#12096: Warn when files are overwritten in the build directory.
Patch by Adam Turner and Bénédikt Tran.
#12620: Ensure that old-style object description options are respected.
Patch by Adam Turner.
#12601, #12625: Support callable objects in :py:class:~typing.Annotated type
metadata in the Python domain.
Patch by Adam Turner.
#12601, #12622: Resolve :py:class:~typing.Annotated warnings with
sphinx.ext.autodoc,
especially when using :mod:dataclasses as type metadata.
Patch by Adam Turner.
#12589, #12626: autosummary: Fix warnings with :rst:role:!autolink.
Patch by Adam Turner.
Release 7.4.6 (released Jul 18, 2024)
Bugs fixed
#12589, #9743, #12609: autosummary: Do not add the package prefix when
generating autosummary directives for modules within a package.
Patch by Adam Turner.
#12613: Reduce log severity for ambiguity detection during inventory loading.
Patch by James Addison.
Release 7.4.5 (released Jul 16, 2024)
Bugs fixed
#12593, #12600: Revert coercing the type of selected :confval:html_sidebars
values to a list.
Log an error message when string values are detected.
Patch by Adam Turner.
#12594: LaTeX: since 7.4.0, :rst:dir:seealso and other "light" admonitions
now break PDF builds if they contain a :dudir:figure directive; and also
if they are contained in a table cell (rendered by tabulary).
Patch by Jean-François B.
* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1e has been
removed. Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.8.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
* Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
* :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still
considered insecure, users should generally use a key size of 2048-bits.
* :func:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`
now emits ASN.1 that more closely follows the recommendations in :rfc:`2315`.
* Added new :doc:`/hazmat/decrepit/index` module which contains outdated and
insecure cryptographic primitives.
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`,
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`,
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish`, which were
deprecated in 37.0.0, have been added to this module. They will be removed
from the ``cipher`` module in 45.0.0.
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES`
and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ARC4` into
:doc:`/hazmat/decrepit/index` and deprecated them in the ``cipher`` module.
They will be removed from the ``cipher`` module in 48.0.0.
* Added support for deterministic
:class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` (:rfc:`6979`)
* Added support for client certificate verification to the
:mod:`X.509 path validation <cryptography.x509.verification>` APIs in the
form of :class:`~cryptography.x509.verification.ClientVerifier`,
:class:`~cryptography.x509.verification.VerifiedClient`, and
``PolicyBuilder``
:meth:`~cryptography.x509.verification.PolicyBuilder.build_client_verifier`.
* Added Certificate
:attr:`~cryptography.x509.Certificate.public_key_algorithm_oid`
and Certificate Signing Request
:attr:`~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid`
to determine the :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
Object Identifier of the public key found inside the certificate.
* Added :attr:`~cryptography.x509.InvalidityDate.invalidity_date_utc`, a
timezone-aware alternative to the naïve ``datetime`` attribute
:attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
* Added support for parsing empty DN string in
:meth:`~cryptography.x509.Name.from_rfc4514_string`.
* Added the following properties that return timezone-aware ``datetime`` objects:
:meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
:meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_utc`,
:meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
:meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
:meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_time_utc`,
</tr></table>
... (truncated)
Commits
ebf14f2 bump for 43.0.0 and update changelog (#11311)
42788a0 Fix exchange with keys that had Q automatically computed (#11309)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the python-packages group with 8 updates:
7.3.7
7.4.7
2024.5.6
2024.7.18
42.0.8
43.0.0
0.5.2
0.5.4
2.0.5
2.0.6
1.0.7
1.0.8
0.37.2
0.38.0
0.30.1
0.30.3
Updates
sphinx
from 7.3.7 to 7.4.7Release notes
Sourced from sphinx's releases.
Changelog
Sourced from sphinx's changelog.
... (truncated)
Commits
0d912c8
Bump to 7.4.7 finalbbc97e0
autosummary: Filter invalid import prefixes inautolink
(#12626)6c486a5
Fix detecting file changes for the overwritten file warning (#12627)2bd973e
autodoc: Fix warnings with dataclasses inAnnotated
metadata (#12622)dd77f85
Support callables inAnnotated
types (#12625)1ed4ca7
Marktest_build_manpage
as XFAIL following changes in Docutils mastercd8ce07
Update message catalogues following reverted commitsc6cd25f
Partially revert "Update message catalogues (#11626)"fa2ba7d
Partially Revert "[bot]: Update message catalogues (#12563)"e439c6f
Ensure that old-style object description options are respected (#12620)Updates
furo
from 2024.5.6 to 2024.7.18Changelog
Sourced from furo's changelog.
... (truncated)
Commits
78e4ba2
Prepare release: 2024.07.186b61424
Update changelog58b532c
Make the issue tracker template more explicit17e351e
Addsource_view_link
to configuration7e51bc7
Delete svg-sun-half (#811)073c497
Move a 'type: ignore' comment, for mypy (#812)cefbdc0
Bump the npm group with 2 updates (#809)7fb7ec8
Bump the npm group with 3 updates (#806)25091fc
[pre-commit.ci] pre-commit autoupdate (#796)550756e
Fix close tag on pencil icon (#807)Updates
cryptography
from 42.0.8 to 43.0.0Changelog
Sourced from cryptography's changelog.
... (truncated)
Commits
ebf14f2
bump for 43.0.0 and update changelog (#11311)42788a0
Fix exchange with keys that had Q automatically computed (#11309)2dbdfb8
don't assign unused name (#11310)ccc66e6
Bump openssl from 0.10.64 to 0.10.65 in /src/rust (#11308)4310c87
Bump sphinxcontrib-qthelp from 1.0.7 to 1.0.8 (#11307)f66a9c4
Bump sphinxcontrib-htmlhelp from 2.0.5 to 2.0.6 (#11306)a8fcf18
Bump openssl-sys from 0.9.102 to 0.9.103 in /src/rust (#11305)2fe32b2
Bump mypy from 1.10.1 to 1.11.0 (#11303)ee24e82
Bump setuptools from 71.0.3 to 71.0.4 in /.github/requirements (#11304)7249ccd
Bump portable-atomic from 1.6.0 to 1.7.0 in /src/rust (#11302)Updates
ruff
from 0.5.2 to 0.5.4Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
53b84ab
Cleanup redundant spaces from changelog (#12424)3664f85
Bump version to v0.5.4 (#12423)2c1926b
Insert parentheses for multi-argument generators (#12422)4bcc96a
Avoid shadowing diagnostics for@override
methods (#12415)c0a2b49
Fix the Github link error for Neovim in the setup for editors in the docs. (#...ca22248
Update docs Settings output-format default (#12409)d8cf8ac
[red-knot] Resolve symbols frombuiltins.pyi
in the stdlib if they cannot b...1c7b840
[red-knot] fix incremental benchmark (#12400)f82bb67
[red-knot] trace file when inferring types (#12401)5f96f69
[red-knot] Fix bug where module resolution would not be invalidated if an ent...Updates
sphinxcontrib-htmlhelp
from 2.0.5 to 2.0.6Release notes
Sourced from sphinxcontrib-htmlhelp's releases.
Changelog
Sourced from sphinxcontrib-htmlhelp's changelog.
Commits
49998fd
Bump to 2.0.6 final8c97fef
Fix tests for Sphinx 7.4 (#20)Updates
sphinxcontrib-qthelp
from 1.0.7 to 1.0.8Release notes
Sourced from sphinxcontrib-qthelp's releases.
Changelog
Sourced from sphinxcontrib-qthelp's changelog.
Commits
d198d73
Bump to 1.0.8 final03ca571
Fix tests on Sphinx 7.4 (#16)Updates
starlette
from 0.37.2 to 0.38.0Release notes
Sourced from starlette's releases.
Changelog
Sourced from starlette's changelog.
Commits
8b1d2c2
Version 0.38.0 (#2647)357a291
Add proper synchronisation to WebSocketTestSession (#2597)5f57ef4
test: refine the test of client disconnection after reading request body (#2639)d3e5327
Add section for Vellox to third-party plugins (#2624)a01631d
AcceptNone
onset_cookie(path=...)
(#2612)e0ec0d9
Add Starlette-Compress to third-party docs (#2642)a55051b
docs: add shiny to the frameworks sections (#2645)6f863b0
Fix broken links (#2631)5a1bec3
Don't print xfail on the test suite (#2609)d1b3803
Allow use ofmemoryview
withResponse
(#2577)Updates
uvicorn
from 0.30.1 to 0.30.3Release notes
Sourced from uvicorn's releases.
Changelog
Sourced from uvicorn's changelog.
Commits
5bf788f
Version 0.30.3 (#2395)8f4c8a7
Add 100% clean coverage (#2394)9baded3
Bump the python-packages group with 9 updates (#2376)9279825
ClientDisconnect
inherits fromOSError
instead ofIOError
(#2393)875f6c6
SuppressKeyboardInterrupt
from CLI and programmatic usage (#2384)ca24e1b
Version 0.30.2 (#2380)c23cd24
Iterate subprocesses in-place (#2373)d79f285
docs(readme): add granian as an alternative (#2359)4e9f48d
Addreason
support on WebSocketDisconnectEvent (#2324)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show