chore(deps): Bump the dependencies group with 4 updates

[dependabot[bot]]

Bumps the dependencies group with 4 updates: djangorestframework, django, pytest and sentry-sdk.

Updates djangorestframework from 3.14.0 to 3.15.0

Commits

• 2d8e9ad 3.15 Release (#9210)
• a677b09 Revert "Fix validation for ListSerializer (#8979)" (#9283)
• 09a0c55 Revert "Register Django urls (#8778)" (#9254)
• 730d216 fix: Remove the _delegate_text attribute, which is being removed in django ...
• a2eabfc Improve integration with Django Debug Toolbar (#9213)
• 4c7c693 Bump the github-actions group with 1 update (#9272)
• b7cccff Keep GitHub Actions up to date with GitHub's Dependabot (#9237)
• 6cbd4b7 GitHub Actions: Upgrade pre-commit and drop the removed token (#9267)
• fb03dd9 Add codespell: config + workflow to detect new typos. Get some typos fixed (...
• 3c9490b resolve deprecation warnings for setup-python (#9266)
• Additional commits viewable in compare view

Updates django from 5.0.1 to 5.0.3

Commits

• 4b64d72 [5.0.x] Bumped version for 5.0.3 release.
• 3394fc6 [5.0.x] Fixed CVE-2024-27351 -- Prevented potential ReDoS in Truncator.words().
• 80761c3 [5.0.x] Fixed #35198 -- Fixed facet filters crash on querysets with no primar...
• 24de811 [5.0.x] Fixed typo in docs/ref/contrib/admin/index.txt.
• bf7fedc [5.0.x] Removed #django-geo IRC channel in docs.
• a8de04f [5.0.x] Refs #34964 -- Doc'd that Q expression order is preserved.
• b1f2833 [5.0.x] Added release date for 5.0.3, 4.2.11, and 3.2.25.
• 5d9be66 [5.0.x] Removed distracting note from tutorial 4.
• 69e5b13 [5.0.x] Fixed #35238 -- Fixed database serialization crash when base managers...
• e72fdc8 [5.0.x] Fixed #35153 -- Added note about locale name notation to FORMAT_MODUL...
• Additional commits viewable in compare view

Updates pytest from 8.0.2 to 8.1.1

Release notes

Sourced from pytest's releases.

8.1.1

pytest 8.1.1 (2024-03-08)

::: {.note} ::: {.title} Note :::

This release is not a usual bug fix release -- it contains features and improvements, being a follow up to 8.1.0, which has been yanked from PyPI. :::

Features

• #11475: Added the new consider_namespace_packages{.interpreted-text role="confval"} configuration option, defaulting to False.

  If set to True, pytest will attempt to identify modules that are part of namespace packages when importing modules.

• #11653: Added the new verbosity_test_cases{.interpreted-text role="confval"} configuration option for fine-grained control of test execution verbosity. See Fine-grained verbosity <pytest.fine_grained_verbosity>{.interpreted-text role="ref"} for more details.

Improvements

• #10865: pytest.warns{.interpreted-text role="func"} now validates that warnings.warn{.interpreted-text role="func"} was called with a [str]{.title-ref} or a [Warning]{.title-ref}. Currently in Python it is possible to use other types, however this causes an exception when warnings.filterwarnings{.interpreted-text role="func"} is used to filter those warnings (see [CPython #103577](python/cpython#103577) for a discussion). While this can be considered a bug in CPython, we decided to put guards in pytest as the error message produced without this check in place is confusing.

• #11311: When using --override-ini for paths in invocations without a configuration file defined, the current working directory is used as the relative directory.

  Previoulsy this would raise an AssertionError{.interpreted-text role="class"}.

• #11475: --import-mode=importlib <import-mode-importlib>{.interpreted-text role="ref"} now tries to import modules using the standard import mechanism (but still without changing :pysys.path{.interpreted-text role="data"}), falling back to importing modules directly only if that fails.

  This means that installed packages will be imported under their canonical name if possible first, for example app.core.models, instead of having the module name always be derived from their path (for example .env310.lib.site_packages.app.core.models).

• #11801: Added the iter_parents() <_pytest.nodes.Node.iter_parents>{.interpreted-text role="func"} helper method on nodes. It is similar to listchain <_pytest.nodes.Node.listchain>{.interpreted-text role="func"}, but goes from bottom to top, and returns an iterator, not a list.

• #11850: Added support for sys.last_exc{.interpreted-text role="data"} for post-mortem debugging on Python>=3.12.

• #11962: In case no other suitable candidates for configuration file are found, a pyproject.toml (even without a [tool.pytest.ini_options] table) will be considered as the configuration file and define the rootdir.

• #11978: Add --log-file-mode option to the logging plugin, enabling appending to log-files. This option accepts either "w" or "a" and defaults to "w".

  Previously, the mode was hard-coded to be "w" which truncates the file before logging.

... (truncated)

Commits

• 81653ee Adjust changelog manually for 8.1.1
• e60b4b9 Prepare release version 8.1.1
• 15fbe57 [8.1.x] Revert legacy path removals (#12093)
• 86c3aab [8.1.x] Do not import duplicated modules with --importmode=importlib (#12077)
• 5b82b0c [8.1.x] Yank version 8.1.0 (#12076)
• 0a53681 Merge pull request #12054 from pytest-dev/release-8.1.0
• b9a167f Prepare release version 8.1.0
• 00043f7 Merge pull request #12038 from bluetech/fixtures-rm-arg2index
• f4e1025 Merge pull request #12048 from bluetech/fixture-teardown-excgroup
• 43492f5 Merge pull request #12051 from jakkdl/test_debugging_pythonbreakpoint
• Additional commits viewable in compare view

Updates sentry-sdk from 1.40.5 to 1.42.0

Release notes

Sourced from sentry-sdk's releases.

1.42.0

Various fixes & improvements

• New integration: OpenAI integration (#2791) by @​colin-sentry

  We added an integration for OpenAI to capture errors and also performance data when using the OpenAI Python SDK.

  Useage:

  This integrations is auto-enabling, so if you have the openai package in your project it will be enabled. Just initialize Sentry before you create your OpenAI client.

  from openai import OpenAI
  import sentry_sdk
  sentry_sdk.init(
  dsn="PUBLIC_DSN",
  enable_tracing=True,
  traces_sample_rate=1.0,
  )
  client = OpenAI()
  

  For more information, see the documentation for OpenAI integration.

• Discard open OpenTelemetry spans after 10 minutes (#2801) by @​antonpirker

• Propagate sentry-trace and baggage headers to Huey tasks (#2792) by @​cnschn

• Added Event type (#2753) by @​szokeasaurusrex

• Improve scrub_dict typing (#2768) by @​szokeasaurusrex

• Dependencies: bump types-protobuf from 4.24.0.20240302 to 4.24.0.20240311 (#2797) by @​dependabot

1.41.0

Various fixes & improvements

• Add recursive scrubbing to EventScrubber (#2755) by @​Cheapshot003

  By default, the EventScrubber will not search your events for potential PII recursively. With this release, you can enable this behavior with:

  import sentry_sdk
  from sentry_sdk.scrubber import EventScrubber
  sentry_sdk.init(
  # ...your usual settings...
  event_scrubber=EventScrubber(recursive=True),
  )
  

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

1.42.0

Various fixes & improvements

• New integration: OpenAI integration (#2791) by @​colin-sentry

  We added an integration for OpenAI to capture errors and also performance data when using the OpenAI Python SDK.

  Useage:

  This integrations is auto-enabling, so if you have the openai package in your project it will be enabled. Just initialize Sentry before you create your OpenAI client.

  from openai import OpenAI
  import sentry_sdk
  sentry_sdk.init(
  dsn="PUBLIC_DSN",
  enable_tracing=True,
  traces_sample_rate=1.0,
  )
  client = OpenAI()
  

  For more information, see the documentation for OpenAI integration.

• Discard open OpenTelemetry spans after 10 minutes (#2801) by @​antonpirker

• Propagate sentry-trace and baggage headers to Huey tasks (#2792) by @​cnschn

• Added Event type (#2753) by @​szokeasaurusrex

• Improve scrub_dict typing (#2768) by @​szokeasaurusrex

• Dependencies: bump types-protobuf from 4.24.0.20240302 to 4.24.0.20240311 (#2797) by @​dependabot

1.41.0

Various fixes & improvements

• Add recursive scrubbing to EventScrubber (#2755) by @​Cheapshot003

  By default, the EventScrubber will not search your events for potential PII recursively. With this release, you can enable this behavior with:

  import sentry_sdk
  from sentry_sdk.scrubber import EventScrubber
  sentry_sdk.init(
  # ...your usual settings...
  event_scrubber=EventScrubber(recursive=True),
  

... (truncated)

Commits

• d27c5cd Update changelog
• 8f9d49e release: 1.42.0
• e7535c1 build(deps): bump types-protobuf from 4.24.0.20240302 to 4.24.0.20240311 (#2797)
• 5717f1b ref: Event Type (#2753)
• 1a8db5e Discard open spans after 10 minutes (#2801)
• f40e27f Add a method for normalizing data passed to set_data (#2800)
• ff0a94b OpenAI integration (#2791)
• 46a632d Propagate sentry-trace and baggage to huey tasks (#2792)
• 461bd59 ref: Improve scrub_dict typing (#2768)
• 1b0e932 Merge branch 'release/1.41.0'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions