Deprecated support for empty usernames. Now all backends will reject an empty string as input for the 'username' field when setting a password. Later this deprecation will become a more visible user warning and even later an error. If this warning is triggered in your environment, please consider using a static value (even 'username') or comment in the issue and describe the use-case that demands support for empty usernames. (#668)
- Drop support for Python 3.7 (EOL) by @hugovk in `[#910](https://github.com/jpadilla/pyjwt/issues/910) <https://github.com/jpadilla/pyjwt/pull/910>`__
- Allow JWT issuer claim validation to accept a list of strings too by @mattpollak in `[#913](https://github.com/jpadilla/pyjwt/issues/913) <https://github.com/jpadilla/pyjwt/pull/913>`__
Fixed
- Fix unnecessary string concatenation by @sirosen in `[#904](https://github.com/jpadilla/pyjwt/issues/904) <https://github.com/jpadilla/pyjwt/pull/904>`__
- Fix docs for ``jwt.decode_complete`` to include ``strict_aud`` option by @woodruffw in `[#923](https://github.com/jpadilla/pyjwt/issues/923) <https://github.com/jpadilla/pyjwt/pull/923>`__
- Fix docs step by @jpadilla in `[#950](https://github.com/jpadilla/pyjwt/issues/950) <https://github.com/jpadilla/pyjwt/pull/950>`__
- Fix: Remove an unused variable from example code block by @kenkoooo in `[#958](https://github.com/jpadilla/pyjwt/issues/958) <https://github.com/jpadilla/pyjwt/pull/958>`__
Added
Add support for Python 3.12 by @hugovk in [#910](https://github.com/jpadilla/pyjwt/issues/910) <https://github.com/jpadilla/pyjwt/pull/910>__
Improve performance of is_ssh_key + add unit test by @bdraco in [#940](https://github.com/jpadilla/pyjwt/issues/940) <https://github.com/jpadilla/pyjwt/pull/940>__
Allow jwt.decode() to accept a PyJWK object by @luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) <https://github.com/jpadilla/pyjwt/pull/886>__
Make algorithm_name attribute available on PyJWK by @luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) <https://github.com/jpadilla/pyjwt/pull/886>__
Raise InvalidKeyError on invalid PEM keys to be compatible with cryptography 42.x.x by @CollinEMac in [#952](https://github.com/jpadilla/pyjwt/issues/952) <https://github.com/jpadilla/pyjwt/pull/952>__
Raise an exception when required cryptography dependency is missing by @tobloef in <https://github.com/jpadilla/pyjwt/pull/963>__
Minimal conversion to pytest+hypothesis by @mgorny in #52
Added simple equality operator for class Symbol by @GregoirePelegrin in #55
jsondiff: fix symbol equality by @corytodd in #61
ci: add pytest workflow by @corytodd in #63
setup.py: migrate to pyproject.toml by @corytodd in #65
fix: better diffing of empty containers by @corytodd in #64
add rightonly jsondiff syntax by @ramwin in #60
Introduce YAML support by @corytodd in #67
packaging: revert to requirements files by @corytodd in #69
cli: handle deserialization errors by @corytodd in #72
ci: upload to pypi on github release by @corytodd in #77
* (Linux) Extend the mechanism for collection of ``.hmac`` files from
:issue:`8288` to also include ``.hmac`` files in the ``fipscheck`` directory.
(:issue:`8719`)
* Add support for Python 3.13. (:issue:`8198`)
Introduce new :envvar:PYINSTALLER_RESET_ENVIRONMENT environment variable, to
be used by application developers when trying to launch
:data:sys.executable-based process that is supposed to outlive the current
application process (which includes the :ref:application restart scenario <independent subprocess>). This is considered the official and preferred
approach at spawning new independent instances of the same application (as
opposed to modifying the private :envvar:_PYI_ARCHIVE_FILE environment
variable). (:issue:8634)
The splash screen in splash-screen enabled frozen application can now
be disabled by the user at run-time, using the new
:envvar:PYINSTALLER_SUPPRESS_SPLASH_SCREEN environment variable. If the
environment variable is set to 1, the splash screen is not shown,
and functions from :mod:pyi_splash become no-op without raising errors
or displaying warning messages. (:issue:8634)
Bugfix
* (Windows) Attempt to work around the leak of ``VCRUNTIME140.dll`` in
``onefile`` applications with splash screen enabled in scenarios where
the OS and/or anti-virus program injects additional DLLs into the process
that also depend on ``VCRUNTIME140.dll``. (:issue:`7106`)
* (Windows) Fix regression in PyInstaller 6.x that caused console-enabled
onefile to applications fail to clean up their temporary directory during
system session shutdown (i.e., when user logs off or initiates system shutdown
or restart). For console-enabled onefile applications, this used to work up
until PyInstaller 6.0 by means of installed console handler; however, due to
contemporary bootloader executables being linked against ``user32.dll``, the
console handler does not receive ``CTRL_LOGOFF_EVENT`` and
``CTRL_SHUTDOWN_EVENT`` console events anymore (for the same reason, this did
not work for builds with splash screen, even between v5.3 and 6.0). Instead,
session shutdown is now handled by means of hidden window and handling of
``WM_QUERYENDSESSION`` and ``WM_ENDSESSION`` event messages. (:issue:`8648`)
* (Windows) Improve handling of ``CTRL_CLOSE_EVENT`` console event in
``onefile`` builds for compatibility with Windows Terminal in order to
avoid leaking temporary files when user closes the terminal window
(or tab). Upon receiving the event, the parent process now gives the child
process a 500-millisecond grace period to exit, after which it terminates
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/085296f616a4b7eff4614710f9527b164c463c21"><code>085296f</code></a> Release v6.10.0. [skip ci]</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/af549bb71d8c6c6a29577f1728e2ba4d0d9a6059"><code>af549bb</code></a> misc: adjust for changes in _pyinstaller_hooks_contrib layout</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/86cfc103ff29eca938d5c07c5db65c417eae5b47"><code>86cfc10</code></a> hookutils: Tcl/Tk: fix Tk data directory when using Tk framework bundle</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/709dbd224cc4a5823906f531714eda0502bdc2bb"><code>709dbd2</code></a> hooks: tkinter: change Tcl/Tk script directory names to avoid conflicts</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/67f932ee66b3cf2bbb69108ab85d707b5ae1440c"><code>67f932e</code></a> tests: add a full functional test for tkinter</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/bc3f2e0f286d3014061e3d9b5ae1fc3522750d2d"><code>bc3f2e0</code></a> hookutils: robustify <code>can_import_module</code> against interpreter crashes</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/5c23105220e176e3300ab631412de735e725b481"><code>5c23105</code></a> hookutils: rework the Tcl/Tk utility functions</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/c28e448c4d99fd6f0f1e877d7a3a968541749197"><code>c28e448</code></a> hookutils: setuptools: fix couple of typos</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/80724ff94bc51fcb9115c28696b134a51a516097"><code>80724ff</code></a> tests: add test for GIL setting in freethreading-enabled python builds</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/eb71f10d435019b65f852a41d218d89d0c00132c"><code>eb71f10</code></a> README: add python 3.13 to list of supported versions</li>
<li>Additional commits viewable in <a href="https://github.com/pyinstaller/pyinstaller/compare/v6.9.0...v6.10.0">compare view</a></li>
</ul>
</details>
<br />
[flake8-pyi] Respect pep8_naming.classmethod-decorators settings when determining if a method is a classmethod in custom-type-var-return-type (PYI019) (#13162)
[flake8-pyi] Teach various rules that annotations might be stringized (#12951)
[pylint] Avoid no-self-use for attrs-style validators (#13166)
[pylint] Recurse into subscript subexpressions when searching for list/dict lookups (PLR1733, PLR1736) (#13186)
[pyupgrade] Detect aiofiles.open calls in UP015 (#13173)
[pyupgrade] Mark sys.version_info[0] < 3 and similar comparisons as outdated (UP036) (#13175)
[flake8-pyi] Respect pep8_naming.classmethod-decorators settings when determining if a method is a classmethod in custom-type-var-return-type (PYI019) (#13162)
[flake8-pyi] Teach various rules that annotations might be stringized (#12951)
[pylint] Avoid no-self-use for attrs-style validators (#13166)
[pylint] Recurse into subscript subexpressions when searching for list/dict lookups (PLR1733, PLR1736) (#13186)
[pyupgrade] Detect aiofiles.open calls in UP015 (#13173)
[pyupgrade] Mark sys.version_info[0] < 3 and similar comparisons as outdated (UP036) (#13175)
Handle singular case for incompatible rules warning in ruff format output (#13212)
Bug fixes
[pydocstyle] Improve heuristics for detecting Google-style docstrings (#13142)
[refurb] Treat sep arguments with effects as unsafe removals (FURB105) (#13165)
0.6.3
Preview features
[flake8-simplify] Extend open-file-with-context-handler to work with dbm.sqlite3 (SIM115) (#13104)
[pycodestyle] Disable E741 in stub files (.pyi) (#13119)
[pydoclint] Avoid DOC201 on explicit returns in functions that only return None (#13064)
Rule changes
[flake8-async] Disable check for asyncio before Python 3.11 (ASYNC109) (#13023)
Bug fixes
[FastAPI] Avoid introducing invalid syntax in fix for fast-api-non-annotated-dependency (FAST002) (#13133)
[flake8-implicit-str-concat] Normalize octals before merging concatenated strings in single-line-implicit-string-concatenation (ISC001) (#13118)
[flake8-pytest-style] Improve help message for pytest-incorrect-mark-parentheses-style (PT023) (#13092)
[pylint] Avoid autofix for calls that aren't min or max as starred expression (PLW3301) (#13089)
[ruff] Add datetime.time, datetime.tzinfo, and datetime.timezone as immutable function calls (RUF009) (#13109)
[ruff] Extend comment deletion for RUF100 to include trailing text from noqa directives while preserving any following comments on the same line, if any (#13105)
Fix dark theme on initial page load for the Ruff playground (#13077)
We’ve just uploaded mypy 1.11 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:
python3 -m pip install -U mypy
You can read the full documentation for this release on Read the Docs.
Support Python 3.12 Syntax for Generics (PEP 695)
Mypy now supports the new type parameter syntax introduced in Python 3.12 (PEP 695).
This feature is still experimental and must be enabled with the --enable-incomplete-feature=NewGenericSyntax flag, or with enable_incomplete_feature = NewGenericSyntax in the mypy configuration file.
We plan to enable this by default in the next mypy feature release.
This example demonstrates the new syntax:
# Generic function
def f[T](https://github.com/python/mypy/blob/master/x: T) -> T: ...
reveal_type(f(1)) # Revealed type is 'int'
Generic class
class C[T]:
def init(self, x: T) -> None:
self.x = x
c = C('a')
reveal_type(c.x) # Revealed type is 'str'
Type alias
type A[T] = C[list[T]]
This feature was contributed by Jukka Lehtosalo.
Support for functools.partial
Mypy now type checks uses of functools.partial. Previously mypy would accept arbitrary arguments.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the all group with 9 updates in the / directory:
9.2.0
9.3.1
25.2.1
25.3.0
2.8.0
2.9.0
2.3.0
2.3.1
2.0.0
2.2.1
6.9.0
6.10.0
0.4.8
0.6.4
1.10.0
1.11.2
0.26.1
0.28.0
Updates
copier
from 9.2.0 to 9.3.1Release notes
Sourced from copier's releases.
Changelog
Sourced from copier's changelog.
Commits
53f1901
bump: version 9.3.0 → 9.3.11035e94
fix: pass--skip-tasks
flag to worker (#1688)3f89b71
build(deps): bump pydantic from 2.7.4 to 2.8.0cc5e3e6
build(deps-dev): bump mkdocs-material from 9.5.27 to 9.5.281a444b8
build: recommend pyclean to reduce custom developer tooling (#1673)448dd4f
bump: version 9.2.0 → 9.3.098e58d7
style: autoformat with pre-commitab81b62
ci: enable autofix.ci798d7aa
docs: Fix README callout (#1651)7bc1548
build(jinja2): update dependencyUpdates
keyring
from 25.2.1 to 25.3.0Changelog
Sourced from keyring's changelog.
Commits
30eecb9
Finalize2d484ee
Merge pull request #687 from jaraco/668-empty-user8b3fb17
Add news fragment.53ca9cc
When constructing KeyringBackend subclasses, wrap set_password to enforce non...1877402
Extract method for registration.a13a477
Deprecate setting a password for an empty username.b1b6094
Merge https://github.com/jaraco/skeletonab34814
Re-enable preview, this time not for one specific feature, but for all featur...a50407d
Merge https://github.com/jaraco/skeleton30f940e
jaraco/skeleton#132
Updates
pyjwt
from 2.8.0 to 2.9.0Release notes
Sourced from pyjwt's releases.
Changelog
Sourced from pyjwt's changelog.
Commits
868cf4a
Add 2.9.0 changelog. Fixes #949 (#967)304a3df
[pre-commit.ci] pre-commit autoupdate (#965)527fec2
Raise exception when required cryptography dependency is missing (#963)18a50be
[pre-commit.ci] pre-commit autoupdate (#960)4703f87
Handle load_pem_public_key ValueError (#952)9dc732f
Update usage.rst (#958)ab8176a
Decode with PyJWK (#886)c0a071d
chore: update actions/download-artifact2afbe32
Add coverage and improve performance of is_ssh_key (#940)97345a7
[pre-commit.ci] pre-commit autoupdate (#953)Updates
algokit-utils
from 2.3.0 to 2.3.1Changelog
Sourced from algokit-utils's changelog.
Commits
Updates
jsondiff
from 2.0.0 to 2.2.1Release notes
Sourced from jsondiff's releases.
... (truncated)
Changelog
Sourced from jsondiff's changelog.
Commits
31140ba
release 2.2.16d5ce44
Protect Symbol.eq by instance check. (#82)d2473f1
staging 2.2.0 release65b96a4
Exclude a list of paths from diff. (#81)b2db6d3
release 2.1.2f779b54
remove last bits of python2 support (#80)d08d8ac
Added docstrings (#79)74926da
really drop python<=3.7 support (#78)099ecc9
changelog: backfill changelog4028d66
fix: unhappy readme formattingUpdates
pyinstaller
from 6.9.0 to 6.10.0Release notes
Sourced from pyinstaller's releases.
Changelog
Sourced from pyinstaller's changelog.