Closed dependabot[bot] closed 2 years ago
@dependabot ignore this minor version
until benoitc/gunicorn#2581 is fixed and we can bump gunicorn versions we can't change eventlet versions, and most of our apps aren't impacted by the security issue, which is related to websockets.
as of today, gunicorn hasn't had a versioned release since April 2021 although the fix is apparently in
OK, I won't notify you about version 0.33.x again, unless you re-open this PR or update to a 0.33.x release yourself.
Bumps eventlet from 0.30.2 to 0.33.0.
Changelog
Sourced from eventlet's changelog.
Commits
955be1c
v0.33.0 releasec870876
Create a DNS resolver lazily rather than on import (fixes #736)3c25d0c
green.thread: unlocked Lock().release() should raise exception, returned True8904a33
setup.cfg: Replace dashes with underscores15d3c24
Python 3.10 partial support690464a
ssl: GreenSSLContext minimum_version and maximum_version setters579c498
wsgi: Don't break HTTP framing during 100-continue handling0100950
v0.32.0 release254a772
codecov: allow 3% threshold to pass status checkaeb0390
greendns: compatibility with dnspython v2Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)