search

haddocking / arctic3d

Automatic Retrieval and ClusTering of Interfaces in Complexes from 3D structural information
Apache License 2.0
27 stars 6 forks source link

Bump jsonpickle from 3.0.4 to 3.3.0 #455

Closed dependabot[bot] closed 2 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps jsonpickle from 3.0.4 to 3.3.0.

Changelog

Sourced from jsonpickle's changelog.

v3.3.0

* The unpickler was updated to avoid using ``eval``, which helps improve its
  security. Users can still pass ``safe=False`` to ``decode`` to use the old
  behavior, though this is not recommended. (+513)
* Objects can now exclude specific attributes from pickling by providing a
  ``_jsonpickle_exclude`` class or instance attribute. This attribute should contain
  the list of attribute names to exclude when pickling the object.

v3.2.2

* A bug with the incorrect (de)serialization of NoneType objects has been fixed.
  (+507)
* ``tests/benchmark.py`` was updated to avoid Python 2 syntax. (+508)
* The unpickler was updated to avoid creating temporary functions. (+508)
* Some basic scripts have been made to analyze benchmark results. (+511)
* Fix test suite compatibility with Numpy 2.x (+512)
* `setup.cfg` was updated to use `license_files` instead of `license_file`.

v3.2.1

* The ``ignorereserved`` parameter to the private ``_restore_from_dict()``
  function has been restored for backwards compatibility. (+501)

v3.2.0

* Nested dictionaries in `py/state` are now correctly restored when
  tracking object references. (+501) ([#500](https://github.com/jsonpickle/jsonpickle/issues/500))

v3.1.0

* `jsonpickle.ext.numpy.register_handlers` now provides options that are forwarded
  to the `NumpyNDArrayHandler` constructor. (+489)
* Fix bug of not handling ``classes`` argument to `jsonpickle.decode`
  being a dict. Previously, the keys were ignored and only values were
  used. (+494)
* Allow the ``classes`` argument to `jsonpickle.pickle` to have class
  objects as keys. This extends the current functionality of only having
  class name strings as keys. (+494)
* The ``garden setup/dev`` action and ``requirements-dev.txt`` requirements file
  now include test dependencies for use during development.
* Added support for Python 3.13. (+505) ([#504](https://github.com/jsonpickle/jsonpickle/issues/504))
Commits
  • b19dc3f Merge pull request #517 from dwagon/exclude_attr
  • 20f7565 CHANGES: add a changelog entry for _jsonpickle_exclude
  • 0b6b60e pickler: exclude attributes using _jsonpickle_exclude
  • 56f026a garden: add a remote for dwagon
  • c4a2c17 Remove unused variable to fix Ruff tests (#520)
  • e4ff8c1 ci: remove github action that creates commits (#518)
  • 5ddca3d Add Usage section to README (#516)
  • d0ab378 unpickler: fix the warning syntax and remove the premature deprecation comment
  • c60ce65 Describe alternative to eval-removal in 3.3.0
  • 3c6a825 unpickler: avoid use of eval() in loadrepr (#513)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)