Bump webargs from 1.4.0 to 5.5.3

dependabot[bot] commented 3 years ago

Bumps webargs from 1.4.0 to 5.5.3.

Changelog

5.5.3 (2020-01-28)

Bug fixes:

:cve:CVE-2020-7965: Don't attempt to parse JSON if request's content type is mismatched.

5.5.2 (2019-10-06)

Bug fixes:

Handle UnicodeDecodeError when parsing JSON payloads (:issue:427). Thanks :user:lindycoder for the catch and patch.

5.5.1 (2019-09-15)

Bug fixes:

Remove usage of deprecated Field.fail when using marshmallow 3.

5.5.0 (2019-09-07)

Support:

Various docs updates (:pr:414, :pr:421).

Refactoring:

Don't mutate globals() in webargs.fields (:pr:411).

Use marshmallow 3's Schema.from_dict if available (:pr:415).

5.4.0 (2019-07-23)

Changes:

Use explicit type check for fields.DelimitedList when deciding to parse value with getlist() ([#406](https://github.com/marshmallow-code/webargs/issues/406) (comment) <https://github.com/marshmallow-code/webargs/issues/406#issuecomment-514446228>_ ).

Support:

Add "Parsing Lists in Query Strings" section to docs (:issue:406).

5.3.2 (2019-06-19)

Bug fixes:

... (truncated)

Commits

29b6a16 Bump version and update changelog
74fada6 Skip JSON parsing if Content-Type is mismatched
f1ae764 Bump version and update changelog
6347b4b Handle decoding errors like json decode errors (#428)
fb8ff11 Run pre-commit autoupdate
f2db6bc Merge pull request #429 from marshmallow-code/dependabot/pip/mypy-0.730
211c442 Bump mypy from 0.720 to 0.730
dc54835 Bump version and update changelog
37471e3 Remove usage of deprecated Field.fail on marshmallow 3 (#425)
0fd8007 Update contributing guidelines
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EUDAT-B2SHARE/b2share/network/alerts).

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] commented 2 years ago