/tox-dev/py-filelock/commit/c7dfa18e33638761ee96a743173951cfd4a1d43e"><code>c7dfa18</code></a> Fix typo</li>
<li>Additional commits viewable in <a href="https://github.com/tox-dev/py-filelock/compare/3.1.0...3.3.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=filelock&package-manager=pip&previous-version=3.1.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

396: build(deps-dev): bump pytest-cov from 2.12.1 to 3.0.0 r=ChrisRBe a=dependabot[bot]

Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 2.12.1 to 3.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst">pytest-cov's changelog</a>.</em></p>
<blockquote>
<h2>3.0.0 (2021-10-04)</h2>
<p><strong>Note that this release drops support for Python 2.7 and Python 3.5.</strong></p>
<ul>
<li>Added support for Python 3.10 and updated various test dependencies.
Contributed by Hugo van Kemenade in
<code>[ChrisRBe#500](pytest-dev/pytest-cov#500) &lt;https://github.com/pytest-dev/pytest-cov/pull/500&gt;</code>_.</li>
<li>Switched from Travis CI to GitHub Actions. Contributed by Hugo van Kemenade in
<code>[ChrisRBe#494](pytest-dev/pytest-cov#494) &lt;https://github.com/pytest-dev/pytest-cov/pull/494&gt;</code>_ and
<code>[ChrisRBe#495](pytest-dev/pytest-cov#495) &lt;https://github.com/pytest-dev/pytest-cov/pull/495&gt;</code>_.</li>
<li>Add a <code>--cov-reset</code> CLI option.
Contributed by Danilo Šegan in
<code>[ChrisRBe#459](pytest-dev/pytest-cov#459) &lt;https://github.com/pytest-dev/pytest-cov/pull/459&gt;</code>_.</li>
<li>Improved validation of <code>--cov-fail-under</code> CLI option.
Contributed by ... Ronny Pfannschmidt's desire for skark in
<code>[ChrisRBe#480](pytest-dev/pytest-cov#480) &lt;https://github.com/pytest-dev/pytest-cov/pull/480&gt;</code>_.</li>
<li>Dropped Python 2.7 support.
Contributed by Thomas Grainger in
<code>[ChrisRBe#488](pytest-dev/pytest-cov#488) &lt;https://github.com/pytest-dev/pytest-cov/pull/488&gt;</code>_.</li>
<li>Updated trove classifiers. Contributed by Michał Bielawski in
<code>[ChrisRBe#481](pytest-dev/pytest-cov#481) &lt;https://github.com/pytest-dev/pytest-cov/pull/481&gt;</code>_.</li>
</ul>
<h2>2.13.0 (2021-06-01)</h2>
<ul>
<li>Changed the <code>toml</code> requirement to be always be directly required (instead of being required through a coverage extra).
This fixes issues with pip-compile (<code>pip-tools#1300 &lt;https://github.com/jazzband/pip-tools/issues/1300&gt;</code><em>).
Contributed by Sorin Sbarnea in <code>[ChrisRBe#472](pytest-dev/pytest-cov#472) &lt;https://github.com/pytest-dev/pytest-cov/pull/472&gt;</code></em>.</li>
<li>Documented <code>show_contexts</code>.
Contributed by Brian Rutledge in <code>[ChrisRBe#473](pytest-dev/pytest-cov#473) &lt;https://github.com/pytest-dev/pytest-cov/pull/473&gt;</code>_.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/560b95575efe9e55874bc8bbc99de1dd2db80ba9"><code>560b955</code></a> Bump version: 2.12.1 → 3.0.0</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/e988a6c48b45924433c9b38886f759f4f3be8a94"><code>e988a6c</code></a> Update changelog.</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/f01593218d2cc99defa202a8e7ff83e3a08a7a73"><code>f015932</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pytest-dev/pytest-cov/issues/500">#500</a> from hugovk/add-3.10</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/60a3cc1e796428f2373fb2024122f8dbc7f1c56b"><code>60a3cc1</code></a> No need to build universal wheels for Python 3-only</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/0bc997adfea8b6ab63029163044a2fc42fd7ecf1"><code>0bc997a</code></a> Add support for Python 3.10</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/679935b82e8177799c34981e8f384a5466840301"><code>679935b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pytest-dev/pytest-cov/issues/494">#494</a> from hugovk/test-on-github-actions</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/96f9aad28a35d9d0824add0ef2309e600052c531"><code>96f9aad</code></a> Add 'all good' job to be added as a required build</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/6395ecec756433194c05d34af490315b35dddafa"><code>6395ece</code></a> Test conditional collection on PyPy and CPython</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/f4a88d6187630295ce960010456def6b19ef01b2"><code>f4a88d6</code></a> Test both PyPy3.6 and PyPy3.7</li>
<li><a href="https://github.com/pytest-dev/pytest-cov/commit/a948e899fa002fbc7f52c6c0f7e7dffdf7987ec8"><code>a948e89</code></a> Test both PyPy3.6 and PyPy3.7</li>
<li>Additional commits viewable in <a href="https://github.com/pytest-dev/pytest-cov/compare/v2.12.1...v3.0.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest-cov&package-manager=pip&previous-version=2.12.1&new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant