Added support for the Python 3.12 walk_up keyword argument in anyio.Path.relative_to() (PR by Colin Taylor)
Fixed passing total_tokens to anyio.CapacityLimiter() as a keyword argument not working on the trio backend (#515)
Fixed Process.aclose() not performing the minimum level of necessary cleanup when cancelled. Previously:
Cancellation of Process.aclose() could leak an orphan process
Cancellation of run_process() could very briefly leak an orphan process.
Cancellation of Process.aclose() or run_process() on Trio could leave standard streams unclosed
(PR by Ganden Schaffner)
Fixed Process.stdin.aclose(), Process.stdout.aclose(), and Process.stderr.aclose() not including a checkpoint on asyncio (PR by Ganden Schaffner)
Fixed documentation on how to provide your own typed attributes
4.2.0
Add support for byte-based paths in connect_unix, create_unix_listeners, create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by Lura Skye)
Enabled the Event and CapacityLimiter classes to be instantiated outside an event loop thread
Broadly improved/fixed the type annotations. Among other things, many functions and methods that take variadic positional arguments now make use of PEP 646 TypeVarTuple to allow the positional arguments to be validated by static type checkers. These changes affected numerous methods and functions, including:
This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.
4.3.0
Added support for the Python 3.12 walk_up keyword argument in
anyio.Path.relative_to() (PR by Colin Taylor)
Fixed passing total_tokens to anyio.CapacityLimiter() as a keyword argument
not working on the trio backend
([#515](https://github.com/agronholm/anyio/issues/515) <https://github.com/agronholm/anyio/issues/515>_)
Fixed Process.aclose() not performing the minimum level of necessary cleanup when
cancelled. Previously:
Cancellation of Process.aclose() could leak an orphan process
Cancellation of run_process() could very briefly leak an orphan process.
Cancellation of Process.aclose() or run_process() on Trio could leave
standard streams unclosed
(PR by Ganden Schaffner)
Fixed Process.stdin.aclose(), Process.stdout.aclose(), and
Process.stderr.aclose() not including a checkpoint on asyncio (PR by Ganden
Schaffner)
Fixed documentation on how to provide your own typed attributes
4.2.0
Add support for byte-based paths in connect_unix, create_unix_listeners,
create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by
Lura Skye)
Enabled the Event and CapacityLimiter classes to be instantiated outside an
event loop thread
Broadly improved/fixed the type annotations. Among other things, many functions and
methods that take variadic positional arguments now make use of PEP 646
TypeVarTuple to allow the positional arguments to be validated by static type
checkers. These changes affected numerous methods and functions, including:
This is a bug fix release for 2.6.0 where the "TuDoor" fix erroneously
suppressed legitimate Truncated exceptions. This caused the stub
resolver to timeout instead of failing over to TCP when a legitimate
truncated response was received over UDP.
This release addresses the potential DoS issue discussed in the
"TuDoor" paper (CVE-2023-29483). The dnspython stub resolver is
vulnerable to a potential DoS if a bad-in-some-way response from the
right address and port forged by an attacker arrives before a
legitimate one on the UDP port dnspython is using for that query. In
this situation, dnspython might switch to querying another resolver or
give up entirely, possibly denying service for that resolution. This
release addresses the issue by adopting the recommended mitigation,
which is ignoring the bad packets and continuing to listen for a
legitimate response until the timeout for the query has expired.
Thank you to all the contributors to this release, and, as usual,
thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian
Wellington.
This release addresses the potential DoS issue discussed in the "TuDoor" paper (CVE-2023-29483). The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query. In this situation, dnspython might switch to querying another resolver or give up entirely, possibly denying service for that resolution. This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.
Thank you to all the contributors to this release, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.
dnspython 2.5.0
See the What's New page for a summary of this release.
Thanks to all the contributors, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.
The Tudoor fix ate legitimate Truncated exceptions, preventing the resolver from
failing over to TCP and causing the query to timeout #1053.
2.6.0
As mentioned in the "TuDoor" paper and the associated CVE-2023-29483, the dnspython
stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the
right address and port forged by an attacker arrives before a legitimate one on the
UDP port dnspython is using for that query.
This release addresses the issue by adopting the recommended mitigation, which is
ignoring the bad packets and continuing to listen for a legitimate response until
the timeout for the query has expired.
Added support for the NSID EDNS option.
Dnspython now looks for version metadata for optional packages and will not
use them if they are too old. This prevents possible exceptions when a
feature like DoH is not desired in dnspython, but an old httpx is installed
along with dnspython for some other purpose.
The DoHNameserver class now allows GET to be used instead of the default POST,
and also passes source and source_port correctly to the underlying query
methods.
2.5.0
Dnspython now uses hatchling for builds.
Asynchronous destinationless sockets now work on Windows.
Cython is no longer supported due to various typing issues.
Dnspython now explicitly canonicalizes IPv4 and IPv6 addresses.
Previously it was possible for non-canonical IPv6 forms to be stored
in a AAAA address, which would work correctly but possibly cause
problmes if the address were used as a key in a dictionary.
The number of messages in a section can be retrieved with
section_count().
Truncation preferences for messages can be specified.
The length of a message can be automatically prepended when
rendering.
🐛 Fix unhandled growing memory for internal server errors, refactor dependencies with yield and except to require raising again as in regular Python. PR #11191 by @tiangolo.
This is a breaking change (and only slightly) if you used dependencies with yield, used except in those dependencies, and didn't raise again.
This was reported internally by @rushilsrivastava as a memory leak when the server had unhandled exceptions that would produce internal server errors, the memory allocated before that point would not be released.
NumPy 1.26.4 is a maintenance release that fixes bugs and regressions
discovered after the 1.26.3 release. The Python versions supported by
this release are 3.9-3.12. This is the last planned release in the
1.26.x series.
Contributors
A total of 13 people contributed to this release. People with a "+" by
their names contributed a patch for the first time.
Charles Harris
Elliott Sales de Andrade
Lucas Colley +
Mark Ryan +
Matti Picus
Nathan Goldbaum
Ola x Nilsson +
Pieter Eendebak
Ralf Gommers
Sayed Adel
Sebastian Berg
Stefan van der Walt
Stefano Rivera
Pull requests merged
A total of 19 pull requests were merged for this release.
[#463](https://github.com/pytest-dev/pluggy/issues/463) <https://github.com/pytest-dev/pluggy/issues/463>_: A warning :class:~pluggy.PluggyTeardownRaisedWarning is now issued when an old-style hookwrapper raises an exception during teardown.
See the warning documentation for more details.
[#471](https://github.com/pytest-dev/pluggy/issues/471) <https://github.com/pytest-dev/pluggy/issues/471>_: Add :func:PluginManager.unblock <pluggy.PluginManager.unblock> method to unblock a plugin by plugin name.
Bug Fixes
[#441](https://github.com/pytest-dev/pluggy/issues/441) <https://github.com/pytest-dev/pluggy/issues/441>_: Fix :func:~pluggy.HookCaller.call_extra() extra methods getting ordered before everything else in some circumstances. Regressed in pluggy 1.1.0.
[#438](https://github.com/pytest-dev/pluggy/issues/438) <https://github.com/pytest-dev/pluggy/issues/438>_: Fix plugins registering other plugins in a hook when the other plugins implement the same hook itself. Regressed in pluggy 1.1.0.
Bumps the all group with 21 updates:
3.7.1
4.3.0
1.23.6
1.25.0
2023.11.17
2024.2.2
2.4.2
2.6.1
0.105.0
0.110.0
1.0.2
1.0.4
0.26.0
0.27.0
0.41.1
0.42.0
0.58.1
0.59.0
1.26.2
1.26.4
1.3.0
1.4.0
2.5.3
2.6.3
2.14.6
2.16.3
4.6.1
4.6.2
7.4.3
8.0.2
2023.3.post1
2024.1
1.11.4
1.12.0
1.3.0
1.3.1
0.27.0
0.37.1
4.9.0
4.10.0
0.25.0
0.27.1
Updates
anyio
from 3.7.1 to 4.3.0Release notes
Sourced from anyio's releases.
... (truncated)
Changelog
Sourced from anyio's changelog.
... (truncated)
Commits
437a7e3
Bumped up the version1ce32e5
Updated the upload/download artifact actionsd39c837
[pre-commit.ci] pre-commit autoupdate (#690)ba48ea8
Added the network marker to some tests that need DNS (#687)5426f7b
Remove conditionals and workarounds for Python interpreter versions 3.7 and o...7565f31
[pre-commit.ci] pre-commit autoupdate (#684)137de70
Fixed documentation on providing custom typed attributes (#683)8b8806c
Fixed typo (#681)1e60219
Fixedrun_process()
andopen_process().__aexit__
leaking an orphan proces...3f14df8
[pre-commit.ci] pre-commit autoupdate (#676)Updates
beanie
from 1.23.6 to 1.25.0Release notes
Sourced from beanie's releases.
... (truncated)
Changelog
Sourced from beanie's changelog.
... (truncated)
Commits
72b35f9
Version/1.25.0 (#844)3258326
Limit Nesting Level of Linked Documents (#834)7c49b91
Sync Method (#831)ced7168
ko-fi buttons (#843)99312f6
Create FUNDING.yml (#842)8fa4068
Update migration command to enable/disable transactions (#828)63542eb
Fix: FindInterface type-hints break on View models (#819)9056fbb
fix: count with text queries and links (#826)e876e1a
Encode date objects (#816)f2e1439
version | 1.24.0 (#815)Updates
certifi
from 2023.11.17 to 2024.2.2Commits
45eb611
2024.02.02 (#266)83f4f04
fix leaking certificate issue (#265)bbf2208
Bump actions/upload-artifact from 4.2.0 to 4.3.0 (#264)9e837a5
Bump actions/upload-artifact from 4.1.0 to 4.2.0 (#262)05d071b
Bump actions/upload-artifact from 4.0.0 to 4.1.0 (#261)2a3088a
Bump actions/download-artifact from 4.1.0 to 4.1.1 (#260)d4ca66e
Bump actions/upload-artifact from 3.1.3 to 4.0.0 (#258)5d15663
Bump actions/download-artifact from 3.0.2 to 4.1.0 (#257)d66ef9d
Bump actions/setup-python from 4.7.1 to 5.0.0 (#256)8f0d412
Bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11 (#255)Updates
dnspython
from 2.4.2 to 2.6.1Release notes
Sourced from dnspython's releases.
Changelog
Sourced from dnspython's changelog.
... (truncated)
Commits
0a742b9
update CI0ea5ad0
The Tudoor fix should not eat valid Truncated exceptions #1053 (#1054)f12d398
2.6.1 version prepcecb853
Further improve CVE fix coverage to 100% for sync and async.7952e31
test IgnoreErrorse093299
For the Tudoor fix, we also need the UDP nameserver to ignore_unexpected.3af9f78
2.6.0 versioningca63d95
Require cryptography >=41 instead of 42.902cbf3
Create CODE_OF_CONDUCT.mded9795f
github contributing and pull request templateUpdates
fastapi
from 0.105.0 to 0.110.0Release notes
Sourced from fastapi's releases.
... (truncated)
Commits
e40747f
🔖 Release version 0.110.032b56a8
📝 Update release notesb6b0f2a
📝 Update release notesbf771bd
🐛 Fix unhandled growing memory for internal server errors, refactor dependenc...6336604
📝 Update release notescb93874
📝 Update release notes9210e6a
🌐 Add German translation fordocs/de/docs/reference/background.md
(#10820)dec45c5
🌐 Add German translation fordocs/de/docs/reference/templating.md
(#10842)5da35ff
📝 Update release notes626b066
🌐 Add German translation fordocs/de/docs/external-links.md
(#10852)Updates
httpcore
from 1.0.2 to 1.0.4Release notes
Sourced from httpcore's releases.
Changelog
Sourced from httpcore's changelog.
Commits
14bda52
Version 1.0.4 (#892)80d21ee
Addtarget
request extension (#888)accae7b
Fix support for connection Upgrade and CONNECT when some data in the stream h...c468024
Bump the python-packages group with 4 updates (#890)c02733d
Group dependencies on dependabot updates (#885)908013c
Version 1.0.3 (#883)7b04cda
Safe async cancellations. (#880)79fa6bf
Bump ruff from 0.1.9 to 0.2.1 (#881)416b89c
Bump mkdocs-material from 9.4.14 to 9.5.7 (#878)9f82244
Bump coverage[toml] from 7.3.2 to 7.4.1 (#877)Updates
httpx
from 0.26.0 to 0.27.0Release notes
Sourced from httpx's releases.
Changelog
Sourced from httpx's changelog.
Commits
326b943
Version 0.27.0 (#3095)3faa4a8
Improve 'Custom transports' docs (#3081)c51af4b
Extensions docs (#3080)cabd1c0
Deprecateapp=...
in favor of explicitWSGITransport
/ASGITransport
. (#3...6f46152
Bump the python-packages group with 6 updates (#3077)37a2901
Mention NO_PROXY environment variable on Advanced Usage page (#3066)371b6e9
Use__future__.annotations
(#3068)4f6edf3
testparse_header_links
via public api (#3061)c7cd6aa
testobfuscate_sensitive_headers
via public api (#3063)15f9253
Drop outdated section (#3057)Updates
llvmlite
from 0.41.1 to 0.42.0Commits
b2a26aa
Merge pull request #1029 from stuartarchibald/wip/change_log_0_42_0_final2c3dae0
Update CHANGE_LOG for 0.42.0 final.c0c7726
Initialize 0.42 branchf22420a
Merge pull request #1021 from gmarkall/release-notes-04283a8829
Update CHANGE_LOGab073f5
Add release notes for 0.42.0rc14292eea
Merge pull request #978 from tbennun/type-query-480bb55b
Add test for is_function_vararg on non-function typefe53feb
Merge remote-tracking branch 'origin/main' into pr/978e70590f
Merge pull request #1019 from diptorupd/add_convergent_attributeUpdates
numba
from 0.58.1 to 0.59.0Release notes
Sourced from numba's releases.
Commits
c6da269
Merge pull request #9411 from stuartarchibald/wip/version_tab_rel_notes_059054d91fb
Merge pull request #9405 from sklam/misc/rel59finale76f945
Doc updates for 0.59.0 final.938e779
Merge pull request #9407 from sklam/fix/parfor_bug_from_92444502c3d
Merge pull request #9403 from sklam/fix/sigillf911c19
Merge pull request #9402 from sklam/misc/doc_updates_5929529a0
Merge pull request #9404 from stuartarchibald/wip/fix_py3_12_1_update437b91b
Merge pull request #9371 from sklam/misc/relese0.59prep35afde5
Flake8 fix74166ce
Apply suggestions from code reviewUpdates
numpy
from 1.26.2 to 1.26.4Release notes
Sourced from numpy's releases.
... (truncated)
Commits
9815c16
Merge pull request #25770 from charris/prepare-1.26.4114ed25
REL: Prepare for the NumPy 1.26.4 release2fae4d3
Merge pull request #25323 from stefanor/import-asstrce89a0a
Merge pull request #25756 from charris/backport-24711f62dfc6
Merge pull request #25755 from charris/backport-25709fee88ab
BUG: Fix np.quantile([Fraction(2,1)], 0.5) (#24711)659be68
MAINT: Include header defining backtrace837cd38
Merge pull request #25748 from rgommers/unvendor-mesonpythonf984240
CI: upgrade cibuildwheel from 2.16.4 to 2.16.5 [wheel build]3548f9d
BLD: unvendor meson-python [wheel build]Updates
pluggy
from 1.3.0 to 1.4.0Changelog
Sourced from pluggy's changelog.
Commits
2efd28e
Preparing release 1.4.0ebeb2f2
Merge pull request #471 from bluetech/unblock3a28b4d
Merge pull request #464 from bluetech/hookwrapper-teardown-warning4331b7a
Merge pull request #473 from bluetech/iterator-invalidation7aef3e6
hooks: fix plugins registering other plugins in a hookcc36605
Merge pull request #472 from bluetech/call-extra-ordering-fix443fee6
hooks: fixcall_extra
extra methods getting ordered before everything else4577b45
hooks: add comment describing_hookimpls
's format/invariants.13b3661
AddPluginManager.unblock
method to unblock a name4b5b2d4
CHANGELOG: fix errors in 1.0.0 entryUpdates
pydantic
from 2.5.3 to 2.6.3Release notes
Sourced from pydantic's releases.
... (truncated)
Changelog
Sourced from pydantic... _Description has been truncated_