Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial Update #1101

Merged
merged 18 commits into from
Mar 4, 2017
Merged

Initial Update #1101

merged 18 commits into from
Mar 4, 2017

Conversation

pyup-bot
Copy link
Contributor

@pyup-bot pyup-bot commented Mar 2, 2017

This is my first visit to this fine repo so I have bundled all updates in a single pull request to make things easier for you to merge.

Close this pull request and delete the branch if you want me to start with single pull requests right away

Here's the executive summary:

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

raven[flask] 6.0.0 » 6.0.0 PyPI | Changelog | Repo
pymysql 0.7.9 » 0.7.10 PyPI | Changelog | Repo
sqlalchemy 1.1.4 » 1.1.6 PyPI | Homepage
rq-dashboard 0.3.7 » 0.3.8 PyPI | Repo
Flask-Login 0.3.2 » 0.4.0 PyPI | Changelog | Repo | Docs
lockfile 0.10.2 » 0.12.2 PyPI | Homepage | Docs
Flask-WTF 0.13.1 » 0.14.2 PyPI | Changelog | Repo | Docs
Flask-SQLAlchemy 2.1 » 2.2 PyPI | Changelog | Repo | Docs
Flask-Migrate 2.0.0 » 2.0.3 PyPI | Changelog | Repo | Docs
arrow 0.10.0 » 0.10.0 PyPI | Changelog | Repo
requests 2.12 » 2.13.0 PyPI | Changelog | Homepage
hashids 1.1.0 » 1.2.0 PyPI | Changelog | Repo
pygments 2.1.3 » 2.2.0 PyPI | Changelog | Homepage
mccabe 0.5.3 » 0.6.1 PyPI | Repo
pytest-cov 2.3.1 » 2.4.0 PyPI | Changelog | Repo
selenium 3.0.0 » 3.0.2 PyPI | Changelog | Repo

Changelogs

raven[flask] -> 6.0.0

6.0.0


  • Strip whitespace from DSNs automatically.
  • Add last_event_id accessor to Client.
  • Do not require sys.argv to be available any more.
  • Tags defined on a logging handler will now be merged with individual log record's tags.
  • Added explicit support for multidicts in the django client.
  • Refactored transports to support multiple URLs. This might affect
    you if you have custom subclasses of those. The main change is that
    the URL parameter moved from the constructor into the send method.
  • Corrected an issue with recursive route resolvers which commonly
    affected things like django-tastyepie.
  • Corrected an issue where Django's HTTP request was not always available
    within events.

5.32.0


  • Made raven python breadcrumb patches work when librato monkey
    patches logging.

pymysql 0.7.9 -> 0.7.10

0.7.10

Release date: 2017-02-14

  • SECURITY FIX: Raise RuntimeError when received LOAD_LOCAL packet while
    loacal_infile=False. (Thanks to Bryan Helmig)
  • Raise SERVER_LOST error for MariaDB's shutdown packet (540)
  • Change default connect_timeout to 10.
  • Add bind_address option (529)

Flask-Login 0.3.2 -> 0.4.0

0.4.0


Released on October 26th, 2016

  • Fixes OPTIONS exemption from login. 244
  • Fixes use of MD5 by replacing with SHA512. 264
  • BREAKING: The login_manager.token_handler function, get_auth_token method
    on the User class, and the utils.make_secure_token utility function have
    been removed to prevent users from creating insecure auth implementations.
    Use the Alternative Tokens example from the docs instead. 291

Flask-WTF 0.13.1 -> 0.14.2

0.14.2


Released 2017-01-10

  • Fix bug where FlaskForm assumed meta argument was not None if it
    was passed. (278_)

.. _278: pallets-eco/flask-wtf#278

0.14.1


Released 2017-01-10

  • Fix bug where the file validators would incorrectly identify an empty file as
    valid data. (276, 277)
  • FileField is no longer deprecated. The data is checked during
    processing and only set if it's a valid file.
  • has_file is deprecated; it's now equivalent to bool(field.data).
  • FileRequired and FileAllowed work with both the Flask-WTF and
    WTForms FileField classes.
  • The Optional validator now works with FileField.

.. _276: pallets-eco/flask-wtf#276
.. _277: pallets-eco/flask-wtf#277

0.14


Released 2017-01-06

  • Use itsdangerous to sign CSRF tokens and check expiration instead of doing it
    ourselves. (264_)
  • All tokens are URL safe, removing the url_safe parameter from
    generate_csrf. (206_)
  • All tokens store a timestamp, which is checked in validate_csrf. The
    time_limit parameter of generate_csrf is removed.
  • Remove the app attribute from CsrfProtect, use current_app.
    (264_)
  • CsrfProtect protects the DELETE method by default. (264_)
  • The same CSRF token is generated for the lifetime of a request. It is exposed
    as request.csrf_token for use during testing. (227, 264)
  • CsrfProtect.error_handler is deprecated. (264_)
  • Handlers that return a response work in addition to those that raise an
    error. The behavior was not clear in previous docs.
  • (200, 209, 243, 252)
  • Use Form.Meta instead of deprecated SecureForm for CSRF (and
    everything else). (216, 271)
  • csrf_enabled parameter is still recognized but deprecated. All other
    attributes and methods from SecureForm are removed. (271_)
  • Provide WTF_CSRF_FIELD_NAME to configure the name of the CSRF token.
    (271_)
  • validate_csrf raises wtforms.ValidationError with specific messages
    instead of returning True or False. This breaks anything that was
    calling the method directly. (239, 271)
  • CSRF errors are logged as well as raised. (239_)
  • CsrfProtect is renamed to CSRFProtect. A deprecation warning is issued
    when using the old name. CsrfError is renamed to CSRFError without
    deprecation. (271_)
  • FileField is deprecated because it no longer provides functionality over
    the provided validators. Use wtforms.FileField directly. (272_)

.. _200: pallets-eco/flask-wtf#200
.. _209: pallets-eco/flask-wtf#209
.. _216: pallets-eco/flask-wtf#216
.. _227: pallets-eco/flask-wtf#227
.. _239: pallets-eco/flask-wtf#239
.. _243: pallets-eco/flask-wtf#243
.. _252: pallets-eco/flask-wtf#252
.. _264: pallets-eco/flask-wtf#264
.. _271: pallets-eco/flask-wtf#271
.. _272: pallets-eco/flask-wtf#272

Flask-SQLAlchemy 2.1 -> 2.2

2.2


Released on February 27, 2017, codename Dubnium

  • Minimum SQLAlchemy version is 0.8 due to use of sqlalchemy.inspect.
  • Added support for custom query_class and model_class as args
    to the SQLAlchemy constructor. (328_)
  • Allow listening to SQLAlchemy events on db.session. (364_)
  • Allow __bind_key__ on abstract models. (373_)
  • Allow SQLALCHEMY_ECHO to be a string. (409_)
  • Warn when SQLALCHEMY_DATABASE_URI is not set. (443_)
  • Don't let pagination generate invalid page numbers. (460_)
  • Drop support of Flask < 0.10. This means the db session is always tied to
    the app context and its teardown event. (461_)
  • Tablename generation logic no longer accesses class properties unless they
    are declared_attr. (467_)

.. _328: pallets-eco/flask-sqlalchemy#328
.. _364: pallets-eco/flask-sqlalchemy#364
.. _373: pallets-eco/flask-sqlalchemy#373
.. _409: pallets-eco/flask-sqlalchemy#409
.. _443: pallets-eco/flask-sqlalchemy#443
.. _460: pallets-eco/flask-sqlalchemy#460
.. _461: pallets-eco/flask-sqlalchemy#461
.. _467: pallets-eco/flask-sqlalchemy#467

Flask-Migrate 2.0.0 -> 2.0.3

2.0.3

  • Support multiple -x arguments in the Flask-Script interface (103)

2.0.2

  • Support passing alembic context kwargs from constructor into init_app (138)

2.0.1

  • Fix flake8 warnings in Alembic templates (136)

arrow -> 0.10.0

0.10.0

  • [FIX] Fix getattr off by one for quarter
  • [FIX] Fix negative offset for UTC
  • [FIX] Update arrow.py

requests 2.12 -> 2.13.0

2.13.0

+++++++++++++++++++

Features

  • Only load the idna library when we've determined we need it. This will
    save some memory for users.

Miscellaneous

  • Updated bundled urllib3 to 1.20.
  • Updated bundled idna to 2.2.

2.12.5

+++++++++++++++++++

Bugfixes

  • Fixed an issue with JSON encoding detection, specifically detecting
    big-endian UTF-32 with BOM.

2.12.4

+++++++++++++++++++

Bugfixes

  • Fixed regression from 2.12.2 where non-string types were rejected in the
    basic auth parameters. While support for this behaviour has been readded,
    the behaviour is deprecated and will be removed in the future.

2.12.3

+++++++++++++++++++

Bugfixes

  • Fixed regression from v2.12.1 for URLs with schemes that begin with "http".
    These URLs have historically been processed as though they were HTTP-schemed
    URLs, and so have had parameters added. This was removed in v2.12.2 in an
    overzealous attempt to resolve problems with IDNA-encoding those URLs. This
    change was reverted: the other fixes for IDNA-encoding have been judged to
    be sufficient to return to the behaviour Requests had before v2.12.0.

2.12.2

+++++++++++++++++++

Bugfixes

  • Fixed several issues with IDNA-encoding URLs that are technically invalid but
    which are widely accepted. Requests will now attempt to IDNA-encode a URL if
    it can but, if it fails, and the host contains only ASCII characters, it will
    be passed through optimistically. This will allow users to opt-in to using
    IDNA2003 themselves if they want to, and will also allow technically invalid
    but still common hostnames.
  • Fixed an issue where URLs with leading whitespace would raise
    InvalidSchema errors.
  • Fixed an issue where some URLs without the HTTP or HTTPS schemes would still
    have HTTP URL preparation applied to them.
  • Fixed an issue where Unicode strings could not be used in basic auth.
  • Fixed an issue encountered by some Requests plugins where constructing a
    Response object would cause Response.content to raise an
    AttributeError.

2.12.1

+++++++++++++++++++

Bugfixes

  • Updated setuptools 'security' extra for the new PyOpenSSL backend in urllib3.

Miscellaneous

  • Updated bundled urllib3 to 1.19.1.

hashids 1.1.0 -> 1.2.0

1.2.0

  • performance optimizations (Jakub Kramarz)
  • version classifiers (Patrick Mézard)

pygments 2.1.3 -> 2.2.0

2.2


(in development)

  • Added lexers:
  • AMPL
  • TypoScript (1173)
  • Varnish config (PR554)
  • Clean (PR503)
  • WDiff (PR513)
  • Flatline (PR551)
  • Silver (PR537)
  • HSAIL (PR518)
  • JSGF (PR546)
  • NCAR command language (PR536)
  • Extempore (PR530)
  • Cap'n Proto (PR595)
  • Whiley (PR573)
  • Monte (PR592)
  • Crystal (PR576)
  • Snowball (PR589)
  • CapDL (PR579)
  • NuSMV (PR564)
  • SAS, Stata (PR593)
  • Added the ability to load lexer and formatter classes directly from files
    with the -x command line option and the lexers.load_lexer_from_file()
    and formatters.load_formatter_from_file() functions. (PR559)
  • Added lexers.find_lexer_class_by_name(). (1203)
  • Added new token types and lexing for magic methods and variables in Python
    and PHP.
  • Added a new token type for string affixes and lexing for them in Python, C++
    and Postgresql lexers.
  • Added a new token type for heredoc (and similar) string delimiters and
    lexing for them in C++, Perl, PHP, Postgresql and Ruby lexers.
  • Styles can now define colors with ANSI colors for use in the 256-color
    terminal formatter. (PR531)
  • Improved the CSS lexer. (1083, 1130)
  • Added "Rainbow Dash" style. (PR623)
  • Delay loading pkg_resources, which takes a long while to import. (PR690)

pytest-cov 2.3.1 -> 2.4.0

2.4.0


  • Added a "disarm" option: --no-cov. It will disable coverage measurements. Contributed by Zoltan Kozma in
    PR135 &lt;https://github.com/pytest-dev/pytest-cov/pull/135&gt;_.

WARNING: Do not put this in your configuration files, it's meant to be an one-off for situations where you want to
disable coverage from command line.

  • Fixed broken exception handling on .pth file. See 136 &lt;https://github.com/pytest-dev/pytest-cov/issues/136&gt;_.

selenium 3.0.0 -> 3.0.2

3.0.2

  • Add support for W3C Get Active Element
  • Return when we use executeScript for faking WebElement.get_property
  • Expand user paths and resolve absolute path for Chrome extensions
  • Add support for verbose logging and custom path to EdgeDriver
  • Update TakeElementScreenshot to match WebDriver specification
  • Raise WebDriverException when FirefoxBinary fails to locate binary
  • Fix getting IP for python 3
  • Write Service log to DEVNULL by default
  • Only attempt to remove the Firefox profile path if one was specified
  • Added context manager for chrome/content in Firefox

3.0.1

  • Fix regressions with python 3
  • Add support for Safari Technology Preview

Once you have closed this pull request, I'll create seperate pull requests for every update as soon as I find them.

That's it for now!

Happy merging! 🤖

@Sumukh
Copy link
Member

Sumukh commented Mar 2, 2017

It tried.
image

Copy link
Contributor

@knrafto knrafto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems okay, let's hope our tests are good

@Sumukh
Copy link
Member

Sumukh commented Mar 4, 2017

Going to try this out in staging.

@Sumukh Sumukh merged commit d8c4362 into master Mar 4, 2017
@Sumukh Sumukh deleted the pyup-initial-update branch March 4, 2017 03:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants