search

greenbone / python-gvm

Greenbone Vulnerability Management Python Library
https://greenbone.github.io/python-gvm/
GNU General Public License v3.0
107 stars 60 forks source link

Deps: Bump the python-packages group with 15 updates #1115

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 9 months ago

Bumps the python-packages group with 15 updates:

Package From To
lxml 4.9.3 5.1.0
coverage 7.4.0 7.4.1
autohooks 23.10.0 24.1.0
black 23.12.1 24.1.1
pontos 24.1.0 24.1.2
alabaster 0.7.15 0.7.16
beautifulsoup4 4.12.2 4.12.3
cryptography 41.0.7 42.0.1
dill 0.3.7 0.3.8
markupsafe 2.1.3 2.1.4
sphinxcontrib-applehelp 1.0.7 1.0.8
sphinxcontrib-devhelp 1.0.5 1.0.6
sphinxcontrib-htmlhelp 2.0.4 2.0.5
sphinxcontrib-qthelp 1.0.6 1.0.7
sphinxcontrib-serializinghtml 1.1.9 1.1.10

Updates lxml from 4.9.3 to 5.1.0

Changelog

Sourced from lxml's changelog.

5.1.0 (2024-01-05)

Features added

  • Parsing ASCII strings is slightly faster.

Bugs fixed

  • GH#349: The HTML Cleaner() interpreted an accidentally provided string parameter for the host_whitelist as list of characters and silently failed to reject any hosts. Passing a non-collection is now rejected.

Other changes

  • Support for Python 2.7 and Python versions < 3.6 was removed.

  • The wheel build was migrated to use cibuildwheel. Patch by Primož Godec.

5.0.1 (2024-01-05)

Bugs fixed

  • LP#2046208: Parsing non-BMP Python Unicode strings could fail on macOS.

  • LP#2044225: When incrementally parsing broken HTML, reporting start events on missing structural tags failed and could lead to subsequent exceptions.

  • LP#2045435: Some (not all) issues with stricter C compilers were resolved.

  • The binary wheels in the 5.0.0 release did not validate cleanly (but installed ok).

.. _latest_release:

5.0.0 (2023-12-29)

Features added

  • Character escaping in C14N2 serialisation now uses a single pass over the text instead of searching for each unescaped character separately.

... (truncated)

Commits
  • 82a4260 Prepare release of 5.1.0.
  • 3eafa61 Merge branch 'lxml-5.0'
  • eb5cd98 Prepare release of 5.0.1.
  • f4b8be5 docs: Shorten the list of old versions on the main website.
  • 9496a79 Update changelog.
  • c13c5af Remove some dead Py2 code.
  • 5bba8c4 Remove some dead Py2 code.
  • 5fa0cd5 Cleaner: Validate that host_whitelist is not a string (GH-349)
  • ff88377 Remove accidentally duplicated code.
  • 7244b43 Merge branch 'lxml-5.0'
  • Additional commits viewable in compare view


Updates coverage from 7.4.0 to 7.4.1

Changelog

Sourced from coverage's changelog.

Version 7.4.1 — 2024-01-26

  • Python 3.13.0a3 is supported.

  • Fix: the JSON report now includes an explicit format version number, closing issue 1732_.

.. _issue 1732: nedbat/coveragepy#1732

.. _changes_7-4-0:

Commits
  • 07588ea test: give hypothesis a little more time
  • 2c96518 build: tags should be signed
  • 8d1857f docs: sample HTML for 7.4.1
  • ddc88f7 docs: prep for 7.4.1
  • 98cd671 docs: correct two library urls
  • 498b8c9 build: coverage runs have to skip windows pypy too
  • 75b22f0 test: ignore color in tracebacks
  • b7c41a2 build: show action environment variables for debugging
  • f8be865 build: run actions on 3.13 since a3 came out.
  • de60a6d build(deps): bump actions/dependency-review-action from 3 to 4
  • Additional commits viewable in compare view


Updates autohooks from 23.10.0 to 24.1.0

Release notes

Sourced from autohooks's releases.

autohooks 24.1.0

24.1.0 - 2024-01-26

Added

  • Ignore ruff_cache from git 7542c15

Removed

  • Remove unused settings file for pylint 6faf4d1
  • Replace isort with ruff b6fcbed

Changed

  • Update headers of all Python files f03fc7b
  • Update formatting with black 24.1.0 73f48bc
  • Unify release workflow (file) name 64a1d24
  • Merge coverage config into pyproject.toml 0e70f9b
  • Make ruff more prominent in the README 4fe01c5
  • Use trusted publisher upload for PyPI d2f2c7d

Bug Fixes

  • Fix README and package meta data for supported Python versions b4d92f6

Dependencies

  • Bump the dependencies group with 7 updates a52e2f7
  • Bump the dependencies group with 10 updates e7c1165
  • Bump jinja2 from 3.1.2 to 3.1.3 8055e30
  • Bump the dependencies group with 5 updates 90c623e
  • Bump the dependencies group with 8 updates 3022f81
  • Bump the dependencies group with 1 update c2d5c35
  • Bump the dependencies group with 8 updates bc4d28a
  • Bump the dependencies group with 6 updates 61c0201
  • Bump the dependencies group with 2 updates 8bdb3bd
  • Bump the dependencies group with 7 updates 863cd39
  • Bump the dependencies group with 7 updates 2cea7c7
  • Bump the dependencies group with 6 updates 86411da
  • Bump the dependencies group with 6 updates aa4e1e0
  • Bump the dependencies group with 4 updates c930d52
  • Bump the dependencies group with 4 updates (#620) 4ca79cf
Commits
  • bff00fe Automatic release to 24.1.0
  • f03fc7b Change: Update headers of all Python files
  • 73f48bc Change: Update formatting with black 24.1.0
  • 64a1d24 Change: Unify release workflow (file) name
  • 7542c15 Add: Ignore ruff_cache from git
  • 0e70f9b Change: Merge coverage config into pyproject.toml
  • 6faf4d1 Remove: Remove unused settings file for pylint
  • b6fcbed Remove: Replace isort with ruff
  • ae201e7 Update copyright in README for 2024
  • b4d92f6 Fix: Fix README and package meta data for supported Python versions
  • Additional commits viewable in compare view


Updates black from 23.12.1 to 24.1.1

Release notes

Sourced from black's releases.

24.1.1

Bugfix release to fix a bug that made Black unusable on certain file systems with strict limits on path length.

Preview style

  • Consistently add trailing comma on typed parameters (#4164)

Configuration

  • Shorten the length of the name of the cache file to fix crashes on file systems that do not support long paths (#4176)

24.1.0

Highlights

This release introduces the new 2024 stable style (#4106), stabilizing the following changes:

  • Add parentheses around if-else expressions (#2278)
  • Dummy class and function implementations consisting only of ... are formatted more compactly (#3796)
  • If an assignment statement is too long, we now prefer splitting on the right-hand side (#3368)
  • Hex codes in Unicode escape sequences are now standardized to lowercase (#2916)
  • Allow empty first lines at the beginning of most blocks (#3967, #4061)
  • Add parentheses around long type annotations (#3899)
  • Enforce newline after module docstrings (#3932, #4028)
  • Fix incorrect magic trailing comma handling in return types (#3916)
  • Remove blank lines before class docstrings (#3692)
  • Wrap multiple context managers in parentheses if combined in a single with statement (#3489)
  • Fix bug in line length calculations for power operations (#3942)
  • Add trailing commas to collection literals even if there's a comment after the last entry (#3393)
  • When using --skip-magic-trailing-comma or -C, trailing commas are stripped from subscript expressions with more than 1 element (#3209)
  • Add extra blank lines in stubs in a few cases (#3564, #3862)
  • Accept raw strings as docstrings (#3947)
  • Split long lines in case blocks (#4024)
  • Stop removing spaces from walrus operators within subscripts (#3823)
  • Fix incorrect formatting of certain async statements (#3609)
  • Allow combining # fmt: skip with other comments (#3959)

There are already a few improvements in the --preview style, which are slated for the 2025 stable style. Try them out and share your feedback. In the past, the preview style has included some features that we were not able to stabilize. This year, we're

... (truncated)

Changelog

Sourced from black's changelog.

24.1.1

Bugfix release to fix a bug that made Black unusable on certain file systems with strict limits on path length.

Preview style

  • Consistently add trailing comma on typed parameters (#4164)

Configuration

  • Shorten the length of the name of the cache file to fix crashes on file systems that do not support long paths (#4176)

24.1.0

Highlights

This release introduces the new 2024 stable style (#4106), stabilizing the following changes:

  • Add parentheses around if-else expressions (#2278)
  • Dummy class and function implementations consisting only of ... are formatted more compactly (#3796)
  • If an assignment statement is too long, we now prefer splitting on the right-hand side (#3368)
  • Hex codes in Unicode escape sequences are now standardized to lowercase (#2916)
  • Allow empty first lines at the beginning of most blocks (#3967, #4061)
  • Add parentheses around long type annotations (#3899)
  • Enforce newline after module docstrings (#3932, #4028)
  • Fix incorrect magic trailing comma handling in return types (#3916)
  • Remove blank lines before class docstrings (#3692)
  • Wrap multiple context managers in parentheses if combined in a single with statement (#3489)
  • Fix bug in line length calculations for power operations (#3942)
  • Add trailing commas to collection literals even if there's a comment after the last entry (#3393)
  • When using --skip-magic-trailing-comma or -C, trailing commas are stripped from subscript expressions with more than 1 element (#3209)
  • Add extra blank lines in stubs in a few cases (#3564, #3862)
  • Accept raw strings as docstrings (#3947)
  • Split long lines in case blocks (#4024)
  • Stop removing spaces from walrus operators within subscripts (#3823)
  • Fix incorrect formatting of certain async statements (#3609)
  • Allow combining # fmt: skip with other comments (#3959)

There are already a few improvements in the --preview style, which are slated for the 2025 stable style. Try them out and share your feedback. In the past, the preview style has included some features that we were not able to stabilize. This year, we're

... (truncated)

Commits


Updates pontos from 24.1.0 to 24.1.2

Release notes

Sourced from pontos's releases.

pontos 24.1.2

24.1.2 - 2024-01-18

Added

  • Export all relevant git classes from pontos.git 42ff071

Changed

  • Cleanup pontos.version module API 53ddf6b
  • Mark pontos.git.status as private module explicitly db91dbe
  • Mark pontos.git.git as private module explicitly a73513e
  • Use trusted publisher process to deploy on PyPI 6aefbab

Bug Fixes

  • Fix versioning_scheme type of Project constructor 123db56
  • Fix return type of CMakeVErsionParser._tokenize method 38479f9

Dependencies

  • Bump the python-packages group with 9 updates bcb3e86

pontos 24.1.1

24.1.1 - 2024-01-12

Changed

  • Improve CLI help for pontos-changelog and pontos-release 2fa927b
  • Include changes from pre-releases in non pre-releases 0ddbb3c

Bug Fixes

  • Ignore invalid versions in tag when determining last release 84ecc39

Dependencies

  • Bump jinja2 from 3.1.2 to 3.1.3 415878e
  • Bump the python-packages group with 4 updates 4a6f56a
Commits
  • c7b8ece Automatic release to 24.1.2
  • 123db56 Fix: Fix versioning_scheme type of Project constructor
  • 38479f9 Fix: Fix return type of CMakeVErsionParser._tokenize method
  • 53ddf6b Change: Cleanup pontos.version module API
  • db91dbe Change: Mark pontos.git.status as private module explicitly
  • a73513e Change: Mark pontos.git.git as private module explicitly
  • 42ff071 Add: Export all relevant git classes from pontos.git
  • 6aefbab Change: Use trusted publisher process to deploy on PyPI
  • bcb3e86 Deps: Bump the python-packages group with 9 updates
  • 4d127c7 Automatic adjustments after release
  • Additional commits viewable in compare view


Updates alabaster from 0.7.15 to 0.7.16

Release notes

Sourced from alabaster's releases.

Alabaster 0.7.16

Changelog: https://alabaster.readthedocs.io/en/latest/changelog.html

Changelog

Sourced from alabaster's changelog.

:git_tag:0.7.16 -- 2024-01-10

  • :bug:215 Do not display logo_name if it is set to False.
Commits


Updates beautifulsoup4 from 4.12.2 to 4.12.3

Updates cryptography from 41.0.7 to 42.0.1

Changelog

Sourced from cryptography's changelog.

42.0.1 - 2024-01-24


* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
  :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign`.
* Resolved compatibility issue with loading certain RSA public keys in
  :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`.

.. _v42-0-0:


42.0.0 - 2024-01-22

  • BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7.
  • BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates or :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates will now raise a ValueError rather than return an empty list.
  • Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes.
  • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
  • Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
  • We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process.
  • Support :class:~cryptography.hazmat.primitives.asymmetric.padding.PSS for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:~cryptography.x509.CertificateSigningRequestBuilder and :class:~cryptography.x509.CertificateRevocationListBuilder.
  • Added support for obtaining X.509 certificate signing request signature algorithm parameters (including PSS) via :meth:~cryptography.x509.CertificateSigningRequest.signature_algorithm_parameters.
  • Added support for obtaining X.509 certificate revocation list signature algorithm parameters (including PSS) via :meth:~cryptography.x509.CertificateRevocationList.signature_algorithm_parameters.
  • Added mgf property to :class:~cryptography.hazmat.primitives.asymmetric.padding.PSS.
  • Added algorithm and mgf properties to :class:~cryptography.hazmat.primitives.asymmetric.padding.OAEP.
  • Added the following properties that return timezone-aware datetime objects: :meth:~cryptography.x509.Certificate.not_valid_before_utc, :meth:~cryptography.x509.Certificate.not_valid_after_utc, :meth:~cryptography.x509.RevokedCertificate.revocation_date_utc, :meth:~cryptography.x509.CertificateRevocationList.next_update_utc, :meth:~cryptography.x509.CertificateRevocationList.last_update_utc. These are timezone-aware variants of existing properties that return naïve datetime objects.
  • Deprecated the following properties that return naïve datetime objects:

... (truncated)

Commits


Updates dill from 0.3.7 to 0.3.8

Commits
  • a0a8e86 tag: 0.3.8
  • 6f83208 skip BufferedRandomType on pyodide (#644)
  • 72f6523 Bump readthedocs-sphinx-search from 0.3.1 to 0.3.2 in /docs (#642)
  • db56c29 update sphinx to 6.2.1 (#641)
  • 21bd82b import submodule properly when there is an attribute of the module with the s...
  • cce8ac7 Bump jinja2 from 3.1.1 to 3.1.3 in /docs (#640)
  • 5ed40d5 updated copyright for 2024 (#638)
  • 8d209d4 add guard for math.log in size calculation (#637)
  • 6343f44 add build to rtfd config (#632)
  • 4b24b6d formal support for 3.12, initial support for 3.13 (#630)
  • Additional commits viewable in compare view


Updates markupsafe from 2.1.3 to 2.1.4

Release notes

Sourced from markupsafe's releases.

2.1.4

This is a fix release for the 2.1.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

Changelog

Sourced from markupsafe's changelog.

Version 2.1.4

Released 2024-01-19

  • Don't use regular expressions for striptags, avoiding a performance issue. :pr:413
Commits


Updates sphinxcontrib-applehelp from 1.0.7 to 1.0.8

Release notes

Sourced from sphinxcontrib-applehelp's releases.

sphinxcontrib-applehelp 1.0.8

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Changelog

Sourced from sphinxcontrib-applehelp's changelog.

Release 1.0.8 (2024-01-13)

  • Remove Sphinx as a required dependency, as circular dependencies may cause failure with package managers that expect a directed acyclic graph (DAG) of dependencies.
Commits


Updates sphinxcontrib-devhelp from 1.0.5 to 1.0.6

Release notes

Sourced from sphinxcontrib-devhelp's releases.

sphinxcontrib-devhelp 1.0.6

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Changelog

Sourced from sphinxcontrib-devhelp's changelog.

Release 1.0.6 (2024-01-13)

  • Remove Sphinx as a required dependency, as circular dependencies may cause failure with package managers that expect a directed acyclic graph (DAG) of dependencies.
Commits


Updates sphinxcontrib-htmlhelp from 2.0.4 to 2.0.5

Release notes

Sourced from sphinxcontrib-htmlhelp's releases.

sphinxcontrib-htmlhelp 2.0.5

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Changelog

Sourced from sphinxcontrib-htmlhelp's changelog.

Release 2.0.5 (2024-01-13)

  • Remove Sphinx as a required dependency, as circular dependencies may cause failure with package managers that expect a directed acyclic graph (DAG) of dependencies.
Commits


Updates sphinxcontrib-qthelp from 1.0.6 to 1.0.7

Release notes

Sourced from sphinxcontrib-qthelp's releases.

sphinxcontrib-qthelp 1.0.7

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Changelog

Sourced from sphinxcontrib-qthelp's changelog.

Release 1.0.7 (2024-01-13)

  • Remove Sphinx as a required dependency, as circular dependencies may cause failure with package managers that expect a directed acyclic graph (DAG) of dependencies.
Commits


Updates sphinxcontrib-serializinghtml from 1.1.9 to 1.1.10

Release notes

Sourced from sphinxcontrib-serializinghtml's releases.

sphinxcontrib-serializinghtml 1.1.10

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Changelog

Sourced from sphinxcontrib-serializinghtml's changelog.

Release 1.1.10 (2024-01-13)

  • Remove Sphinx as a required dependency, as circular dependencies may cause failure with package managers that expect a directed acyclic graph (DAG) of dependencies.
Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
github-actions[bot] commented 9 months ago

Conventional Commits Report

Type Number
Dependencies 1

:rocket: Conventional commits found.

bjoernricks commented 9 months ago

@dependabot rebase

dependabot[bot] commented 9 months ago

Looks like these dependencies are up-to-date now, so this is no longer needed.