search

freedomofpress / securedrop-dev-docs

SecureDrop Developer Documentation
Other
5 stars 3 forks source link

Bump the dependencies group across 1 directory with 7 updates #194

Closed dependabot[bot] closed 4 weeks ago

dependabot[bot] commented 1 month ago

Bumps the dependencies group with 7 updates in the / directory:

Package From To
sphinx-autobuild 2024.2.4 2024.10.3
sphinx-rtd-theme 2.0.0 3.0.1
charset-normalizer 3.3.2 3.4.0
docutils 0.20.1 0.21.2
idna 3.8 3.10
markupsafe 2.1.5 3.0.1
urllib3 2.2.2 2.2.3

Updates sphinx-autobuild from 2024.2.4 to 2024.10.3

Release notes

Sourced from sphinx-autobuild's releases.

Release 2024.10.03

2024.10.03

Release 2024.10.02

2024.10.02

Release 2024.09.19

2024.09.19

Release 2024.09.18

2024.09.18

Release 2024.09.17

2024.09.17

Release 2024.09.03

2024.09.03

Release 2024.04.16

2024.04.16

Release 2024.04.13

2024.04.13

Changelog

Sourced from sphinx-autobuild's changelog.

Changelog

unreleased

2024.10.03 - 2024-10-03

  • Improve error handling for failures in pre-build commands.

2024.10.02 - 2024-10-02

  • Show the changed paths that triggered the rebuild.

2024.09.19 - 2024-09-19

  • Fix path filtering on Windows by normalising path separators.
  • Filter various directories by default (.git, venv, etc).
  • Serve the correct directory when using make mode (-M).

2024.09.18 - 2024-09-18

  • Run Sphinx through the Python entry point rather than the binary on PATH.

2024.09.17 - 2024-09-17

  • Relax checks for paths that aren't required to exist.

2024.09.03 - 2024-09-03

  • Fix support for Python 3.9.
  • Fix running sphinx-autobuild via entry point scripts.
  • Run sphinx-build in a subprocess to mitigate autdoc issues.
  • Support the -M 'make mode' option for sphinx-build.

2024.04.16 - 2024-04-16

  • Add a missing dependency on watchfiles.
  • Adopt Ruff in place of flake8 and black.

2024.04.13 - 2024-04-13

... (truncated)

Commits
  • 86e2f37 Release 2024.10.03
  • 1771311 Improve handling for errors in pre-build commands (#181)
  • 5eedf72 Release 2024.10.02
  • 1743a43 Show which paths changed when rebuilding
  • 028cf60 Add missing from __future__ import annotations imports
  • f3146c1 Use -m sphinx build if supported
  • 49457de fixup! Fix path filtering on Windows
  • 2e4e6f7 Split show() into show_message() and show_command()
  • 829ec71 Restrict the release workflow to the @​sphinx-doc organisation
  • 4552a5f Release 2024.09.19
  • Additional commits viewable in compare view


Updates sphinx-rtd-theme from 2.0.0 to 3.0.1

Changelog

Sourced from sphinx-rtd-theme's changelog.

3.0.1

  • Use black color for text in selectors.

.. _release-3.0.0:

3.0.0

Final version.

.. _release-3.0.0rc4:

3.0.0rc4

Fixes

  • Trigger "Read the Docs Search addon" when focusing the "Search docs" input in the navbar.

.. _release-3.0.0rc3:

3.0.0rc3

Fixes

  • Show hidden version in selector if it's the current active version

.. _release-3.0.0rc2:

3.0.0rc2

Added

  • Render version and language selectors below the documentation's title (top left). This can be controlled via the new theme options version_selector and language_selector.

.. _release-3.0.0rc1:

3.0.0rc1

Added

... (truncated)

Commits


Updates charset-normalizer from 3.3.2 to 3.4.0

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.0

🚀 charset-normalizer is raising awareness around HTTP/2, and HTTP/3!

Did you know that Internet Explorer 11 shipped with an optional HTTP/2 support back in 2013? also libcurl did ship it in 2014[...] All of this while our community is still struggling to make a firm advancement in HTTP clients. Now, many of you use Requests as the defacto http client, now, and for many years now, Requests has been frozen. Being left in a vegetative state and not evolving, this blocked millions of developers from using more advanced features.

We promptly invite Python developers to look at the drop-in replacement for Requests, namely Niquests. It leverage charset-normalizer in a better way! Check it out, you will be positively surprised! Don't wait another decade.

We are thankful to @​microsoft and involved parties for funding our work through the Microsoft FOSS Fund program.

3.4.0 (2024-10-08)

Added

  • Argument --no-preemptive in the CLI to prevent the detector to search for hints.
  • Support for Python 3.13 (#512)

Fixed

  • Relax the TypeError exception thrown when trying to compare a CharsetMatch with anything else than a CharsetMatch.
  • Improved the general reliability of the detector based on user feedbacks. (#520) (#509) (#498) (#407) (#537)
  • Declared charset in content (preemptive detection) not changed when converting to utf-8 bytes. (#381)
Changelog

Sourced from charset-normalizer's changelog.

3.4.0 (2024-10-08)

Added

  • Argument --no-preemptive in the CLI to prevent the detector to search for hints.
  • Support for Python 3.13 (#512)

Fixed

  • Relax the TypeError exception thrown when trying to compare a CharsetMatch with anything else than a CharsetMatch.
  • Improved the general reliability of the detector based on user feedbacks. (#520) (#509) (#498) (#407) (#537)
  • Declared charset in content (preemptive detection) not changed when converting to utf-8 bytes. (#381)
Commits
  • f3118e3 :wrench: change download/upload artifact version to last working version
  • 33e67e8 :wrench: set compile-generator in generator_generic_slsa3 action
  • 73dd24c :wrench: add explicit build deps to setuptools
  • 78f1e9b :wrench: attempt to fix cd.yml *3
  • 56ae702 :wrench: attempt to fix cd.yml *2
  • 9720055 :wrench: attempt to fix cd.yml (macos part)
  • 1e10d06 Update CHANGELOG.md
  • 36c103a :bookmark: Release 3.4.0 (#545)
  • 7658dfc :arrow_up: Bump github/codeql-action from 3.26.11 to 3.26.12 (#544)
  • ca2535d :arrow_up: Bump github/codeql-action from 3.26.9 to 3.26.11 (#542)
  • Additional commits viewable in compare view


Updates docutils from 0.20.1 to 0.21.2

Updates idna from 3.8 to 3.10

Changelog

Sourced from idna's changelog.

3.10 (2024-09-15) +++++++++++++++++

  • Reverted to Unicode 15.1.0 data. Unicode 16 has some significant changes to UTS46 processing that will require more work to properly implement.

3.9 (2024-09-13) ++++++++++++++++

  • Update to Unicode 16.0.0
  • Deprecate setup.cfg in favour of pyproject.toml
  • Use ruff for code formatting

Thanks to Waket Zheng for contributions to this release.

Commits


Updates markupsafe from 2.1.5 to 3.0.1

Release notes

Sourced from markupsafe's releases.

3.0.1

This is the MarkupSafe 3.0.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/MarkupSafe/3.0.1/ Changes: https://markupsafe.palletsprojects.com/page/changes/#version-3-0-1 (pending a fix to the docs build) Milestone: https://github.com/pallets/markupsafe/milestone/13?closed=1

  • Address compiler warnings that became errors in GCC 14. #466
  • Fix compatibility with proxy objects. #467

3.0.0

This is the MarkupSafe 3.0.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. The 3.0.x branch is now the supported fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/MarkupSafe/3.0.0/ Changes: https://markupsafe.palletsprojects.com/page/changes/#version-3-0-0 (pending a fix to the docs build) Milestone: https://github.com/pallets/markupsafe/milestone/10?closed=1

  • Support Python 3.13 and its experimental free-threaded build. #461
  • Drop support for Python 3.7 and 3.8.
  • Use modern packaging metadata with pyproject.toml instead of setup.cfg. #348
  • Change distutils imports to setuptools. #399
  • Use deferred evaluation of annotations. #400
  • Update signatures for Markup methods to match str signatures. Use positional-only arguments. #400
  • Some str methods on Markup no longer escape their argument: strip, lstrip, rstrip, removeprefix, removesuffix, partition, and rpartition; replace only escapes its new argument. These methods are conceptually linked to search methods such as in, find, and index, which already do not escape their argument. #401
  • The __version__ attribute is deprecated. Use feature detection, or importlib.metadata.version("markupsafe"), instead. #402
  • Speed up escaping plain strings by 40%. #434
  • Simplify speedups implementation. #437
Changelog

Sourced from markupsafe's changelog.

Version 3.0.1

Released 2024-10-08

  • Address compiler warnings that became errors in GCC 14. :issue:466
  • Fix compatibility with proxy objects. :issue:467

Version 3.0.0

Released 2024-10-07

  • Support Python 3.13 and its experimental free-threaded build. :pr:461
  • Drop support for Python 3.7 and 3.8.
  • Use modern packaging metadata with pyproject.toml instead of setup.cfg. :pr:348
  • Change distutils imports to setuptools. :pr:399
  • Use deferred evaluation of annotations. :pr:400
  • Update signatures for Markup methods to match str signatures. Use positional-only arguments. :pr:400
  • Some str methods on Markup no longer escape their argument: strip, lstrip, rstrip, removeprefix, removesuffix, partition, and rpartition; replace only escapes its new argument. These methods are conceptually linked to search methods such as in, find, and index, which already do not escape their argument. :issue:401
  • The __version__ attribute is deprecated. Use feature detection, or importlib.metadata.version("markupsafe"), instead. :pr:402
  • Speed up escaping plain strings by 40%. :pr:434
  • Simplify speedups implementation. :pr:437
Commits


Updates urllib3 from 2.2.2 to 2.2.3

Release notes

Sourced from urllib3's releases.

2.2.3

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Features

  • Added support for Python 3.13. (#3473)

Bugfixes

  • Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1. All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. (#3053)
  • Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting python/cpython#103472. (`#3252)
  • Adjust tolerance for floating-point comparison on Windows to avoid flakiness in CI (#3413)
  • Fixed a crash where certain standard library hash functions were absent in restricted environments. (#3432)
  • Fixed mypy error when adding to HTTPConnection.default_socket_options. (#3448)

HTTP/2 (experimental)

HTTP/2 support is still in early development.

  • Excluded Transfer-Encoding: chunked from HTTP/2 request body (#3425)
  • Added version checking for h2 (https://pypi.org/project/h2/) usage. Now only accepting supported h2 major version 4.x.x. (#3290)
  • Added a probing mechanism for determining whether a given target origin supports HTTP/2 via ALPN. (#3301)
  • Add support for sending a request body with HTTP/2 (#3302)

Full Changelog: https://github.com/urllib3/urllib3/compare/2.2.2...2.2.3

Changelog

Sourced from urllib3's changelog.

2.2.3 (2024-09-12)

Features

  • Added support for Python 3.13. ([#3473](https://github.com/urllib3/urllib3/issues/3473) <https://github.com/urllib3/urllib3/issues/3473>__)

Bugfixes

  • Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1. All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. ([#3053](https://github.com/urllib3/urllib3/issues/3053) <https://github.com/urllib3/urllib3/issues/3053>__)
  • Fixed ResourceWarning on CONNECT with Python `__)
  • Adjust tolerance for floating-point comparison on Windows to avoid flakiness in CI ([#3413](https://github.com/urllib3/urllib3/issues/3413) <https://github.com/urllib3/urllib3/issues/3413>__)
  • Fixed a crash where certain standard library hash functions were absent in restricted environments. ([#3432](https://github.com/urllib3/urllib3/issues/3432) <https://github.com/urllib3/urllib3/issues/3432>__)
  • Fixed mypy error when adding to HTTPConnection.default_socket_options. ([#3448](https://github.com/urllib3/urllib3/issues/3448) <https://github.com/urllib3/urllib3/issues/3448>__)

HTTP/2 (experimental)

HTTP/2 support is still in early development.

  • Excluded Transfer-Encoding: chunked from HTTP/2 request body ([#3425](https://github.com/urllib3/urllib3/issues/3425) <https://github.com/urllib3/urllib3/issues/3425>__)

  • Added version checking for h2 (https://pypi.org/project/h2/) usage.

    Now only accepting supported h2 major version 4.x.x. ([#3290](https://github.com/urllib3/urllib3/issues/3290) <https://github.com/urllib3/urllib3/issues/3290>__)

  • Added a probing mechanism for determining whether a given target origin supports HTTP/2 via ALPN. ([#3301](https://github.com/urllib3/urllib3/issues/3301) <https://github.com/urllib3/urllib3/issues/3301>__)

  • Add support for sending a request body with HTTP/2 ([#3302](https://github.com/urllib3/urllib3/issues/3302) <https://github.com/urllib3/urllib3/issues/3302>__)

Deprecations and Removals

  • Note for downstream distributors: the _version.py file has been removed and is now created at build time by hatch-vcs. ([#3412](https://github.com/urllib3/urllib3/issues/3412) <https://github.com/urllib3/urllib3/issues/3412>__)
  • Drop support for end-of-life PyPy3.8 and PyPy3.9. ([#3475](https://github.com/urllib3/urllib3/issues/3475) <https://github.com/urllib3/urllib3/issues/3475>__)
Commits


Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | sphinx-autobuild | [>= 2024.4.16.a, < 2024.4.17] | | sphinx-autobuild | [>= 2024.4.13.a, < 2024.4.14] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 4 weeks ago

Superseded by #195.