Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update all dependencies #76

Merged
merged 2 commits into from
Apr 2, 2022
Merged

Update all dependencies #76

merged 2 commits into from
Apr 2, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Apr 1, 2022

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
Authlib (source) ==0.15.5 -> ==1.0.0 age adoption passing confidence install major
Hypercorn (source) ==0.11.2 -> ==0.13.2 age adoption passing confidence install minor
Jinja2 (changelog) ==3.0.2 -> ==3.1.1 age adoption passing confidence install minor
SQLAlchemy (changelog) ==1.4.26 -> ==1.4.34 age adoption passing confidence install patch
Werkzeug (changelog) ==2.0.2 -> ==2.1.1 age adoption passing confidence install minor
aiofiles ==0.7.0 -> ==0.8.0 age adoption passing confidence install minor
alembic (source, changelog) ==1.7.4 -> ==1.7.7 age adoption passing confidence install patch
asgiref (changelog) ==3.4.1 -> ==3.5.0 age adoption passing confidence install minor
black (changelog) ==22.1.0 -> ==22.3.0 age adoption passing confidence install minor
coverage ==6.0.2 -> ==6.3.2 age adoption passing confidence install minor
fakeredis ==1.6.1 -> ==1.7.1 age adoption passing confidence install minor
fastapi ==0.71.0 -> ==0.75.1 age adoption passing confidence install minor
filelock ==3.3.2 -> ==3.6.0 age adoption passing confidence install minor
highlight.js (source) 11.4.0 -> 11.5.0 age adoption passing confidence minor
httpx (changelog) ==0.20.0 -> ==0.22.0 age adoption passing confidence install minor
isort (source, changelog) ==5.9.3 -> ==5.10.1 age adoption passing confidence install minor
itsdangerous (changelog) ==2.0.1 -> ==2.1.2 age adoption passing confidence install minor
lxml (source, changelog) ==4.6.3 -> ==4.8.0 age adoption passing confidence install minor
mysqlclient ==2.0.3 -> ==2.1.0 age adoption passing confidence install minor
orjson ==3.6.4 -> ==3.6.7 age adoption passing confidence install patch
protobuf ==3.19.0 -> ==3.20.0 age adoption passing confidence install minor
pygit2 (changelog) ==1.7.0 -> ==1.9.1 age adoption passing confidence install minor
pytest (source, changelog) ==6.2.5 -> ==7.1.1 age adoption passing confidence install major
pytest-asyncio ==0.16.0 -> ==0.18.3 age adoption passing confidence install minor
pytest-tap ==3.2 -> ==3.3 age adoption passing confidence install minor
pytest-xdist ==2.4.0 -> ==2.5.0 age adoption passing confidence install minor
redis (changelog) ==3.5.3 -> ==4.2.1 age adoption passing confidence install major
requests (source, changelog) ==2.26.0 -> ==2.27.1 age adoption passing confidence install minor
uvicorn (source, changelog) ==0.15.0 -> ==0.17.6 age adoption passing confidence install minor

Release Notes

pgjones/hypercorn

v0.13.2

Compare Source

  • Bugfix re-enable HTTP/3.

v0.13.1

Compare Source

  • Bugfix trio tcp server read completion.

v0.13.0

Compare Source

  • Bugfix eof and keep alive handling.
  • Bugfix Handle SSLErrors when reading.
  • Support websocket close reasons.
  • Improve the graceful shutdown, such that it works as expected.
  • Support a keyfile password argument.
  • Change the logging level to warning for lifespan not supported.
  • Shutdown the default executor.
  • Support additional headers for WS accept response.

v0.12.0

Compare Source

  • Correctly utilise SCRIPT_NAME in the wsgi middleware.
  • Support Python 3.10.
  • Support badly behaved HTTP/2 clients that omit a :authority header
    but provide a host header.
  • Use environment marker for uvloop (on windows).
  • Use StringIO and BytesIO for more performant websocket buffers.
  • Add optional read timeout.
  • Rename errors to add a Error suffix, most notably
    LifespanFailure to LifespanFailureError.
  • Bugfix ensure keep alive timeout is cancelled on closure.
  • Bugfix statsd type error.
  • Bugfix prevent spawning whilst a task group is exit(ing).
django/asgiref

v3.5.0

Compare Source

  • Python 3.6 is no longer supported, and asyncio calls have been changed to
    use only the modern versions of the APIs as a result

  • Several causes of RuntimeErrors in cases where an event loop was assigned
    to a thread but not running

  • Speed improvements in the Local class

psf/black

v22.3.0

Compare Source

Preview style
  • Code cell separators #%% are now standardised to # %% (#​2919)
  • Remove unnecessary parentheses from except statements (#​2939)
  • Remove unnecessary parentheses from tuple unpacking in for loops (#​2945)
  • Avoid magic-trailing-comma in single-element subscripts (#​2942)
Configuration
  • Do not format __pypackages__ directories by default (#​2836)
  • Add support for specifying stable version with --required-version (#​2832).
  • Avoid crashing when the user has no homedir (#​2814)
  • Avoid crashing when md5 is not available (#​2905)
  • Fix handling of directory junctions on Windows (#​2904)
Documentation
  • Update pylint config documentation (#​2931)
Integrations
  • Move test to disable plugin in Vim/Neovim, which speeds up loading (#​2896)
Output
  • In verbose, mode, log when Black is using user-level config (#​2861)
Packaging
  • Fix Black to work with Click 8.1.0 (#​2966)
  • On Python 3.11 and newer, use the standard library's tomllib instead of tomli
    (#​2903)
  • black-primer, the deprecated internal devtool, has been removed and copied to a
    separate repository (#​2924)
Parser
  • Black can now parse starred expressions in the target of for and async for
    statements, e.g for item in *items_1, *items_2: pass (#​2879).
nedbat/coveragepy

v6.3.2

Compare Source

  • Fix: adapt to pypy3.9's decorator tracing behavior. It now traces function
    decorators like CPython 3.8: both the @​-line and the def-line are traced.
    Fixes issue 1326_.

  • Debug: added pybehave to the list of :ref:cmd_debug and
    :ref:cmd_run_debug options.

  • Fix: show an intelligible error message if --concurrency=multiprocessing
    is used without a configuration file. Closes issue 1320_.

.. _issue 1320:https://github.com/nedbat/coveragepy/issues/13200
.. _issue 1326https://github.com/nedbat/coveragepy/issues/132626

.. _changes_631:

v6.3.1

Compare Source

  • Fix: deadlocks could occur when terminating processes. Some of these
    deadlocks (described in issue 1310_) are now fixed.

  • Fix: a signal handler was being set from multiple threads, causing an error:
    "ValueError: signal only works in main thread". This is now fixed, closing
    issue 1312_.

  • Fix: --precision on the command-line was being ignored while considering
    --fail-under. This is now fixed, thanks to
    Marcelo Trylesinski <pull 1317_>_.

  • Fix: releases no longer provide 3.11.0-alpha wheels. Coverage.py uses CPython
    internal fields which are moving during the alpha phase. Fixes issue 1316_.

.. _issue 1310:https://github.com/nedbat/coveragepy/issues/13100
.. _issue 1312https://github.com/nedbat/coveragepy/issues/131212
.. _issue 131https://github.com/nedbat/coveragepy/issues/1316316
.. _pull 13https://github.com/nedbat/coveragepy/pull/13171317

.. _changes_63:

v6.3

Compare Source

  • Fix: adapt to pypy3.9's decorator tracing behavior. It now traces function
    decorators like CPython 3.8: both the @​-line and the def-line are traced.
    Fixes issue 1326_.

  • Debug: added pybehave to the list of :ref:cmd_debug and
    :ref:cmd_run_debug options.

  • Fix: show an intelligible error message if --concurrency=multiprocessing
    is used without a configuration file. Closes issue 1320_.

.. _issue 1320:https://github.com/nedbat/coveragepy/issues/13200
.. _issue 1326https://github.com/nedbat/coveragepy/issues/132626

.. _changes_631:

v6.2

Compare Source

  • Feature: Now the --concurrency setting can now have a list of values, so
    that threads and another lightweight threading package can be measured
    together, such as --concurrency=gevent,thread. Closes issue 1012_ and
    issue 1082_.

  • Fix: A module specified as the source setting is imported during startup,
    before the user program imports it. This could cause problems if the rest of
    the program isn't ready yet. For example, issue 1203_ describes a Django
    setting that is accessed before settings have been configured. Now the early
    import is wrapped in a try/except so errors then don't stop execution.

  • Fix: A colon in a decorator expression would cause an exclusion to end too
    early, preventing the exclusion of the decorated function. This is now fixed.

  • Fix: The HTML report now will not overwrite a .gitignore file that already
    exists in the HTML output directory (follow-on for issue 1244_).

  • API: The exceptions raised by Coverage.py have been specialized, to provide
    finer-grained catching of exceptions by third-party code.

  • API: Using suffix=False when constructing a Coverage object with
    multiprocessing wouldn't suppress the data file suffix (issue 989_). This
    is now fixed.

  • Debug: The coverage debug data command will now sniff out combinable data
    files, and report on all of them.

  • Debug: The coverage debug command used to accept a number of topics at a
    time, and show all of them, though this was never documented. This no longer
    works, to allow for command-line options in the future.

.. _issue 989:https://github.com/nedbat/coveragepy/issues/9899
.. _issue 1012https://github.com/nedbat/coveragepy/issues/101212
.. _issue 108https://github.com/nedbat/coveragepy/issues/1082082
.. _issue 12https://github.com/nedbat/coveragepy/issues/12031203

.. _changes_612:

v6.1.2

Compare Source

  • Python 3.11 is supported (tested with 3.11.0a2). One still-open issue has to
    do with exits through with-statements <issue 1270_>_.

  • Fix: When remapping file paths through the [paths] setting while
    combining, the [run] relative_files setting was ignored, resulting in
    absolute paths for remapped file names (issue 1147_). This is now fixed.

  • Fix: Complex conditionals over excluded lines could have incorrectly reported
    a missing branch (issue 1271_). This is now fixed.

  • Fix: More exceptions are now handled when trying to parse source files for
    reporting. Problems that used to terminate coverage.py can now be handled
    with [report] ignore_errors. This helps with plugins failing to read
    files (django_coverage_plugin issue 78_).

  • Fix: Removed another vestige of jQuery from the source tarball
    (issue 840_).

  • Fix: Added a default value for a new-to-6.x argument of an internal class.
    This unsupported class is being used by coveralls (issue 1273_). Although
    I'd rather not "fix" unsupported interfaces, it's actually nicer with a
    default value.

.. _django_coverage_plugin issue 78:https://github.com/nedbat/django_coverage_plugin/issues/788
.. _issue 1147https://github.com/nedbat/coveragepy/issues/114747
.. _issue 127https://github.com/nedbat/coveragepy/issues/1270270
.. _issue 12https://github.com/nedbat/coveragepy/issues/12711271
.. _issue 1https://github.com/nedbat/coveragepy/issues/1273/1273

.. _changes_611:

v6.1.1

Compare Source

  • Fix: The sticky header on the HTML report didn't work unless you had branch
    coverage enabled. This is now fixed: the sticky header works for everyone.
    (Do people still use coverage without branch measurement!? j/k)

  • Fix: When using explicitly declared namespace packages, the "already imported
    a file that will be measured" warning would be issued (issue 888_). This
    is now fixed.

.. _issue 888:https://github.com/nedbat/coveragepy/issues/8888

.. _changes_61:

v6.1

Compare Source

  • Python 3.11 is supported (tested with 3.11.0a2). One still-open issue has to
    do with exits through with-statements <issue 1270_>_.

  • Fix: When remapping file paths through the [paths] setting while
    combining, the [run] relative_files setting was ignored, resulting in
    absolute paths for remapped file names (issue 1147_). This is now fixed.

  • Fix: Complex conditionals over excluded lines could have incorrectly reported
    a missing branch (issue 1271_). This is now fixed.

  • Fix: More exceptions are now handled when trying to parse source files for
    reporting. Problems that used to terminate coverage.py can now be handled
    with [report] ignore_errors. This helps with plugins failing to read
    files (django_coverage_plugin issue 78_).

  • Fix: Removed another vestige of jQuery from the source tarball
    (issue 840_).

  • Fix: Added a default value for a new-to-6.x argument of an internal class.
    This unsupported class is being used by coveralls (issue 1273_). Although
    I'd rather not "fix" unsupported interfaces, it's actually nicer with a
    default value.

.. _django_coverage_plugin issue 78:https://github.com/nedbat/django_coverage_plugin/issues/788
.. _issue 1147https://github.com/nedbat/coveragepy/issues/114747
.. _issue 127https://github.com/nedbat/coveragepy/issues/1270270
.. _issue 12https://github.com/nedbat/coveragepy/issues/12711271
.. _issue 1https://github.com/nedbat/coveragepy/issues/1273/1273

.. _changes_611:

jamesls/fakeredis

v1.7.1

Compare Source

v1.7.0

Compare Source

tiangolo/fastapi

v0.75.1

Compare Source

Translations
Internal

v0.75.0

Compare Source

Features

v0.74.1

Compare Source

Features
  • ✨ Include route in scope to allow middleware and other tools to extract its information. PR #​4603 by @​tiangolo.

v0.74.0

Compare Source

Breaking Changes
  • ✨ Update internal AsyncExitStack to fix context for dependencies with yield. PR #​4575 by @​tiangolo.

Dependencies with yield can now catch HTTPException and custom exceptions. For example:

async def get_database():
    with Session() as session:
        try:
            yield session
        except HTTPException:
            session.rollback()
            raise
        finally:
            session.close()

After the dependency with yield handles the exception (or not) the exception is raised again. So that any exception handlers can catch it, or ultimately the default internal ServerErrorMiddleware.

If you depended on exceptions not being received by dependencies with yield, and receiving an exception breaks the code after yield, you can use a block with try and finally:

async def do_something():
    try:
        yield something
    finally:
        some_cleanup()

...that way the finally block is run regardless of any exception that might happen.

Features
  • The same PR #​4575 from above also fixes the contextvars context for the code before and after yield. This was the main objective of that PR.

This means that now, if you set a value in a context variable before yield, the value would still be available after yield (as you would intuitively expect). And it also means that you can reset the context variable with a token afterwards.

For example, this works correctly now:

from contextvars import ContextVar
from typing import Any, Dict, Optional

legacy_request_state_context_var: ContextVar[Optional[Dict[str, Any]]] = ContextVar(
    "legacy_request_state_context_var", default=None
)

async def set_up_request_state_dependency():
    request_state = {"user": "deadpond"}
    contextvar_token = legacy_request_state_context_var.set(request_state)
    yield request_state
    legacy_request_state_context_var.reset(contextvar_token)

...before this change it would raise an error when resetting the context variable, because the contextvars context was different, because of the way it was implemented.

Note: You probably don't need contextvars, and you should probably avoid using them. But they are powerful and useful in some advanced scenarios, for example, migrating from code that used Flask's g semi-global variable.

Technical Details: If you want to know more of the technical details you can check out the PR description #​4575.

Internal

v0.73.0

Compare Source

Features
Docs
Fixes
Internal

v0.72.0

Compare Source

Features
Docs
Translations
Internal
tox-dev/py-filelock

v3.6.0

Compare Source

v3.5.1

Compare Source

v3.5.0

Compare Source

v3.4.2

Compare Source

v3.4.1

Compare Source

v3.4.0

Compare Source

isagalaev/highlight.js

v11.5.0

Compare Source

Themes:

New Grammars:

Grammars:

  • enh(ruby) lots of small Ruby cleanups/improvements Josh Goebel
  • enh(objectivec) add type and variable.language scopes Josh Goebel
  • enh(xml) support processing instructions (#​3492) Josh Goebel
  • enh(ruby ) better support multi-line IRB prompts
  • enh(bash) improved keyword $pattern (numbers allowed in command names) Martin Mattel
  • add meta.prompt scope for REPL prompts, etc Josh Goebel
  • fix(markdown) Handle ***Hello world*** without breaking Josh Goebel
  • enh(php) add support for PHP Attributes Wojciech Kania
  • fix(java) prevent false positive variable init on else Josh Goebel
  • enh(php) named arguments Wojciech Kania
  • fix(php) PHP constants Wojciech Kania
  • fix(angelscript) incomplete int8, int16, int32, int64 highlighting Melissa Geels
  • enh(ts) modify TypeScript-specific keywords and types list anydonym
  • fix(brainfuck) fix highlighting of initial ++/-- Christina Hanson
  • fix(llvm) escaping in strings and number formats Flakebi
  • enh(elixir) recognize references to modules Mark Ericksen
  • enh(css): add support for more properties Nicolaos Skimas
encode/httpx

v0.22.0

Compare Source

Added
Fixed
  • Don't perform unreliable close/warning on __del__ with unclosed clients. (#​2026)
  • Fix Headers.update(...) to correctly handle repeated headers (#​2038)

v0.21.3

Compare Source

Fixed
  • Fix streaming uploads using SyncByteStream or AsyncByteStream. Regression in 0.21.2. (#​2016)

v0.21.2

Compare Source

Fixed
  • HTTP/2 support for tunnelled proxy cases. (#​2009)
  • Improved the speed of large file uploads. (#​1948)

v0.21.1

Compare Source

Fixed
  • The response.url property is now correctly annotated as URL, instead of Optional[URL]. (#​1940)

v0.21.0

Compare Source

The 0.21.0 release integrates against a newly redesigned httpcore backend.

Both packages ought to automatically update to the required versions, but if you are
seeing any issues, you should ensure that you have httpx==0.21.* and httpcore==0.14.* installed.

Added
  • The command-line client will now display connection information when -v/--verbose is used.
  • The command-line client will now display server certificate information when -v/--verbose is used.
  • The command-line client is now able to properly detect if the outgoing request
    should be formatted as HTTP/1.1 or HTTP/2, based on the result of the HTTP/2 negotiation.
Removed
  • Curio support is no longer currently included. Please get in touch if you require this, so that we can assess priorities.
pycqa/isort

v5.10.1

Compare Source

  • Fixed #​1819: Occasional inconsistency with multiple src paths.
    • Fixed #​1840: skip_file ignored when on the first docstring line

v5.10.0

Compare Source

  • Implemented #​1796: Switch to tomli for pyproject.toml configuration loader.
    • Fixed #​1801: CLI bug (--exend-skip-glob, overrides instead of extending).
    • Fixed #​1802: respect PATH customization in nested calls to git.
    • Fixed #​1838: Append only with certain code snippets incorrectly adds imports.
    • Added official support for Python 3.10
Potentially breaking changes:
  • Fixed #​1785: _ast module incorrectly excluded from stdlib definition.
lxml/lxml

v4.8.0

Compare Source

==================

Features added

  • GH#​337: Path-like objects are now supported throughout the API instead of just strings.
    Patch by Henning Janssen.

  • The ElementMaker now supports QName values as tags, which always override
    the default namespace of the factory.

Bugs fixed

  • GH#​338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in
    lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively.
    Patch by Tobias Deiminger.

Other changes

  • Built with Cython 0.29.28.

v4.7.1

Compare Source

==================

Features added

  • Chunked Unicode string parsing via parser.feed() now encodes the input data
    to the native UTF-8 encoding directly, instead of going through Py_UNICODE /
    wchar_t encoding first, which previously required duplicate recoding in most cases.

Bugs fixed

  • The standard namespace prefixes were mishandled during "C14N2" serialisation on Python 3.
    See https://mail.python.org/archives/list/lxml@python.org/thread/6ZFBHFOVHOS5GFDOAMPCT6HM5HZPWQ4Q/

  • lxml.objectify previously accepted non-XML numbers with underscores (like "1_000")
    as integers or float values in Python 3.6 and later. It now adheres to the number
    format of the XML spec again.

  • LP#​1939031: Static wheels of lxml now contain the header files of zlib and libiconv
    (in addition to the already provided headers of libxml2/libxslt/libexslt).

Other changes

  • Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows).

v4.7.0

Compare Source

==================

  • Release retracted due to missing files in lxml/includes/.

v4.6.5

Compare Source

==================

Bugs fixed

  • A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script
    content through SVG images (CVE-2021-43818).

  • A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script
    content through CSS imports and other crafted constructs (CVE-2021-43818).

v4.6.4

Compare Source

==================

Features added

  • GH#​317: A new property system_url was added to DTD entities.
    Patch by Thirdegree.

  • GH#​314: The STATIC_* variables in setup.py can now be passed via env vars.
    Patch by Isaac Jurado.

PyMySQL/mysqlclient

v2.1.0

Compare Source

What's Changed


Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@hwittenborn hwittenborn merged commit 2312417 into mprweb Apr 2, 2022
@hwittenborn hwittenborn deleted the renovate/all branch April 2, 2022 00:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants