search

GeoNode / geonode

GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data.
https://geonode.org/
Other
1.46k stars 1.13k forks source link

build(deps): bump twisted from 24.3.0 to 24.7.0 #12494

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 3 months ago

Bumps twisted from 24.3.0 to 24.7.0.

Release notes

Sourced from twisted's releases.

Twisted 24.7.0 (2024-08-08)

24.7.0.rc2 fixed an unreleased regression caused by PR 12109. (#12279) No other changes since 24.7.0.rc2

Features

  • twisted.protocols.ftp now supports the IPv6 extensions defined in RFC 2428. (#9645)
  • twisted.internet.defer.inlineCallbacks can now yield a coroutine. (#9972)
  • twisted.python._shellcomp.ZshArgumentsGenerator was updated for Python 3.13. (#12065)
  • twisted.web.wsgi request environment now contains the peer port number as REMOTE_PORT. (#12096)
  • twisted.internet.defer.Deferred.callback() and twisted.internet.defer.Deferred.addCallbacks() no longer use assert to check the type of the arguments. You should now use type checking to validate your code. These changes were done to reduce the CPU usage. (#12122)
  • Added two new methods, twisted.logger.Logger.failuresHandled and twisted.logger.Logger.failureHandler, which allow for more concise and convenient handling of exceptions when dispatching out to application code. The former can arbitrarily customize failure handling at the call site, and the latter can be used for performance-sensitive cases where no additional information needs to be logged. (#12188)
  • twisted.internet.defer.Deferred.addCallback now runs about 10% faster. (#12223)
  • twisted.internet.defer.Deferred error handling is now faster, taking 40% less time to run. (#12227)

Bugfixes

  • Fixed unreleased regression caused by PR #12109. (#12279)
  • twisted.internet.ssl.Certificate.repr can now handle certificates without a common name (CN) in the certificate itself or the signing CA. (#5851)
  • Type annotations have been added to twisted.conch.interfaces.IKnownHostEntry and its implementations, twisted.conch.client.knownhosts.PlainHost and twisted.conch.client.knownhosts.HashedHost, correcting a variety of type confusion issues throughout the conch client code. (#9713)
  • twisted.python.failure.Failure once again utilizes the custom pickling logic it used to in the past. (#12112)
  • twisted.conch.client.knownhosts.KnownHostsFile.verifyHostKey no longer logs an exception when automatically adding an IP address host key, which means the interactive conch command-line no longer will either. (#12141)

Improved Documentation

  • The IRC server example found in the documentation was updated for readability. (#12097)
  • Remove contextvars from list of optional dependencies. (#12128)
  • The documentation for installing Twisted was moved into a single page. (#12145)
  • The project's compatibility policy now clearly indicates that the GitHub Actions test matrix defines the supported platforms. (#12167)
  • Updated imap4client.py example, it no longer references Python 2. (#12252)

Deprecations and Removals

  • twisted.internet.defer.returnValue has been deprecated. You can replace it with the standard return statement. (#9930)
  • The twisted-iocpsupport is no longer a hard dependency on Windows. The IOCP support is now installed together with the other Windows soft dependencies via twisted[windows-platform]. (#11893)
  • twisted.python.deprecate helper function will now always strip whitespaces from the docstrings. This is done to have the same behaviour as with Python 3.13. (#12063)
  • twisted.conch.manhole.ManholeInterpreter.write, twisted.conch.manhole.ManholeInterpreter.addOutput, twisted.mail.imap4.IMAP4Server.sendUntaggedResponse async argument, deprecated since 18.9.0, has been removed. (#12130)
  • twisted.web.soap was removed.

... (truncated)

Changelog

Sourced from twisted's changelog.

Twisted 24.7.0 (2024-08-08)

24.7.0.rc2 fixed an unreleased regression caused by PR 12109. (#12279) No other changes since 24.7.0.rc2

Security Advisories

  • twisted.web.util.redirectTo now HTML-escapes the provided URL in the fallback response body it returns (GHSA-cf56-g6w6-pqq2, CVE-2024-41810). (#9839)
  • The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure (CVE-2024-41671/GHSA-c8m8-j448-xjx7) (#12248)

Features

  • twisted.protocols.ftp now supports the IPv6 extensions defined in RFC 2428. (#9645)
  • twisted.internet.defer.inlineCallbacks can now yield a coroutine. (#9972)
  • twisted.python._shellcomp.ZshArgumentsGenerator was updated for Python 3.13. (#12065)
  • twisted.web.wsgi request environment now contains the peer port number as REMOTE_PORT. (#12096)
  • twisted.internet.defer.Deferred.callback() and twisted.internet.defer.Deferred.addCallbacks() no longer use assert to check the type of the arguments. You should now use type checking to validate your code. These changes were done to reduce the CPU usage. (#12122)
  • Added two new methods, twisted.logger.Logger.failuresHandled and twisted.logger.Logger.failureHandler, which allow for more concise and convenient handling of exceptions when dispatching out to application code. The former can arbitrarily customize failure handling at the call site, and the latter can be used for performance-sensitive cases where no additional information needs to be logged. (#12188)
  • twisted.internet.defer.Deferred.addCallback now runs about 10% faster. (#12223)
  • twisted.internet.defer.Deferred error handling is now faster, taking 40% less time to run. (#12227)

Bugfixes

  • twisted.internet.ssl.Certificate.repr can now handle certificates without a common name (CN) in the certificate itself or the signing CA. (#5851)
  • Type annotations have been added to twisted.conch.interfaces.IKnownHostEntry and its implementations, twisted.conch.client.knownhosts.PlainHost and twisted.conch.client.knownhosts.HashedHost, correcting a variety of type confusion issues throughout the conch client code. (#9713)
  • twisted.python.failure.Failure once again utilizes the custom pickling logic it used to in the past. (#12112)
  • twisted.conch.client.knownhosts.KnownHostsFile.verifyHostKey no longer logs an exception when automatically adding an IP address host key, which means the interactive conch command-line no longer will either. (#12141)

Improved Documentation

  • The IRC server example found in the documentation was updated for readability. (#12097)
  • Remove contextvars from list of optional dependencies. (#12128)
  • The documentation for installing Twisted was moved into a single page. (#12145)
  • The project's compatibility policy now clearly indicates that the GitHub Actions test matrix defines the supported platforms. (#12167)
  • Updated imap4client.py example, it no longer references Python 2. (#12252)

Deprecations and Removals

  • twisted.internet.defer.returnValue has been deprecated. You can replace it with the standard return statement. (#9930)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 64.18%. Comparing base (3676baf) to head (2cbab5b). Report is 22 commits behind head on master.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #12494 +/- ## ======================================= Coverage 64.18% 64.18% ======================================= Files 888 888 Lines 53501 53501 Branches 6599 6599 ======================================= Hits 34339 34339 Misses 17652 17652 Partials 1510 1510 ```
dependabot[bot] commented 2 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.