search

greenbone / docs

Documentation for the Greenbone Community Edition
https://greenbone.github.io/docs/
Creative Commons Attribution Share Alike 4.0 International
24 stars 32 forks source link

Bump the python-packages group with 4 updates #399

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps the python-packages group with 4 updates: charset-normalizer, cycler, fonttools and packaging.

Updates charset-normalizer from 3.2.0 to 3.3.0

Release notes

Sourced from charset-normalizer's releases.

Release 3.3.0

3.3.0 (2023-09-30)

Added

  • Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
  • Support for 9 forgotten encodings that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

  • (internal) Redundant utils.is_ascii function and unused function is_private_use_only
  • (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

  • (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
  • Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

  • Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)
Changelog

Sourced from charset-normalizer's changelog.

3.3.0 (2023-09-30)

Added

  • Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
  • Support for 9 forgotten encoding that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

  • (internal) Redundant utils.is_ascii function and unused function is_private_use_only
  • (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

  • (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
  • Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.7

Fixed

  • Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)
Commits
  • 165211a :bookmark: Release 3.3.0 (#353)
  • 5aed9a4 :bug: Fix unreachable code in the sorting algorithm of CharsetMatch (#352)
  • 061a71b :arrow_up: Bump actions/checkout from 4.0.0 to 4.1.0 (#348)
  • 88df580 :arrow_up: Bump github/codeql-action from 2.21.7 to 2.21.9 (#351)
  • aa0234b :arrow_up: Bump pypa/cibuildwheel from 2.15.0 to 2.16.0 (#349)
  • 58f69f7 :arrow_up: Bump github/codeql-action from 2.21.5 to 2.21.7 (#345)
  • e7c2d8e :arrow_up: Bump docker/setup-qemu-action from 2.2.0 to 3.0.0 (#346)
  • 5abf47f :arrow_up: Bump pytest from 7.4.1 to 7.4.2 (#342)
  • 50a138e :arrow_up: Bump actions/checkout from 3.6.0 to 4.0.0 (#343)
  • 5da7047 :arrow_up: Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#344)
  • Additional commits viewable in compare view


Updates cycler from 0.11.0 to 0.12.0

Release notes

Sourced from cycler's releases.

REL: 0.12.0

This is the first release of Cycler 0.12.

The major new feature in this release is the addition of type hints. Furthermore, the minimum supported version of Python is now 3.8.

REL: 0.12.0rc1

This is the first release candidate for Cycler 0.12.0.

The major new feature in this release is the addition of type hints. Furthermore, the minimum supported version of Python is now 3.8.

Commits
  • 7aebbdf REL: 0.12.0
  • ab3cfe8 BLD: Bump version for next release
  • b6f3e17 REL: v0.12.0rc1
  • 9eb8e18 Merge pull request #97 from QuLogic/fix-circle
  • 74c2df2 CI: Use correct variable in CircleCI build
  • 3660eb6 Merge pull request #95 from QuLogic/auto-publish
  • 98a09db Merge pull request #90 from QuLogic/fix-docs
  • 5ac0e9f Merge pull request #96 from QuLogic/fix-actions-badge
  • 245170d DOC: Fix typo in GitHub Actions badge
  • 245c886 Add a release workflow to publish to PyPI
  • Additional commits viewable in compare view


Updates fonttools from 4.42.1 to 4.43.0

Release notes

Sourced from fonttools's releases.

4.43.0

  • [subset] Set up lxml XMLParser(resolve_entities=False) when parsing OT-SVG documents to prevent XML External Entity (XXE) attacks (9f61271dc): https://codeql.github.com/codeql-query-help/python/py-xxe/
  • [varLib.iup] Added workaround for a Cython bug in iup_delta_optimize that was leading to IUP tolerance being incorrectly initialised, resulting in sub-optimal deltas (60126435d, cython/cython#5732).
  • [varLib] Added new command-line entry point fonttools varLib.avar to add an avar table to an existing VF from axes mappings in a .designspace file (0a3360e52).
  • [instancer] Fixed bug whereby no longer used variation regions were not correctly pruned after VarData optimization (#3268).
  • Added support for Python 3.12 (#3283).
Changelog

Sourced from fonttools's changelog.

4.43.0 (released 2023-09-29)

  • [subset] Set up lxml XMLParser(resolve_entities=False) when parsing OT-SVG documents to prevent XML External Entity (XXE) attacks (9f61271dc): https://codeql.github.com/codeql-query-help/python/py-xxe/
  • [varLib.iup] Added workaround for a Cython bug in iup_delta_optimize that was leading to IUP tolerance being incorrectly initialised, resulting in sub-optimal deltas (60126435d, cython/cython#5732).
  • [varLib] Added new command-line entry point fonttools varLib.avar to add an avar table to an existing VF from axes mappings in a .designspace file (0a3360e52).
  • [instancer] Fixed bug whereby no longer used variation regions were not correctly pruned after VarData optimization (#3268).
  • Added support for Python 3.12 (#3283).
Commits
  • 145460e Release 4.43.0
  • 64f3fd8 Update changelog [skip ci]
  • 7aea49e Merge pull request #3283 from hugovk/main
  • 4470c44 Bump requirements.txt to support Python 3.12
  • 0c87cba Bump scipy for Python 3.12 support
  • eda6fa5 Add support for Python 3.12
  • 0e033b0 Bump reportlab from 3.6.12 to 3.6.13 in /Doc
  • 6012643 [iup] Work around cython bug
  • b14268a [iup] Remove copy/pasta
  • 0a3360e [varLib.avar] New module to compile avar from .designspace file
  • Additional commits viewable in compare view


Updates packaging from 23.1 to 23.2

Release notes

Sourced from packaging's releases.

23.2

What's Changed

New Contributors

Full Changelog: https://github.com/pypa/packaging/compare/23.1...23.2

Changelog

Sourced from packaging's changelog.

23.2 - 2023-10-01


* Document calendar-based versioning scheme (:issue:`716`)
* Enforce that the entire marker string is parsed (:issue:`687`)
* Requirement parsing no longer automatically validates the URL (:issue:`120`)
* Canonicalize names for requirements comparison (:issue:`644`)
* Introduce ``metadata.Metadata`` (along with ``metadata.ExceptionGroup`` and ``metadata.InvalidMetadata``; :issue:`570`)
* Introduce the ``validate`` keyword parameter to ``utils.validate_name()`` (:issue:`570`)
* Introduce ``utils.is_normalized_name()`` (:issue:`570`)
* Make ``utils.parse_sdist_filename()`` and ``utils.parse_wheel_filename()``
  raise ``InvalidSdistFilename`` and ``InvalidWheelFilename``, respectively,
  when the version component of the name is invalid
Commits
  • b3a5d7d Bump for release
  • d7ce40d Fix code blocks in CHANGELOG.md (#724)
  • 524b701 parse_{sdist,wheel}_filename: don't raise InvalidVersion (#721)
  • b509bef Typing annotations fixed (#723)
  • 0206c39 Bump pip version to avoid known vulnerabilities (#720)
  • 7023537 fix: Update copyright date for docs (#713)
  • 39786bb Document use of calendar-based versioning scheme (#717)
  • c1346df fix: Detect when a platform is 32-bit more accurately (#711)
  • 7e68d82 Correct rST syntax in CHANGELOG.rst (#709)
  • 61e6efb Support enriched metadata in packaging.metadata (#686)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions