search

cisagov / gophish-tools

Helpful tools for interacting with a GoPhish phishing instance
Creative Commons Zero v1.0 Universal
42 stars 6 forks source link

Bump prompt-toolkit from 3.0.28 to 3.0.43 #140

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 10 months ago

Bumps prompt-toolkit from 3.0.28 to 3.0.43.

Release notes

Sourced from prompt-toolkit's releases.

3.0.43

Fixes regression from 3.0.42:

  • Fix regression on Pypy: Don't use ctypes.pythonapi to restore SIGINT if not available.

Other changes from 3.0.42:

  • Fix line wrapping in patch_stdout on Windows.
  • Make formatted_text.split_lines() accept an iterable instead of lists only.
  • Disable the IPython workaround (from 3.0.41) for IPython >= 8.18.
  • Restore signal.SIGINT handler between prompts
Changelog

Sourced from prompt-toolkit's changelog.

3.0.43: 2023-12-13

Fixes:

  • Fix regression on Pypy: Don't use ctypes.pythonapi to restore SIGINT if not available.

3.0.42: 2023-12-12

Fixes:

  • Fix line wrapping in patch_stdout on Windows.
  • Make formatted_text.split_lines() accept an iterable instead of lists only.
  • Disable the IPython workaround (from 3.0.41) for IPython >= 8.18.
  • Restore signal.SIGINT handler between prompts.

3.0.41: 2023-11-14

Fixes:

  • Fix regression regarding IPython input hook (%gui) integration.

3.0.40: 2023-11-10

Fixes:

  • Improved Python 3.12 support (fixes event loop DeprecationWarning).

New features:

  • Vi key bindings: control-t and control-d for indent/unindent in insert mode.
  • Insert partial suggestion when control+right is pressed, similar to Fish.
  • Use sphinx-nefertiti theme for the docs.

3.0.39: 2023-07-04

Fixes:

  • Fix RuntimeError when __breakpointhook__ is called from another thread.
  • Fix memory leak in filters usage.
  • Ensure that key bindings are handled in the right context (when using contextvars).

New features:

  • Accept in_thread keyword in prompt_toolkit.shortcuts.prompt().
  • Support the NO_COLOR environment variable.

... (truncated)

Commits
  • 4432d62 Release 3.0.43
  • 6a24c99 Fix for pypy: don't use pythonapi on pypy.
  • 1c6d094 Use Coroutine instead of Awaitable in type annotations where possible.
  • 87d0107 Release 3.0.42
  • 6a4e6dd Fix example for progress bar with custom iterable
  • be4ccdf Restore signal.SIGINT handler between prompts
  • 6e4ca6e Disable workaround for ipython >= 8.18
  • e2e75c0 Make formatted_text.split_lines accept an iterable (type annotation only).
  • 55cde3e Fix line wrapping in patch_stdout on Windows.
  • 857af14 Code formatting fixes.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
jsf9k commented 10 months ago

The failing tests are just two Coveralls percentage decreases, so I think this PR is OK to merge despite them.

dv4harr10 commented 10 months ago

Hi Team, I noticed one issue: certificate verification has been explicitly disabled (verify=false) @ src/tools/gophish_complete.py line 135; this permits insecure connections to insecure servers. Therefore, we should re-enable certification validation. Thanks

dav3r commented 10 months ago

Hi Team, I noticed one issue: certificate verification has been explicitly disabled (verify=false) @ src/tools/gophish_complete.py line 135; this permits insecure connections to insecure servers. Therefore, we should re-enable certification validation. Thanks

@dv4harr10 There is already a comment in the code about this: https://github.com/cisagov/gophish-tools/blob/d53360532d6ac1c9196b59615255ad652a071a33/src/tools/gophish_complete.py#L133-L135 However, feel free to create an issue in this repository about this and we will see if anything can be done.