search

hasgeek / hasjob

Hasjob, the Hasgeek job board
https://hasjob.co
GNU Affero General Public License v3.0
234 stars 80 forks source link

Scheduled monthly dependency update for July #618

Closed pyup-bot closed 3 years ago

pyup-bot commented 3 years ago

Update dnspython from 1.16.0 to 2.1.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links - PyPI: https://pypi.org/project/dnspython - Homepage: http://www.dnspython.org

Update Pillow from 8.2.0 to 8.3.0.

Changelog ### 8.3.0 ``` ------------------ - Use snprintf instead of sprintf. CVE-2021-34552 5567 [radarhere] - Limit TIFF strip size when saving with LibTIFF 5514 [kmilos] - Allow ICNS save on all operating systems 4526 [baletu, radarhere, newpanjing, hugovk] - De-zigzag JPEG's DQT when loading; deprecate convert_dict_qtables 4989 [gofr, radarhere] - Replaced xml.etree.ElementTree 5565 [radarhere] - Moved CVE image to pillow-depends 5561 [radarhere] - Added tag data for IFD groups 5554 [radarhere] - Improved ImagePalette 5552 [radarhere] - Add DDS saving 5402 [radarhere] - Improved getxmp() 5455 [radarhere] - Convert to float for comparison with float in IFDRational __eq__ 5412 [radarhere] - Allow getexif() to access TIFF tag_v2 data 5416 [radarhere] - Read FITS image mode and size 5405 [radarhere] - Merge parallel horizontal edges in ImagingDrawPolygon 5347 [radarhere, hrdrq] - Use transparency behind first GIF frame and when disposing to background 5557 [radarhere, zewt] - Avoid unstable nature of qsort in Quant.c 5367 [radarhere] - Copy palette to new images in ImageOps expand 5551 [radarhere] - Ensure palette string matches RGB mode 5549 [radarhere] - Do not modify EXIF of original image instance in exif_transpose() 5547 [radarhere] - Fixed default numresolution for small JPEG2000 images 5540 [radarhere] - Added DDS BC5 reading 5501 [radarhere] - Raise an error if ImageDraw.textbbox is used without a TrueType font 5510 [radarhere] - Added ICO saving in BMP format 5513 [radarhere] - Ensure PNG seeks to end of previous chunk at start of load_end 5493 [radarhere] - Do not allow TIFF to seek to a past frame 5473 [radarhere] - Avoid race condition when displaying images with eog 5507 [mconst] - Added specific error messages when ink has incorrect number of bands 5504 [radarhere] - Allow converting an image to a numpy array to raise errors 5379 [radarhere] - Removed DPI rounding from BMP, JPEG, PNG and WMF loading 5476, 5470 [radarhere] - Remove spikes when drawing thin pieslices 5460 [xtsm] - Updated default value for SAMPLESPERPIXEL TIFF tag 5452 [radarhere] - Removed TIFF DPI rounding 5446 [radarhere, hugovk] - Include code in WebP error 5471 [radarhere] - Do not alter pixels outside mask when drawing text on an image with transparency 5434 [radarhere] - Reset handle when seeking backwards in TIFF 5443 [radarhere] - Replace sys.stdout with sys.stdout.buffer when saving 5437 [radarhere] - Fixed UNDEFINED TIFF tag of length 0 being changed in roundtrip 5426 [radarhere] - Fixed bug when checking FreeType2 version if it is not installed 5445 [radarhere] - Do not round dimensions when saving PDF 5459 [radarhere] - Added ImageOps contain() 5417 [radarhere, hugovk] - Changed WebP default "method" value to 4 5450 [radarhere] - Switched to saving 1-bit PDFs with DCTDecode 5430 [radarhere] - Use bpp from ICO header 5429 [radarhere] - Corrected JPEG APP14 transform value 5408 [radarhere] - Changed TIFF tag 33723 length to 1 5425 [radarhere] - Changed ImageMorph incorrect mode errors to ValueError 5414 [radarhere] - Add EXIF tags specified in EXIF 2.32 5419 [gladiusglad] - Treat previous contents of first GIF frame as transparent 5391 [radarhere] - For special image modes, revert default resize resampling to NEAREST 5411 [radarhere] - JPEG2000: Support decoding subsampled RGB and YCbCr images 4996 [nulano, radarhere] - Stop decoding BC1 punchthrough alpha in BC2&3 4144 [jansol] - Use zero if GIF background color index is missing 5390 [radarhere] - Fixed ensuring that GIF previous frame was loaded 5386 [radarhere] - Valgrind fixes 5397 [wiredfool] - Round down the radius in rounded_rectangle 5382 [radarhere] - Fixed reading uncompressed RGB data from DDS 5383 [radarhere] ```
Links - PyPI: https://pypi.org/project/pillow - Changelog: https://pyup.io/changelogs/pillow/ - Homepage: https://python-pillow.org

Update psycopg2 from 2.8.6 to 2.9.1.

Changelog ### 2.9.1 ``` ^^^^^^^^^^^^^^^^^^^^^^^^^^^ Fix regression with named `sql.Placeholder` (:ticket:`1291`). ``` ### 2.9 ``` ------------------------- - ``with connection`` starts a transaction on autocommit transactions too (:ticket:`941`). - Timezones with fractional minutes are supported on Python 3.7 and following (:ticket:`1272`). - Escape table and column names in `~cursor.copy_from()` and `~cursor.copy_to()`. - Connection exceptions with sqlstate ``08XXX`` reclassified as `~psycopg2.OperationalError` (a subclass of the previously used `~psycopg2.DatabaseError`) (:ticket:`1148`). - Include library dirs required from libpq to work around MacOS build problems (:ticket:`1200`). Other changes: - Dropped support for Python 2.7, 3.4, 3.5 (:tickets:`1198, 1000, 1197`). - Dropped support for mx.DateTime. - Use `datetime.timezone` objects by default in datetime objects instead of `~psycopg2.tz.FixedOffsetTimezone`. - The `psycopg2.tz` module is deprecated and scheduled to be dropped in the next major release. - Provide :pep:`599` wheels packages (manylinux2014 tag) for i686 and x86_64 platforms. - Provide :pep:`600` wheels packages (manylinux_2_24 tag) for aarch64 and ppc64le platforms. - Wheel package compiled against OpenSSL 1.1.1k and PostgreSQL 13.3. - Build system for Linux/MacOS binary packages moved to GitHub Actions. ``` ### 2.8.7 ``` ^^^^^^^^^^^^^^^^^^^^^^^^^^^ - Accept empty params as `~psycopg2.connect()` (:ticket:`1250`). - Fix attributes refcount in `Column` initialisation (:ticket:`1252`). - Allow re-initialisation of static variables in the C module (:ticket:`1267`). ```
Links - PyPI: https://pypi.org/project/psycopg2 - Changelog: https://pyup.io/changelogs/psycopg2/ - Homepage: https://psycopg.org/

Update SQLAlchemy from 1.4.17 to 1.4.20.

Changelog ### 1.4.20 ``` :released: June 28, 2021 .. change:: :tags: bug, regression, orm :tickets: 6680 Fixed regression in ORM regarding an internal reconstitution step for the :func:`_orm.with_polymorphic` construct, when the user-facing object is garbage collected as the query is processed. The reconstitution was not ensuring the sub-entities for the "polymorphic" case were handled, leading to an ``AttributeError``. .. change:: :tags: usecase, sql :tickets: 6646 Add a impl parameter to :class:`_types.PickleType` constructor, allowing any arbitary type to be used in place of the default implementation of :class:`_types.LargeBinary`. Pull request courtesy jason3gb. .. change:: :tags: bug, engine :tickets: 5348 Fixed an issue in the C extension for the :class:`_result.Row` class which could lead to a memory leak in the unlikely case of a :class:`_result.Row` object which referred to an ORM object that then was mutated to refer back to the ``Row`` itself, creating a cycle. The Python C APIs for tracking GC cycles has been added to the native :class:`_result.Row` implementation to accommodate for this case. .. change:: :tags: bug, engine :tickets: 6665 Fixed old issue where a :func:`_sql.select()` made against the token "*", which then yielded exactly one column, would fail to correctly organize the ``cursor.description`` column name into the keys of the result object. .. change:: :tags: usecase, mysql :tickets: 6659 Made a small adjustment in the table reflection feature of the MySQL dialect to accommodate for alternate MySQL-oriented databases such as TiDB which include their own "comment" directives at the end of a constraint directive within "CREATE TABLE" where the format doesn't have the additional space character after the comment, in this case the TiDB "clustered index" feature. Pull request courtesy Daniël van Eeden. .. change:: :tags: bug, schema :tickets: 6685 Fixed issue where passing ``None`` for the value of :paramref:`_schema.Table.prefixes` would not store an empty list, but rather the constant ``None``, which may be unexpected by third party dialects. The issue is revealed by a usage in recent versions of Alembic that are passing ``None`` for this value. Pull request courtesy Kai Mueller. .. change:: :tags: bug, regression, ext :tickets: 6679 Fixed regression in :mod:`sqlalchemy.ext.automap` extension such that the use case of creating an explicit mapped class to a table that is also the :paramref:`_orm.relationship.secondary` element of a :func:`_orm.relationship` that automap will be generating would emit the "overlaps" warnings introduced in 1.4 and discussed at :ref:`error_qzyx`. While generating this case from automap is still subject to the same caveats that the "overlaps" warning refers towards, as automap is intended for more ad-hoc use cases, the condition which produces the warning is disabled when a many-to-many relationship with this particular pattern is generated. .. change:: :tags: bug, regression, orm :tickets: 6678 Adjusted :meth:`_orm.Query.union` and similar set operations to be correctly compatible with the new capabilities just added in :ticket:`6661`, with SQLAlchemy 1.4.19, such that the SELECT statements rendered as elements of the UNION or other set operation will include directly mapped columns that are mapped as deferred; this both fixes a regression involving unions with multiple levels of nesting that would produce a column mismatch, and also allows the :func:`_orm.undefer` option to be used at the top level of such a :class:`_orm.Query` without having to apply the option to each of the elements within the UNION. .. change:: :tags: bug, sql, orm :tickets: 6668 Fixed the class hierarchy for the :class:`_schema.Sequence` and the more general :class:`_schema.DefaultGenerator` base, as these are "executable" as statements they need to include :class:`_sql.Executable` in their hierarchy, not just :class:`_roles.StatementRole` as was applied arbitrarily to :class:`_schema.Sequence` previously. The fix allows :class:`_schema.Sequence` to work in all ``.execute()`` methods including with :meth:`_orm.Session.execute` which was not working in the case that a :meth:`_orm.SessionEvents.do_orm_execute` handler was also established. .. change:: :tags: bug, orm :tickets: 6538 Adjusted the check in the mapper for a callable object that is used as a ``validates`` validator function or a ``reconstructor`` reconstruction function, to check for "callable" more liberally such as to accommodate objects based on fundamental attributes like ``__func__`` and ``__call___``, rather than testing for ``MethodType`` / ``FunctionType``, allowing things like cython functions to work properly. Pull request courtesy Miłosz Stypiński. .. changelog:: ``` ### 1.4.19 ``` :released: June 22, 2021 .. change:: :tags: bug, mssql :tickets: 6658 Fixed bug where the "schema_translate_map" feature would fail to function correctly in conjunction with an INSERT into a table that has an IDENTITY column, where the value of the IDENTITY column were specified in the values of the INSERT thus triggering SQLAlchemy's feature of setting IDENTITY INSERT to "on"; it's in this directive where the schema translate map would fail to be honored. .. change:: :tags: bug, sql :tickets: 6663 Fixed issue in CTE constructs mostly relevant to ORM use cases where a recursive CTE against "anonymous" labels such as those seen in ORM ``column_property()`` mappings would render in the ``WITH RECURSIVE xyz(...)`` section as their raw internal label and not a cleanly anonymized name. .. change:: :tags: mssql, change :tickets: 6503, 6253 Made improvements to the server version regexp used by the pymssql dialect to prevent a regexp overflow in case of an invalid version string. .. change:: :tags: bug, orm, regression :tickets: 6503, 6253 Fixed further regressions in the same area as that of :ticket:`6052` where loader options as well as invocations of methods like :meth:`_orm.Query.join` would fail if the left side of the statement for which the option/join depends upon were replaced by using the :meth:`_orm.Query.with_entities` method, or when using 2.0 style queries when using the :meth:`_sql.Select.with_only_columns` method. A new set of state has been added to the objects which tracks the "left" entities that the options / join were made against which is memoized when the lead entities are changed. .. change:: :tags: bug, asyncio, postgresql :tickets: 6652 Fixed bug in asyncio implementation where the greenlet adaptation system failed to propagate ``BaseException`` subclasses, most notably including ``asyncio.CancelledError``, to the exception handling logic used by the engine to invalidate and clean up the connection, thus preventing connections from being correctly disposed when a task was cancelled. .. change:: :tags: usecase, asyncio :tickets: 6583 Implemented :class:`_asyncio.async_scoped_session` to address some asyncio-related incompatibilities between :class:`_orm.scoped_session` and :class:`_asyncio.AsyncSession`, in which some methods (notably the :meth:`_asyncio.async_scoped_session.remove` method) should be used with the ``await`` keyword. .. seealso:: :ref:`asyncio_scoped_session` .. change:: :tags: usecase, mysql :tickets: 6132 Added new construct :class:`_mysql.match`, which provides for the full range of MySQL's MATCH operator including multiple column support and modifiers. Pull request courtesy Anton Kovalevich. .. seealso:: :class:`_mysql.match` .. change:: :tags: bug, postgresql, oracle :tickets: 6649 Fixed issue where the ``INTERVAL`` datatype on PostgreSQL and Oracle would produce an ``AttributeError`` when used in the context of a comparison operation against a ``timedelta()`` object. Pull request courtesy MajorDallas. .. change:: :tags: bug, mypy :tickets: 6476 Fixed issue in mypy plugin where class info for a custom declarative base would not be handled correctly on a cached mypy pass, leading to an AssertionError being raised. .. change:: :tags: bug, orm :tickets: 6661 Refined the behavior of ORM subquery rendering with regards to deferred columns and column properties to be more compatible with that of 1.3 while also providing for 1.4's newer features. As a subquery in 1.4 does not make use of loader options, including :func:`_orm.undefer`, a subquery that is against an ORM entity with deferred attributes will now render those deferred attributes that refer directly to mapped table columns, as these are needed in the outer SELECT if that outer SELECT makes use of these columns; however a deferred attribute that refers to a composed SQL expression as we normally do with :func:`_orm.column_property` will not be part of the subquery, as these can be selected explicitly if needed in the subquery. If the entity is being SELECTed from this subquery, the column expression can still render on "the outside" in terms of the derived subquery columns. This produces essentially the same behavior as when working with 1.3. However in this case the fix has to also make sure that the ``.selected_columns`` collection of an ORM-enabled :func:`_sql.select` also follows these rules, which in particular allows recursive CTEs to render correctly in this scenario, which were previously failing to render correctly due to this issue. .. change:: :tags: bug, postgresql :tickets: 6621 Fixed issue where the pool "pre ping" feature would implicitly start a transaction, which would then interfere with custom transactional flags such as PostgreSQL's "read only" mode when used with the psycopg2 driver. .. changelog:: ``` ### 1.4.18 ``` :released: June 10, 2021 .. change:: :tags: bug, orm :tickets: 6072, 6487 Clarified the current purpose of the :paramref:`_orm.relationship.bake_queries` flag, which in 1.4 is to enable or disable "lambda caching" of statements within the "lazyload" and "selectinload" loader strategies; this is separate from the more foundational SQL query cache that is used for most statements. Additionally, the lazy loader no longer uses its own cache for many-to-one SQL queries, which was an implementation quirk that doesn't exist for any other loader scenario. Finally, the "lru cache" warning that the lazyloader and selectinloader strategies could emit when handling a wide array of class/relationship combinations has been removed; based on analysis of some end-user cases, this warning doesn't suggest any significant issue. While setting ``bake_queries=False`` for such a relationship will remove this cache from being used, there's no particular performance gain in this case as using no caching vs. using a cache that needs to refresh often likely still wins out on the caching being used side. .. change:: :tags: bug, asyncio :tickets: 6575 Fixed an issue that presented itself when using the :class:`_pool.NullPool` or the :class:`_pool.StaticPool` with an async engine. This mostly affected the aiosqlite dialect. .. change:: :tags: bug, sqlite, regression :tickets: 6586 The fix for pysqlcipher released in version 1.4.3 :ticket:`5848` was unfortunately non-working, in that the new ``on_connect_url`` hook was erroneously not receiving a ``URL`` object under normal usage of :func:`_sa.create_engine` and instead received a string that was unhandled; the test suite failed to fully set up the actual conditions under which this hook is called. This has been fixed. .. change:: :tags: bug, postgresql, regression :tickets: 6581 Fixed regression where using the PostgreSQL "INSERT..ON CONFLICT" structure would fail to work with the psycopg2 driver if it were used in an "executemany" context along with bound parameters in the "SET" clause, due to the implicit use of the psycopg2 fast execution helpers which are not appropriate for this style of INSERT statement; as these helpers are the default in 1.4 this is effectively a regression. Additional checks to exclude this kind of statement from that particular extension have been added. .. change:: :tags: bug, orm, regression :tickets: 6285 Adjusted the means by which classes such as :class:`_orm.scoped_session` and :class:`_asyncio.AsyncSession` are generated from the base :class:`_orm.Session` class, such that custom :class:`_orm.Session` subclasses such as that used by Flask-SQLAlchemy don't need to implement positional arguments when they call into the superclass method, and can continue using the same argument styles as in previous releases. .. change:: :tags: bug, orm, regression :tickets: 6595 Fixed issue where query production for joinedload against a complex left hand side involving joined-table inheritance could fail to produce a correct query, due to a clause adaption issue. .. change:: :tags: bug, orm, regression, performance :tickets: 6596 Fixed regression involving how the ORM would resolve a given mapped column to a result row, where under cases such as joined eager loading, a slightly more expensive "fallback" could take place to set up this resolution due to some logic that was removed since 1.3. The issue could also cause deprecation warnings involving column resolution to be emitted when using a 1.4 style query with joined eager loading. .. change:: :tags: bug, orm :tickets: 6591 Fixed issue in experimental "select ORM objects from INSERT/UPDATE" use case where an error was raised if the statement were against a single-table-inheritance subclass. .. change:: :tags: bug, asyncio :tickets: 6592 Added ``asyncio.exceptions.TimeoutError``, ``asyncio.exceptions.CancelledError`` as so-called "exit exceptions", a class of exceptions that include things like ``GreenletExit`` and ``KeyboardInterrupt``, which are considered to be events that warrant considering a DBAPI connection to be in an unusable state where it should be recycled. .. change:: :tags: bug, orm :tickets: 6400 The warning that's emitted for :func:`_orm.relationship` when multiple relationships would overlap with each other as far as foreign key attributes written towards, now includes the specific "overlaps" argument to use for each warning in order to silence the warning without changing the mapping. .. change:: :tags: usecase, asyncio :tickets: 6319 Implemented a new registry architecture that allows the ``Async`` version of an object, like ``AsyncSession``, ``AsyncConnection``, etc., to be locatable given the proxied "sync" object, i.e. ``Session``, ``Connection``. Previously, to the degree such lookup functions were used, an ``Async`` object would be re-created each time, which was less than ideal as the identity and state of the "async" object would not be preserved across calls. From there, new helper functions :func:`_asyncio.async_object_session`, :func:`_asyncio.async_session` as well as a new :class:`_orm.InstanceState` attribute :attr:`_orm.InstanceState.async_session` have been added, which are used to retrieve the original :class:`_asyncio.AsyncSession` associated with an ORM mapped object, a :class:`_orm.Session` associated with an :class:`_asyncio.AsyncSession`, and an :class:`_asyncio.AsyncSession` associated with an :class:`_orm.InstanceState`, respectively. This patch also implements new methods :meth:`_asyncio.AsyncSession.in_nested_transaction`, :meth:`_asyncio.AsyncSession.get_transaction`, :meth:`_asyncio.AsyncSession.get_nested_transaction`. .. changelog:: ```
Links - PyPI: https://pypi.org/project/sqlalchemy - Changelog: https://pyup.io/changelogs/sqlalchemy/ - Homepage: http://www.sqlalchemy.org

Update SQLAlchemy-Utils from 0.37.6 to 0.37.8.

Changelog ### 0.37.8 ``` ^^^^^^^^^^^^^^^^^^^ - Added 'zoneinfo' backend to TimezoneType (510, pull request courtesy of huonw) ``` ### 0.37.7 ``` ^^^^^^^^^^^^^^^^^^^ - Added identifier quoting for view functions and constructs - Added literal processor for UUIDType ```
Links - PyPI: https://pypi.org/project/sqlalchemy-utils - Changelog: https://pyup.io/changelogs/sqlalchemy-utils/ - Repo: https://github.com/kvesteri/sqlalchemy-utils

Update pytest-cov from 2.12.0 to 2.12.1.

Changelog ### 2.12.1 ``` ------------------- * Changed the `toml` requirement to be always be directly required (instead of being required through a coverage extra). This fixes issues with pip-compile (`pip-tools1300 <https://github.com/jazzband/pip-tools/issues/1300>`_). Contributed by Sorin Sbarnea in `472 <https://github.com/pytest-dev/pytest-cov/pull/472>`_. * Documented ``show_contexts``. Contributed by Brian Rutledge in `473 <https://github.com/pytest-dev/pytest-cov/pull/473>`_. ```
Links - PyPI: https://pypi.org/project/pytest-cov - Changelog: https://pyup.io/changelogs/pytest-cov/ - Repo: https://github.com/pytest-dev/pytest-cov