search

codacy / codacy-pylint-python3

Pylint tool for Codacy
Other
0 stars 6 forks source link

build(deps): bump jsonpickle from 3.0.3 to 3.3.0 #226

Open dependabot[bot] opened 2 months ago

dependabot[bot] commented 2 months ago

Bumps jsonpickle from 3.0.3 to 3.3.0.

Changelog

Sourced from jsonpickle's changelog.

v3.3.0

* The unpickler was updated to avoid using ``eval``, which helps improve its
  security. Users can still pass ``safe=False`` to ``decode`` to use the old
  behavior, though this is not recommended. (+513)
* Objects can now exclude specific attributes from pickling by providing a
  ``_jsonpickle_exclude`` class or instance attribute. This attribute should contain
  the list of attribute names to exclude when pickling the object.

v3.2.2

* A bug with the incorrect (de)serialization of NoneType objects has been fixed.
  (+507)
* ``tests/benchmark.py`` was updated to avoid Python 2 syntax. (+508)
* The unpickler was updated to avoid creating temporary functions. (+508)
* Some basic scripts have been made to analyze benchmark results. (+511)
* Fix test suite compatibility with Numpy 2.x (+512)
* `setup.cfg` was updated to use `license_files` instead of `license_file`.

v3.2.1

* The ``ignorereserved`` parameter to the private ``_restore_from_dict()``
  function has been restored for backwards compatibility. (+501)

v3.2.0

* Nested dictionaries in `py/state` are now correctly restored when
  tracking object references. (+501) ([#500](https://github.com/jsonpickle/jsonpickle/issues/500))

v3.1.0

* `jsonpickle.ext.numpy.register_handlers` now provides options that are forwarded
  to the `NumpyNDArrayHandler` constructor. (+489)
* Fix bug of not handling ``classes`` argument to `jsonpickle.decode`
  being a dict. Previously, the keys were ignored and only values were
  used. (+494)
* Allow the ``classes`` argument to `jsonpickle.pickle` to have class
  objects as keys. This extends the current functionality of only having
  class name strings as keys. (+494)
* The ``garden setup/dev`` action and ``requirements-dev.txt`` requirements file
  now include test dependencies for use during development.
* Added support for Python 3.13. (+505) ([#504](https://github.com/jsonpickle/jsonpickle/issues/504))

v3.0.4

* Fixed an issue with django.SafeString and other classes inheriting from
  str having read-only attribute errors ([#478](https://github.com/jsonpickle/jsonpickle/issues/478)) (+481)
* The test suite was made compatible with `pytest-ruff>=0.3.0`. (+482)
* A `garden.yaml` file was added for use with the
  `garden <https://crates.io/crates/garden-tools>_` command runner. (+486)

... (truncated)

Commits
  • b19dc3f Merge pull request #517 from dwagon/exclude_attr
  • 20f7565 CHANGES: add a changelog entry for _jsonpickle_exclude
  • 0b6b60e pickler: exclude attributes using _jsonpickle_exclude
  • 56f026a garden: add a remote for dwagon
  • c4a2c17 Remove unused variable to fix Ruff tests (#520)
  • e4ff8c1 ci: remove github action that creates commits (#518)
  • 5ddca3d Add Usage section to README (#516)
  • d0ab378 unpickler: fix the warning syntax and remove the premature deprecation comment
  • c60ce65 Describe alternative to eval-removal in 3.3.0
  • 3c6a825 unpickler: avoid use of eval() in loadrepr (#513)
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] commented 2 months ago

Sorry, only users with push access can use that command.