Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Scheduled weekly dependency update for week 40 #89

Closed
wants to merge 13 commits into from

Conversation

pyup-bot
Copy link
Contributor

@pyup-bot pyup-bot commented Oct 2, 2017

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

raven 6.1.0 » 6.2.1 PyPI | Changelog | Repo
boto3 1.4.4 » 1.4.7 PyPI | Changelog | Repo
django-storages 1.6.3 » 1.6.5 PyPI | Changelog | Repo
wheel 0.29.0 » 0.30.0 PyPI | Changelog | Repo
django 1.11.3 » 1.11.5 PyPI | Changelog | Homepage
django-environ 0.4.3 » 0.4.4 PyPI | Changelog | Repo
whitenoise 3.3.0 » 3.3.1 PyPI | Changelog | Homepage
psycopg2 2.7.1 » 2.7.3.1 PyPI | Changelog | Homepage
djangorestframework 3.6.3 » 3.6.4 PyPI | Changelog | Homepage
django-health-check 2.3.0 » 2.4.0 PyPI | Changelog | Repo
Sphinx 1.6.3 » 1.6.4 PyPI | Changelog | Homepage
factory-boy 2.8.1 » 2.9.2 PyPI | Changelog | Repo
flake8 3.3.0 » 3.4.1 PyPI | Changelog | Repo

Changelogs

raven 6.1.0 -> 6.2.1

6.2.0


  • [Core] get_frame_locals properly using max_var_size
  • [Core] Fixed raven initialization when logging._srcfile is None
  • [Core] Fixed import locking to avoid recursion
  • [Django] Fixed several issues for Django 1.11 and Django 2.0
  • [Django/DRF] Fixed issue with unavailable request data
  • [Flask] Added app.logger instrumentation
  • [Flask] Added signal on setup_logging
  • [ZConfig] Added standalone ZConfig support
  • [Celery] Fixed several issues related to Celery

boto3 1.4.4 -> 1.4.7

1.4.7

=====

  • enhancement:botocore: Raised minor version dependency for botocore

1.4.6

=====

  • enhancement:Logging: Switch log levels from INFO to DEBUG (1208 <https://github.com/boto/boto3/issues/1208>__)

1.4.5

=====

  • enhancement:s3: Add a LifecycleConfiguration resource to resolve issues with the existing Lifecycle resource.

django-storages 1.6.3 -> 1.6.5

1.6.5


  • Fix Django 1.11 regression with gzipped content being saved twice
    resulting in empty files (367, 371, 373_)
  • Fix the mtime when gzipping content on S3Boto3Storage (374_)

.. _367: jschneier/django-storages#367
.. _371: jschneier/django-storages#371
.. _373: jschneier/django-storages#373
.. _374: jschneier/django-storages#374

1.6.4


  • Files uploaded with GoogleCloudStorage will now set their appropriate mimetype (320_)
  • Fix DropBoxStorage.url to work. (357_)
  • Fix S3Boto3Storage when AWS_PRELOAD_METADATA = True (366_)
  • Fix S3Boto3Storage uploading file-like objects without names (195, 368)
  • S3Boto3Storage is now threadsafe - a separate session is created on a
    per-thread basis (268, 358)

.. _320: jschneier/django-storages#320
.. _357: jschneier/django-storages#357
.. _366: jschneier/django-storages#366
.. _195: jschneier/django-storages#195
.. _368: jschneier/django-storages#368
.. _268: jschneier/django-storages#268
.. _358: jschneier/django-storages#358

wheel 0.29.0 -> 0.30.0

0.30.0

======

  • Added py-limited-api {cp32|cp33|cp34|...} flag to produce cpNN.abi3.{arch}
    tags on CPython 3.
  • Documented the license_file metadata key
  • Improved Python, abi tagging for wheel convert. Thanks Ales Erjavec.
  • Fixed > being prepended to lines starting with "From" in the long description
  • Added support for specifying a build number (as per PEP 427).
    Thanks Ian Cordasco.
  • Made the order of files in generated ZIP files deterministic.
    Thanks Matthias Bach.
  • Made the order of requirements in metadata deterministic. Thanks Chris Lamb.
  • Fixed wheel install clobbering existing files
  • Improved the error message when trying to verify an unsigned wheel file
  • Removed support for Python 2.6, 3.2 and 3.3.

django 1.11.3 -> 1.11.5

1.11.5

===========================

September 5, 2017

Django 1.11.5 fixes a security issue and several bugs in 1.11.4.

CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page

In older versions, HTML autoescaping was disabled in a portion of the template
for the technical 500 debug page. Given the right circumstances, this allowed
a cross-site scripting attack. This vulnerability shouldn't affect most
production sites since you shouldn't run with DEBUG = True (which makes
this page accessible) in your production settings.

Bugfixes

  • Fixed GEOS version parsing if the version has a commit hash at the end (new
    in GEOS 3.6.2) (:ticket:28441).
  • Added compatibility for cx_Oracle 6 (:ticket:28498).
  • Fixed select widget rendering when option values are tuples (:ticket:28502).
  • Django 1.11 inadvertently changed the sequence and trigger naming scheme on
    Oracle. This causes errors on INSERTs for some tables if
    'use_returning_into': False is in the OPTIONS part of DATABASES.
    The pre-1.11 naming scheme is now restored. Unfortunately, it necessarily
    requires an update to Oracle tables created with Django 1.11.[1-4]. Use the
    upgrade script in 🎫28451 comment 8 to update sequence and trigger
    names to use the pre-1.11 naming scheme.
  • Added POST request support to LogoutView, for equivalence with the
    function-based logout() view (:ticket:28513).
  • Omitted pages_per_range from BrinIndex.deconstruct() if it's None
    (:ticket:25809).
  • Fixed a regression where SelectDateWidget localized the years in the
    select box (:ticket:28530).
  • Fixed a regression in 1.11.4 where runserver crashed with non-Unicode
    system encodings on Python 2 + Windows (:ticket:28487).
  • Fixed a regression in Django 1.10 where changes to a ManyToManyField
    weren't logged in the admin change history (:ticket:27998) and prevented
    ManyToManyField initial data in model forms from being affected by
    subsequent model changes (:ticket:28543).
  • Fixed non-deterministic results or an AssertionError crash in some
    queries with multiple joins (:ticket:26522).
  • Fixed a regression in contrib.auth's login() and logout() views
    where they ignored positional arguments (:ticket:28550).

===========================

1.11.4

===========================

August 1, 2017

Django 1.11.4 fixes several bugs in 1.11.3.

Bugfixes

  • Fixed a regression in 1.11.3 on Python 2 where non-ASCII format values
    for date/time widgets results in an empty value in the widget's HTML
    (:ticket:28355).
  • Fixed QuerySet.union() and difference() when combining with
    a queryset raising EmptyResultSet (:ticket:28378).
  • Fixed a regression in pickling of LazyObject on Python 2 when the wrapped
    object doesn't have __reduce__() (:ticket:28389).
  • Fixed crash in runserver's autoreload with Python 2 on Windows with
    non-str environment variables (:ticket:28174).
  • Corrected Field.has_changed() to return False for disabled form
    fields: BooleanField, MultipleChoiceField, MultiValueField,
    FileField, ModelChoiceField, and ModelMultipleChoiceField.
  • Fixed QuerySet.count() for union(), difference(), and
    intersection() queries. (:ticket:28399).
  • Fixed ClearableFileInput rendering as a subwidget of MultiWidget
    (:ticket:28414). Custom clearable_file_input.html widget templates
    will need to adapt for the fact that context values
    checkbox_name, checkbox_id, is_initial, input_text,
    initial_text, and clear_checkbox_label are now attributes of
    widget rather than appearing in the top-level context.
  • Fixed queryset crash when using a GenericRelation to a proxy model
    (:ticket:28418).

===========================

django-environ 0.4.3 -> 0.4.4

0.4.4

whitenoise 3.3.0 -> 3.3.1

3.3.1


  • Fix issue with the immutable file test when running behind a CDN which rewrites
    paths (thanks lskillen).

psycopg2 2.7.1 -> 2.7.3.1

2.7.3.1

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Dropped libresolv from wheel package to avoid incompatibility with
    glibc 2.26 (wheels ticket 2)

2.7.3

^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Restored default :sql:timestamptz[] typecasting to Python !datetime.
    Regression introduced in Psycopg 2.7.2 (:ticket:578).

2.7.2

^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Fixed inconsistent state in externally closed connections
    (:tickets:263, 311, 443). Was fixed in 2.6.2 but not included in
    2.7 by mistake.
  • Fixed Python exceptions propagation in green callback (:ticket:410).
  • Don't display the password in connection.dsn when the connection
    string is specified as an URI (:ticket:528).
  • Return objects with timezone parsing "infinity" :sql:timestamptz
    (:ticket:536).
  • Dropped dependency on VC9 runtime on Windows binary packages
    (:ticket:541).
  • Fixed segfault in ~connection.lobject() when mode=\ !None
    (:ticket:544).
  • Fixed ~connection.lobject() keyword argument lobject_factory
    (:ticket:545).
  • Fixed ~psycopg2.extras.ReplicationCursor.consume_stream()
    keepalive_interval argument (:ticket:547).
  • Maybe fixed random import error on Python 3.6 in multiprocess
    environment (:ticket:550).
  • Fixed random !SystemError upon receiving abort signal (:ticket:551).
  • Accept ~psycopg2.sql.Composable objects in
    ~psycopg2.extras.ReplicationCursor.start_replication_expert()
    (:ticket:554).
  • Parse intervals returned as microseconds from Redshift (:ticket:558).
  • Added ~psycopg2.extras.Json !prepare() method to consider connection
    params when adapting (:ticket:562).
  • ~psycopg2.errorcodes map updated to PostgreSQL 10 beta 1.

djangorestframework 3.6.3 -> 3.6.4

3.6.4

Date: [21st August 2017][3.6.4-milestone]

  • Ignore any invalidly formed query parameters for OrderingFilter. [5131][gh5131]
  • Improve memory footprint when reading large JSON requests. [5147][gh5147]
  • Fix schema generation for pagination. [5161][gh5161]
  • Fix exception when HTML_CUTOFF is set to None. [5174][gh5174]
  • Fix browsable API not supporting multipart/form-data correctly. [5176][gh5176]
  • Fixed test_hyperlinked_related_lookup_url_encoded_exists. [5179][gh5179]
  • Make sure max_length is in FileField kwargs. [5186][gh5186]
  • Fix list_route & detail_route with kwargs contains curly bracket in url_path [5187][gh5187]
  • Add Django manage command to create a DRF user Token. [5188][gh5188]
  • Ensure API documentation templates do not check for user authentication [5162][gh5162]
  • Fix special case where OneToOneField is also primary key. [5192][gh5192]
  • Added aria-label and a new region for accessibility purposes in base.html [5196][gh5196]
  • Quote nested API parameters in api.js. [5214][gh5214]
  • Set ViewSet args/kwargs/request before dispatch. [5229][gh5229]
  • Added unicode support to SlugField. [5231][gh5231]
  • Fix HiddenField appears in Raw Data form initial content. [5259][gh5259]
  • Raise validation error on invalid timezone parsing. [5261][gh5261]
  • Fix SearchFilter to-many behavior/performance. [5264][gh5264]
  • Simplified chained comparisons and minor code fixes. [5276][gh5276]
  • RemoteUserAuthentication, docs, and tests. [5306][gh5306]
  • Revert "Cached the field's root and context property" [5313][gh5313]
  • Fix introspection of list field in schema. [5326][gh5326]
  • Fix interactive docs for multiple nested and extra methods. [5334][gh5334]
  • Fix/remove undefined template var "schema" [5346][gh5346]

Sphinx 1.6.3 -> 1.6.4

1.6.4

=====================================

Features added

  • 3926: Add autodoc_warningiserror to suppress the behavior of -W
    option during importing target modules on autodoc

Bugs fixed

  • 3924: docname lost after dynamically parsing RST in extension
  • 3946: Typo in sphinx.sty (this was a bug with no effect in default context)
  • :pep: and :rfc: does not supports default-role directive (refs: 3960)
  • 3960: default_role = 'guilabel' not functioning
  • Missing texinputs_win/Makefile to be used in latexpdf builder on windows.
  • 4026: nature: Fix macOS Safari scrollbar color
  • 3877: Fix for C++ multiline signatures.
  • 4006: Fix crash on parallel build
  • 3969: private instance attributes causes AttributeError
  • 4041: C++, remove extra name linking in function pointers.
  • 4038: C, add missing documentation of member role.
  • 4044: An empty multicolumn cell causes extra row height in PDF output
  • 4049: Fix typo in output of sphinx-build -h
  • 4062: hashlib.sha1() must take bytes, not unicode on Python 3
  • Avoid indent after index entries in latex (refs: 4066)
  • 4070: crashes when the warning message contains format strings
  • 4067: Return non-zero exit status when make subprocess fails
  • 4055: graphviz: the :align: option does not work for SVG output
  • 4055: graphviz: the :align: center option does not work for latex output
  • 4051: warn() function for HTML theme outputs 'None' string

factory-boy 2.8.1 -> 2.9.2

2.9.2


Bugfix:

  • Fix declaration corruption bug when a factory defined foo__bar__baz=1 and a caller
    provided a foo__bar=x parameter at call time: this got merged into the factory's base
    declarations.

2.9.1


Bugfix:

2.9.0


This version brings massive changes to the core engine, thus reducing the number of
corner cases and weird behaviourrs.

New:

  • :issue:275: factory.fuzzy and factory.faker now use the same random seed.
  • Add :class:factory.Maybe, which chooses among two possible declarations based
    on another field's value (powers the :class:~factory.Trait feature).
  • :class:~factory.PostGenerationMethodCall only allows to pass one positional argument; use keyword arguments for
    extra parameters.

Deprecation:

  • factory.fuzzy.get_random_state is deprecated, factory.random.get_random_state should be used instead.
  • factory.fuzzy.set_random_state is deprecated, factory.random.set_random_state should be used instead.
  • factory.fuzzy.reseed_random is deprecated, factory.random.reseed_random should be used instead.

flake8 3.3.0 -> 3.4.1

3.4.1


You can view the 3.4.1 milestone_ on GitLab for more details.

  • Fix minor regression when users specify only a --select list with items
    in the enabled/extended select list. (See also GitLab354_)

.. all links
.. _3.4.1 milestone:
https://gitlab.com/pycqa/flake8/milestones/19

.. issue links
.. _GitLab354:
https://gitlab.com/pycqa/flake8/issues/354

.. merge request links

3.4.0


You can view the 3.4.0 milestone_ on GitLab for more details.

  • Refine logic around --select and --ignore when combined with the
    default values for each. (See also GitLab318_)
  • Handle spaces as an alternate separate for error codes, e.g.,
    --ignore 'E123 E234'. (See also GitLab329_)
  • Filter out empty select and ignore codes, e.g., --ignore E123,,E234.
    (See also GitLab330_)
  • Specify dependencies appropriately in setup.py (See also Gitlab341_)
  • Fix bug in parsing --quiet and --verbose from config files.
    (See also GitLab!193_)
  • Remove unused import of os in the git hook template (See also
    GitLab!194_)

.. all links
.. _3.4.0 milestone:
https://gitlab.com/pycqa/flake8/milestones/18

.. issue links
.. _GitLab318:
https://gitlab.com/pycqa/flake8/issues/318
.. _GitLab329:
https://gitlab.com/pycqa/flake8/issues/329
.. _GitLab330:
https://gitlab.com/pycqa/flake8/issues/330
.. _GitLab341:
https://gitlab.com/pycqa/flake8/issues/341

.. merge request links
.. _GitLab!193:
https://gitlab.com/pycqa/flake8/merge_requests/193
.. _GitLab!194:
https://gitlab.com/pycqa/flake8/merge_requests/194

That's it for now!

Happy merging! 🤖

@pyup-bot
Copy link
Contributor Author

pyup-bot commented Oct 9, 2017

Closing this in favor of #90

@pyup-bot pyup-bot closed this Oct 9, 2017
@krzysztofzuraw krzysztofzuraw deleted the pyup-scheduled-update-10-02-2017 branch October 9, 2017 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant