This release switches to modern Python packaging tools, drops compatibility for some seriously outdated environments, and improves Amazon SES and inbound Postmark handling.
Please see the Changelog for breaking changes and other details.
* **Brevo:** Add support for batch sending
(`docs <https://anymail.dev/en/stable/esps/brevo/#batch-sending-merge-and-esp-templates>`__).
Resend: Add support for batch sending
(docs <https://anymail.dev/en/stable/esps/resend/#batch-sending-merge-and-esp-templates>__).
Unisender Go: Newly supported ESP
(docs <https://anymail.dev/en/stable/esps/unisender_go/>__).
(Thanks to @Arondit_ for the implementation.)
Fixes
* **Mailgun:** Avoid an error when Mailgun posts null delivery-status
to the event tracking webhook. (Thanks to `@izimobil`_ for the fix.)
Deprecations
</code></pre>
<ul>
<li><strong>Brevo (SendinBlue):</strong> Rename "SendinBlue" to "Brevo" throughout
Anymail's code, reflecting their rebranding.
This affects the email backend path, settings names, and webhook URLs.
The old names will continue to work for now, but are deprecated. See
<code>Updating code from SendinBlue to Brevo <https://anymail.dev/en/stable/esps/brevo/#brevo-rename></code>__
for details.</li>
</ul>
<h2>v10.2</h2>
<p><em>2023-10-25</em></p>
<p>Features</p>
<pre><code>
* **Resend**: Add support for this ESP
(`docs <https://anymail.dev/en/stable/esps/resend/>`__).
Fixes
This feature release adds support for PEP 728 (TypedDict with extra
items) and PEP 742 (TypeIs).
There are no changes since 4.10.0rc1.
4.10.0rc1
Release 4.10.0rc1 (February 17, 2024)
Add support for PEP 728, supporting the closed keyword argument and the
special __extra_items__ key for TypedDict. Patch by Zixuan James Li.
Add support for PEP 742, adding typing_extensions.TypeIs. Patch
by Jelle Zijlstra.
Drop runtime error when a read-only TypedDict item overrides a mutable
one. Type checkers should still flag this as an error. Patch by Jelle
Zijlstra.
Speedup issubclass() checks against simple runtime-checkable protocols by
around 6% (backporting python/cpython#112717, by Alex
Waygood).
Fix a regression in the implementation of protocols where typing.Protocol
classes that were not marked as @runtime_checkable would be unnecessarily
introspected, potentially causing exceptions to be raised if the protocol had
problematic members. Patch by Alex Waygood, backporting
python/cpython#113401.
4.9.0
This feature release adds typing_extensions.ReadOnly, as specified
by PEP 705, and makes various other improvements, especially to
@typing_extensions.deprecated().
There are no changes since 4.9.0rc1.
4.9.0rc1
Add support for PEP 705, adding typing_extensions.ReadOnly. Patch
by Jelle Zijlstra.
All parameters on NewType.__call__ are now positional-only. This means that
the signature of typing_extensions.NewType.__call__ now exactly matches the
signature of typing.NewType.__call__. Patch by Alex Waygood.
Fix bug with using @deprecated on a mixin class. Inheriting from a
deprecated class now raises a DeprecationWarning. Patch by Jelle Zijlstra.
@deprecated now gives a better error message if you pass a non-str
argument to the msg parameter. Patch by Alex Waygood.
@deprecated is now implemented as a class for better introspectability.
Patch by Jelle Zijlstra.
Exclude __match_args__ from Protocol members.
Backport of python/cpython#110683 by Nikita Sobolev.
When creating a typing_extensions.NamedTuple class, ensure __set_name__
is called on all objects that define __set_name__ and exist in the values
This feature release adds support for PEP 728 (TypedDict with extra
items) and PEP 742 (TypeIs).
There are no changes since 4.10.0rc1.
Release 4.10.0rc1 (February 17, 2024)
Add support for PEP 728, supporting the closed keyword argument and the
special __extra_items__ key for TypedDict. Patch by Zixuan James Li.
Add support for PEP 742, adding typing_extensions.TypeIs. Patch
by Jelle Zijlstra.
Drop runtime error when a read-only TypedDict item overrides a mutable
one. Type checkers should still flag this as an error. Patch by Jelle
Zijlstra.
Speedup issubclass() checks against simple runtime-checkable protocols by
around 6% (backporting python/cpython#112717, by Alex
Waygood).
Fix a regression in the implementation of protocols where typing.Protocol
classes that were not marked as @runtime_checkable would be unnecessarily
introspected, potentially causing exceptions to be raised if the protocol had
problematic members. Patch by Alex Waygood, backporting
python/cpython#113401.
Release 4.9.0 (December 9, 2023)
This feature release adds typing_extensions.ReadOnly, as specified
by PEP 705, and makes various other improvements, especially to
@typing_extensions.deprecated().
There are no changes since 4.9.0rc1.
Release 4.9.0rc1 (November 29, 2023)
Add support for PEP 705, adding typing_extensions.ReadOnly. Patch
by Jelle Zijlstra.
All parameters on NewType.__call__ are now positional-only. This means that
the signature of typing_extensions.NewType.__call__ now exactly matches the
signature of typing.NewType.__call__. Patch by Alex Waygood.
Fix bug with using @deprecated on a mixin class. Inheriting from a
deprecated class now raises a DeprecationWarning. Patch by Jelle Zijlstra.
@deprecated now gives a better error message if you pass a non-str
argument to the msg parameter. Patch by Alex Waygood.
@deprecated is now implemented as a class for better introspectability.
Patch by Jelle Zijlstra.
Exclude __match_args__ from Protocol members.
Backport of python/cpython#110683 by Nikita Sobolev.
When creating a typing_extensions.NamedTuple class, ensure __set_name__
is called on all objects that define __set_name__ and exist in the values
urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.
Thank you for your support.
Changes
Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. (#3331)
Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. (#3343)
Changed ProtocolError to InvalidChunkLength when response terminates before the chunk length is sent. (#2860)
Changed ProtocolError to be more verbose on incomplete reads with excess content. (#3261)
Thanks to Joe Marshall (@joemarshall) for contributing this feature. This change was possible thanks to work done in urllib3 v2.0 to detach our API from http.client. Please report all bugs to the urllib3 issue tracker.
🚀 urllib3 is fundraising for HTTP/2 support
urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.
Thank you for your support.
Changes
Added support for Emscripten and Pyodide, including streaming support in cross-origin isolated browser environments where threading is enabled. (#2951)
Added support for HTTPResponse.read1() method. (#3186)
Fixed issue where requests against urls with trailing dots were failing due to SSL errors
when using proxy. (#2244)
Fixed HTTPConnection.proxy_is_verified and HTTPSConnection.proxy_is_verified to be always set to a boolean after connecting to a proxy. It could be None in some cases previously. (#3130)
Fixed an issue where headers passed in a request with json= would be mutated (#3203)
Fixed HTTPSConnection.is_verified to be set to False when connecting from a HTTPS proxy to an HTTP target. It was set to True previously. (#3267)
Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (#3268)
Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (#3325)
Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the --integration pytest flag. (#3181)
2.1.0
Read the v2 migration guide for help upgrading to the latest version of urllib3.
Removals
Removed support for the deprecated urllib3[secure] extra. (#2680)
Removed support for the deprecated SecureTransport TLS implementation. (#2681)
Removed support for the end-of-life Python 3.7. (#3143)
Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. ([#3331](https://github.com/urllib3/urllib3/issues/3331) <https://github.com/urllib3/urllib3/issues/3331>__)
Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. ([#3343](https://github.com/urllib3/urllib3/issues/3343) <https://github.com/urllib3/urllib3/issues/3343>__)
Changed InvalidChunkLength to ProtocolError when response terminates before the chunk length is sent. ([#2860](https://github.com/urllib3/urllib3/issues/2860) <https://github.com/urllib3/urllib3/issues/2860>__)
Changed ProtocolError to be more verbose on incomplete reads with excess content. ([#3261](https://github.com/urllib3/urllib3/issues/3261) <https://github.com/urllib3/urllib3/issues/3261>__)
2.2.0 (2024-01-30)
Added support for Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html>, including streaming support in cross-origin isolated browser environments where threading is enabled. ([#2951](https://github.com/urllib3/urllib3/issues/2951) <https://github.com/urllib3/urllib3/issues/2951>)
Added support for HTTPResponse.read1() method. ([#3186](https://github.com/urllib3/urllib3/issues/3186) <https://github.com/urllib3/urllib3/issues/3186>__)
Added rudimentary support for HTTP/2. ([#3284](https://github.com/urllib3/urllib3/issues/3284) <https://github.com/urllib3/urllib3/issues/3284>__)
Fixed issue where requests against urls with trailing dots were failing due to SSL errors
when using proxy. ([#2244](https://github.com/urllib3/urllib3/issues/2244) <https://github.com/urllib3/urllib3/issues/2244>__)
Fixed HTTPConnection.proxy_is_verified and HTTPSConnection.proxy_is_verified
to be always set to a boolean after connecting to a proxy. It could be
None in some cases previously. ([#3130](https://github.com/urllib3/urllib3/issues/3130) <https://github.com/urllib3/urllib3/issues/3130>__)
Fixed an issue where headers passed in a request with json= would be mutated ([#3203](https://github.com/urllib3/urllib3/issues/3203) <https://github.com/urllib3/urllib3/issues/3203>__)
Fixed HTTPSConnection.is_verified to be set to False when connecting
from a HTTPS proxy to an HTTP target. It was set to True previously. ([#3267](https://github.com/urllib3/urllib3/issues/3267) <https://github.com/urllib3/urllib3/issues/3267>__)
Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS ([#3268](https://github.com/urllib3/urllib3/issues/3268) <https://github.com/urllib3/urllib3/issues/3268>__)
Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled ([#3325](https://github.com/urllib3/urllib3/issues/3325) <https://github.com/urllib3/urllib3/issues/3325>__)
Note for downstream distributors: To run integration tests, you now need to run the tests a second
time with the --integration pytest flag. ([#3181](https://github.com/urllib3/urllib3/issues/3181) <https://github.com/urllib3/urllib3/issues/3181>__)
2.1.0 (2023-11-13)
Removed support for the deprecated urllib3[secure] extra. ([#2680](https://github.com/urllib3/urllib3/issues/2680) <https://github.com/urllib3/urllib3/issues/2680>__)
Removed support for the deprecated SecureTransport TLS implementation. ([#2681](https://github.com/urllib3/urllib3/issues/2681) <https://github.com/urllib3/urllib3/issues/2681>__)
Removed support for the end-of-life Python 3.7. ([#3143](https://github.com/urllib3/urllib3/issues/3143) <https://github.com/urllib3/urllib3/issues/3143>__)
Allowed loading CA certificates from memory for proxies. ([#3065](https://github.com/urllib3/urllib3/issues/3065) <https://github.com/urllib3/urllib3/issues/3065>__)
Fixed decoding Gzip-encoded responses which specified x-gzip content-encoding. ([#3174](https://github.com/urllib3/urllib3/issues/3174) <https://github.com/urllib3/urllib3/issues/3174>__)
2.0.7 (2023-10-17)
Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
2.0.6 (2023-10-02)
Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.
* Fix: CVE-2023-45809: Disclosure of user names via admin bulk action views (Matt Westcott)
5.0.4 (04.10.2023)
Maintenance: Relax Willow / Pillow dependency to allow use of current Pillow versions with security fixes (Dan Braghis)
5.0.3 (25.09.2023)
* Fix: Avoid use of `ignore_conflicts` when creating extra permissions for snippets, for SQL Server compatibility (Sage Abdullah)
* Fix: Ensure sequence on `wagtailsearchpromotions_query` table is correctly set after migrating data (Jake Howard)
* Fix: Update Pillow dependency to 9.1.0 (Daniel Kirkham)
5.0.2 (21.06.2023)
Added TitleFieldPanel to support title / slug field synchronization (LB (Ben) Johnston)
Fix: Prevent JS error when reverting the spinner on a submit button after a validation error (LB (Ben) Johnston)
Fix: Prevent crash when comparing page revisions that include MultipleChooserPanel (Matt Westcott)
Fix: Ensure that title and slug continue syncing after entering non-URL-safe characters (LB (Ben) Johnston)
Fix: Ensure that title and slug are synced on keypress, not just on blur (LB (Ben) Johnston)
Fix: Add a more visible active state for side panel toggle buttons (Thibaud Colas)
Fix: Use custom dark theme colors for revision comparisons (Thibaud Colas)
5.0.1 (25.05.2023)
* Fix: Rectify previous fix for TableBlock becoming uneditable after save (Sage Abdullah)
* Fix: Ensure that copying page correctly picks up the latest revision (Matt Westcott)
* Fix: Ensure comment buttons always respect `WAGTAILADMIN_COMMENTS_ENABLED` (Thibaud Colas)
* Fix: Fix error when deleting a single snippet through the bulk actions interface (Sage Abdullah)
* Fix: Pass the correct `for_update` value for `get_form_class` in `SnippetViewSet` edit views (Sage Abdullah)
* Fix: Move comment notifications toggle to the comments side panel (Sage Abdullah)
* Fix: Remove comment button on InlinePanel fields (Sage Abdullah)
* Fix: Fix missing link to `UsageView` from `EditView` for snippets (Christer Jensen)
* Fix: Prevent lowercase conversions of IndexView column headers (Virag Jain)
* Fix: Fix various color issues in dark mode (Thibaud Colas)
* Docs: Update documentation for `log_action` parameter on `RevisionMixin.save_revision` (Christer Jensen)
5.0 (02.05.2023)
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/wagtail/wagtail/commit/429dec0f1e7ca2b59354564a84b21d84cf9a2d5a"><code>429dec0</code></a> Add 5.0.5 release note page</li>
<li><a href="https://github.com/wagtail/wagtail/commit/664f2e914aefedc8073dc6e85bac0761efef9017"><code>664f2e9</code></a> Version bump to 5.0.5</li>
<li><a href="https://github.com/wagtail/wagtail/commit/8cae3f09c2b14ea757667b0e049f6b60bbe40ba8"><code>8cae3f0</code></a> Release note for CVE-2023-45809 in 5.0.5</li>
<li><a href="https://github.com/wagtail/wagtail/commit/c94056432827e217dc704c5965728be46853b90b"><code>c940564</code></a> Release note for CVE-2023-45809 in 4.1.9</li>
<li><a href="https://github.com/wagtail/wagtail/commit/2231f462c75dfe84307fb40577e8c2109a23b27e"><code>2231f46</code></a> Redirect away from user bulk actions when user has no permissions on users</li>
<li><a href="https://github.com/wagtail/wagtail/commit/739588b4282ad982fe41b3549354551e7122be51"><code>739588b</code></a> Fix changelog for django-filter upgrade in 4.0</li>
<li><a href="https://github.com/wagtail/wagtail/commit/79b7721cd1afabdf8ea69c9e5fa78958a6adb108"><code>79b7721</code></a> Version bump to 5.0.4</li>
<li><a href="https://github.com/wagtail/wagtail/commit/bb225ffb24ecf032fb51c4a33f0b68d5e2460f1c"><code>bb225ff</code></a> Release note for <a href="https://redirect.github.com/wagtail/wagtail/issues/10989">#10989</a> in 5.0.4</li>
<li><a href="https://github.com/wagtail/wagtail/commit/da2cf662a74ddbc303bb1bcac0fc96279037f760"><code>da2cf66</code></a> Update RTD configuration file to v2</li>
<li><a href="https://github.com/wagtail/wagtail/commit/e1e42722d60231d48daa504715b11ed100068e23"><code>e1e4272</code></a> Update Pillow/Willow dependencies to allow Pillow 10.0.1</li>
<li>Additional commits viewable in <a href="https://github.com/wagtail/wagtail/compare/v4.1.9...v5.0.5">compare view</a></li>
</ul>
</details>
<br />
Updates `whitenoise` from 6.3.0 to 6.6.0
Changelog
Changed documentation site URL from https://whitenoise.evans.io/ to https://whitenoise.readthedocs.io/.
6.4.0 (2023-02-25)
Support Django 4.2.
Remove further support for byte strings from the root and prefix arguments to WhiteNoise, and Django’s STATIC_ROOT setting.
Like in the previous release, this seems to be a remnant of Python 2 support.
Again, this change may be backwards incompatible for a small number of projects, but it’s unlikely.
Django does not support STATIC_ROOT being a byte string.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Bumps the dependencies group in /requirements with 14 updates:
9.0
10.3
4.2.0
4.3.0
3.6.0
3.8.0
0.21.1
1.0.1
4.6.3
4.10.0
1.26.18
2.2.1
4.1.9
5.0.5
6.3.0
6.6.0
7.3.0
7.4.1
1.40.0
1.42.0
3.6.0
3.7.0
4.7.0
4.8.0
3.12.0
3.14.0
0.4.3
0.4.4
Updates
django-anymail
from 9.0 to 10.3Release notes
Sourced from django-anymail's releases.
Changelog
Sourced from django-anymail's changelog.
... (truncated)
Commits
fc1bd14
Release 10.3948ab2b
Brevo: SendinBlue compatibilityc7ee59c
Brevo: Rename SendinBlue to Brevo14d4516
Unisender Go: fix integration teste758579
Docs: fix list spacing5949069
Mailgun: fix webhook error with null delivery-statusa71a0d9
Unisender Go: new ESPa2c0ed6
Docs: fix broken links in search results706fce6
Resend: support batch sendd2c5628
Docs: update Brevo feature matrixUpdates
django-debug-toolbar
from 4.2.0 to 4.3.0Release notes
Sourced from django-debug-toolbar's releases.
Changelog
Sourced from django-debug-toolbar's changelog.
Commits
0b59e24
Version 4.3.00e7711e
1843 new ajax request reset's whole view if history panel is enabled (#1872)22df01c
The djdt handle shouldn't be stuck at the top of the browser window initially...77aa47a
pre-commit-config: Upgrade ruff (#1869)7731cd2
Configure ESLint using a JS file instead of JSON (#1868)075d38b
[pre-commit.ci] pre-commit autoupdate (#1866)6e9ce48
Refactor is_project_func method for Windows compatibility (#1857)fb16de1
[pre-commit.ci] pre-commit autoupdate (#1864)be989d2
Fix #1860 -- Update GitHub action versions (#1861)6ff1dd1
Enable the temporary workaround for https://github.com/prettier/prettier/issu...Updates
django-tailwind
from 3.6.0 to 3.8.0Changelog
Sourced from django-tailwind's changelog.
Commits
4ba9107
Releases v3.8.03dbde87
Upgrades Tailwind CSS to v3.4628f962
Fixes readthedocs deps6c44995
Create requirements.txt41f800d
Create .readthedocs.yaml4e3ad4d
Releases v3.7.0b00dacb
Updates Dockerfilec7d4e06
Updates Django 3.2LTS min versionb3ced77
Drops Python 3.9 support4d7a815
Drops Python 3.9 supportUpdates
python-dotenv
from 0.21.1 to 1.0.1Release notes
Sourced from python-dotenv's releases.
Changelog
Sourced from python-dotenv's changelog.
Commits
d6c0b96
Bumpversion 1.0.0 -> 1.0.142dc086
Update changelog for 1.0.1b1eebba
Add python 3.12 and pypy3.10 to test runner6ff1391
Fix temporary file is deleted before closing, in the rewrite function (#468)0b94ac0
Allow modules using load_dotenv to be reloaded when launched in a separate th...3ffcef6
Use https in README links (#474)be96be2
Use pathlib.Path in tests (#466)137bc3d
Gracefully handle code which has been imported from a zipfile (#456)dd1af68
FIx year in release in changelog (#453)d0684d1
Bump version: 0.21.1 → 1.0.0Updates
typing-extensions
from 4.6.3 to 4.10.0Release notes
Sourced from typing-extensions's releases.
... (truncated)
Changelog
Sourced from typing-extensions's changelog.
... (truncated)
Commits
ed81f2b
Prepare release 4.10.0 (#343)06b23e3
Release 4.10.0rc1 (#340)b7bf949
Add support for PEP 728 (#329)9f040ab
Fix changelog entry and mutable_keys tracking for PEP 705 (#334)566e01e
Add support for TypeIs (PEP 742) (#330)d6c50f5
Drop runtime error in PEP 705 implementation (#333)ff530f5
Update GitHub Actions versions (#332)05ffab5
Catch a deprecation warning on Python 3.13 (#331)69b48c3
Fix display of TypedDict.readonly_keys (#328)004b893
Backport recent improvements to the implementation ofProtocol
(#324)Updates
urllib3
from 1.26.18 to 2.2.1Release notes
Sourced from urllib3's releases.
... (truncated)
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
54d6edf
Release 2.2.149b2dda
Stop casting request headers to HTTPHeaderDict (#3344)e22f651
Fix docstring of retries parameterfa54179
Distinguish between truncated and excess content in response (#3273)cfe52f9
Fix InsecureRequestWarning for HTTPS Emscripten requests (#3333)25155d7
Ensure no remote connections during testing (#3328)12f9233
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (#3340)9929d3c
Add nox session to start local Pyodide consoleaa8d3dd
Fix ssl_version tests for upcoming migration to pytest 823f2287
Remove TODO about informational responses (#3319)Updates
wagtail
from 4.1.9 to 5.0.5Release notes
Sourced from wagtail's releases.
... (truncated)
Changelog
Sourced from wagtail's changelog.
@dependabot rebase
Going to test on staging