search

OWASP / Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
https://owasp.org/www-project-nettacker/
Apache License 2.0
3.05k stars 718 forks source link

Bump netaddr from 0.9.0 to 1.0.0 #810

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps netaddr from 0.9.0 to 1.0.0.

Release notes

Sourced from netaddr's releases.

1.0.0

Changelog: https://netaddr.readthedocs.io/en/latest/changes.html#release-1-0-0 Commits: https://github.com/netaddr/netaddr/compare/0.10.1...1.0.0

0.10.1

Changelog: https://netaddr.readthedocs.io/en/latest/changes.html#release-0-10-1 Commits: https://github.com/netaddr/netaddr/compare/0.10.0...0.10.1

0.10.0

Changelog: https://netaddr.readthedocs.io/en/latest/changes.html#release-0-10-0 Commits: https://github.com/netaddr/netaddr/compare/0.9.0...0.10.0

Changelog

Sourced from netaddr's changelog.

Release: 1.0.0

Date: 2024-02-10

Removed:

  • Drop support for Python versions lower than 3.7.

  • Remove the flag shorthands: N, P and Z. Use :data:NOHOST, :data:INET_PTON and :data:ZEROFILL instead.

  • Remove abbreviated CIDR format support in :class:IPNetwork (implicit_prefix=True), use :func:cidr_abbrev_to_verbose if you need this behavior.

  • Remove the IPAddress.is_private method.

    There are more precise replacements for subset of the addresses that used to handled by is_private:

    • :meth:IPAddress.is_link_local
    • :meth:IPAddress.is_ipv4_private_use
    • :meth:IPAddress.is_ipv6_unique_local
    • :meth:IPAddress.is_global

    The following address blocks used to be handled by is_private have no dedicated convenience methods and you'll have to handle them manually or request a method addition:

    • 100.64.0.0/10 – Shared Address Space
    • 192.0.0.0/24 – IETF Protocol Assignments (watch out – there are exceptions in there)
    • 198.18.0.0/15 – Benchmarking
    • 239.0.0.0-239.255.255.255 – 240.0.0.0/4 is Reserved, 239.0.0.0/8 – unclear

Changed:

  • Stop accepting leading zeros when parsing IPv4 addresses in :data:INET_PTON mode (it's been allowed on some platforms).

    If you need to allow and discard leading zeros use the :data:ZEROFILL flag.

    This change will affect implicit conversions from str in all relevant contexts. If you need to control the IPv4 parsing mode construct :class:IPAddress objects explicitly.

  • Stop parsing IPv4 addresses permissively (inet_aton()-like) by default.

    :data:INET_PTON is the default mode.

    If you need to be permissive and parse using inet_aton() semantics use the :data:INET_ATON flag.

    This change will affect implicit conversions from str in all relevant contexts. If you need to control the IPv4 parsing mode construct :class:IPAddress objects explicitly.

  • Apply the two changes above to :func:valid_ipv4 as well.

  • Update the address databases to the 2024-02-10 versions.

... (truncated)

Commits
  • b7a4d43 Release version 1.0.0
  • 2a40743 Clean up copyright information
  • 4926868 Remove a redundant bit from the documentation footer
  • 9c90d38 Make the copyright information reflect reality better
  • 90449bb Explicitly set IPython's namespace
  • e83ed3c Remoove unused variables
  • 2e4a3b4 Make the shell banner nicer
  • 5ddb891 Update the databases
  • a8483c9 Fix a few copy/paste errors
  • c6996d8 Fix dialect handling in EUI during copy-construction (#364)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 4 months ago

Superseded by #812.