Scheduled weekly dependency update for week 04

[pyup-bot]

Update future from 0.18.2 to 0.18.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

- PyPI: https://pypi.org/project/future - Homepage: https://python-future.org - Docs: https://pythonhosted.org/future/

Update ecdsa from 0.16.1 to 0.18.0.

Changelog

### 0.18.0 ``` New API: * `curve_by_name` in `curves` module to get a `Curve` object by providing curve name. Bug fix: * Make the `VerifyingKey` encoded with explicit parameters use the same kind of point encoding for public key and curve generator. * Better handling of malformed curve parameters (as in CVE-2022-0778); make python-ecdsa raise `MalformedPointError` instead of `AssertionError`. Doc fix: * Publish the documentation on https://ecdsa.readthedocs.io/, include explanation of basics of handling of ECC data formats and how to use the library for elliptic curve arithmetic. * Make object names more consistent, make them into hyperlinks on the readthedocs documentation. * Make security note more explicit (Ian Rodney) * Fix the `explicit` vs `named_curve` confusion in `VerifyingKey` docs. Maintenance: * Updated black version; slight changes to formatting * Include interoperability tests for Ed25519 and Ed448 with OpenSSL. ``` ### 0.18.0beta2 ``` New features: * Support for point precomputation for EdDSA. Maintenance: * Fix few typos (thanks to Tim Gates and Kian Meng Ang). Bug fix: * Accept private EdDSA keys that include public key in the ASN.1 structure. * Fix incompatibility with Python 3.3 in handling of memoryviews of empty strings. ``` ### 0.18.0beta1 ``` New features: * Support for EdDSA (Ed25519, Ed448) signature creation and verification. * Support for Ed25519 and Ed448 in PKCS8 and public key files. New API: * CurveEdTw class to represent the Twisted Edwards curve parameters. * PointEdwards class to represent points on Twisted Edwards curve and provide point arithmetic on it. ``` ### 0.17.0 ``` New API: * Keys that use explicit curve parameters can now be read and written. Reading of explicit curves can be disabled by using the `valid_curve_encodings` keyword argument in `VerifyingKey.from_pem()`, `VerifyingKey.from_der()`, `SigningKey.from_pem()`, and `SigningKey.from_der()`. * Keys can now be written with use of explicit curve parameters, use `curve_parameters_encoding` keyword argument of `VerifyingKey.to_pem()`, `VerifyingKey.to_der()`, `SigningKey.to_pem(), or `SigningKey.to_der()` to specify the format. By default `named_curve` will be used, unless the curve doesn't have an associated OID (as will be the case for an unsupported curve), then `explicit` encoding will be used. * Allow specifying acceptable point formats when loading public keys (this also fixes a minor bug where python-ecdsa would accept raw encoding for points in PKCS8 files). Set of accepted encodings is controlled by `valid_encodings` keyword argument in `ECDH.load_received_public_key_bytes()`, `VerifyingKey.from_string()`, `VerifyingKey.from_pem()`, VerifyingKey.from_der()`. * `PointJacobi` and `Point` now inherit from `AbstractPoint` that implements the methods for parsing points. That added `from_bytes()` and `to_bytes()` methods to both of them. * Curve parameters can now be read and written to PEM and DER files. The `Curve` class supports new `to_der()`, `from_der()`, `to_pem()`, and `from_pem()` methods. Doc fix: * Describe in detail which methods can raise `RSZeroError`, and that `SigningKey.sign_deterministic()` won't raise it. Bug fix: * Correctly truncate hash values larger than the curve order (only impacted custom curves and the curves added in this release). * Correctly handle curves for which the order is larger than the prime (only impacted custom curves and the secp160r1 curve added in this release). * Fix the handling of `==` and `!=` for `Public_key`, `Private_key`, `Point`, `PointJacobi`, `VerifyingKey`, and `SigningKey` so that it behaves consistently and in the expected way both in Python 2 and Python 3. * Implement lock-less algorithm inside PointJacobi for keeping shared state so that when a calculation is aborted with KeyboardInterrupt, the state doesn't become corrupted (this fixes the occasional breakage of ecdsa in interactive shells). New features: * The `speed.py` script now provides performance for signature verification without the use of precomputation. * New curves supported: secp112r1, secp112r2, secp128r1, secp160r1. Performance: * Use 2-ary Non-Adjacent Form for the combined multiply-add. This speeds up single-shot verify (i.e. without precomputation) by about 4 to 5%. * Use native Python 3.8 support for calculating multiplicative inverses. Maintenance: * Include Python 3.9 in PyPI keywords. * More realistic branch coverage counting (ignore Python version-specific branches). * Additional test coverage to many parts of the library. * Migrate to Github Actions for Continuous Testing. ```

Links

- PyPI: https://pypi.org/project/ecdsa - Changelog: https://data.safetycli.com/changelogs/ecdsa/ - Repo: http://github.com/tlsfuzzer/python-ecdsa

Update requests from 2.25.1 to 2.31.0.

Changelog

### 2.31.0 ``` ------------------- **Security** - Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential forwarding of `Proxy-Authorization` headers to destination servers when following HTTPS redirects. When proxies are defined with user info (https://user:passproxy:8080), Requests will construct a `Proxy-Authorization` header that is attached to the request to authenticate with the proxy. In cases where Requests receives a redirect response, it previously reattached the `Proxy-Authorization` header incorrectly, resulting in the value being sent through the tunneled connection to the destination server. Users who rely on defining their proxy credentials in the URL are *strongly* encouraged to upgrade to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy credentials once the change has been fully deployed. Users who do not use a proxy or do not supply their proxy credentials through the user information portion of their proxy URL are not subject to this vulnerability. Full details can be read in our [Github Security Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q) and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681). ``` ### 2.30.0 ``` ------------------- **Dependencies** - ⚠️ Added support for urllib3 2.0. ⚠️ This may contain minor breaking changes so we advise careful testing and reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html prior to upgrading. Users who wish to stay on urllib3 1.x can pin to `urllib3<2`. ``` ### 2.29.0 ``` ------------------- **Improvements** - Requests now defers chunked requests to the urllib3 implementation to improve standardization. (6226) - Requests relaxes header component requirements to support bytes/str subclasses. (6356) ``` ### 2.28.2 ``` ------------------- **Dependencies** - Requests now supports charset\_normalizer 3.x. (6261) **Bugfixes** - Updated MissingSchema exception to suggest https scheme rather than http. (6188) ``` ### 2.28.1 ``` ------------------- **Improvements** - Speed optimization in `iter_content` with transition to `yield from`. (6170) **Dependencies** - Added support for chardet 5.0.0 (6179) - Added support for charset-normalizer 2.1.0 (6169) ``` ### 2.28.0 ``` ------------------- **Deprecations** - ⚠️ Requests has officially dropped support for Python 2.7. ⚠️ (6091) - Requests has officially dropped support for Python 3.6 (including pypy3.6). (6091) **Improvements** - Wrap JSON parsing issues in Request's JSONDecodeError for payloads without an encoding to make `json()` API consistent. (6097) - Parse header components consistently, raising an InvalidHeader error in all invalid cases. (6154) - Added provisional 3.11 support with current beta build. (6155) - Requests got a makeover and we decided to paint it black. (6095) **Bugfixes** - Fixed bug where setting `CURL_CA_BUNDLE` to an empty string would disable cert verification. All Requests 2.x versions before 2.28.0 are affected. (6074) - Fixed urllib3 exception leak, wrapping `urllib3.exceptions.SSLError` with `requests.exceptions.SSLError` for `content` and `iter_content`. (6057) - Fixed issue where invalid Windows registry entries caused proxy resolution to raise an exception rather than ignoring the entry. (6149) - Fixed issue where entire payload could be included in the error message for JSONDecodeError. (6036) ``` ### 2.27.1 ``` ------------------- **Bugfixes** - Fixed parsing issue that resulted in the `auth` component being dropped from proxy URLs. (6028) ``` ### 2.27.0 ``` ------------------- **Improvements** - Officially added support for Python 3.10. (5928) - Added a `requests.exceptions.JSONDecodeError` to unify JSON exceptions between Python 2 and 3. This gets raised in the `response.json()` method, and is backwards compatible as it inherits from previously thrown exceptions. Can be caught from `requests.exceptions.RequestException` as well. (5856) - Improved error text for misnamed `InvalidSchema` and `MissingSchema` exceptions. This is a temporary fix until exceptions can be renamed (Schema->Scheme). (6017) - Improved proxy parsing for proxy URLs missing a scheme. This will address recent changes to `urlparse` in Python 3.9+. (5917) **Bugfixes** - Fixed defect in `extract_zipped_paths` which could result in an infinite loop for some paths. (5851) - Fixed handling for `AttributeError` when calculating length of files obtained by `Tarfile.extractfile()`. (5239) - Fixed urllib3 exception leak, wrapping `urllib3.exceptions.InvalidHeader` with `requests.exceptions.InvalidHeader`. (5914) - Fixed bug where two Host headers were sent for chunked requests. (5391) - Fixed regression in Requests 2.26.0 where `Proxy-Authorization` was incorrectly stripped from all requests sent with `Session.send`. (5924) - Fixed performance regression in 2.26.0 for hosts with a large number of proxies available in the environment. (5924) - Fixed idna exception leak, wrapping `UnicodeError` with `requests.exceptions.InvalidURL` for URLs with a leading dot (.) in the domain. (5414) **Deprecations** - Requests support for Python 2.7 and 3.6 will be ending in 2022. While we don't have exact dates, Requests 2.27.x is likely to be the last release series providing support. ``` ### 2.26.0 ``` ------------------- **Improvements** - Requests now supports Brotli compression, if either the `brotli` or `brotlicffi` package is installed. (5783) - `Session.send` now correctly resolves proxy configurations from both the Session and Request. Behavior now matches `Session.request`. (5681) **Bugfixes** - Fixed a race condition in zip extraction when using Requests in parallel from zip archive. (5707) **Dependencies** - Instead of `chardet`, use the MIT-licensed `charset_normalizer` for Python3 to remove license ambiguity for projects bundling requests. If `chardet` is already installed on your machine it will be used instead of `charset_normalizer` to keep backwards compatibility. (5797) You can also install `chardet` while installing requests by specifying `[use_chardet_on_py3]` extra as follows: shell pip install "requests[use_chardet_on_py3]" Python2 still depends upon the `chardet` module. - Requests now supports `idna` 3.x on Python 3. `idna` 2.x will continue to be used on Python 2 installations. (5711) **Deprecations** - The `requests[security]` extra has been converted to a no-op install. PyOpenSSL is no longer the recommended secure option for Requests. (5867) - Requests has officially dropped support for Python 3.5. (5867) ```

Links

- PyPI: https://pypi.org/project/requests - Changelog: https://data.safetycli.com/changelogs/requests/ - Docs: https://requests.readthedocs.io

Update websocket-client from 0.58.0 to 1.7.0.

Changelog

### 1.7.0 ``` - Renamed `mask` variable in ABNF to prevent name collision with `mask()` function (9b51f73) - Fixed old http import of HTTPStatus in _handshake.py (9b51f73) - Add `send_text()` and `send_bytes()` to _app.py (953) - Improved typehint support (953, 9b51f73, 8b73d00) - General readability improvements, made all string concatenations use f-strings (909, 780584f, 3eabc6e) - Applied black formatting style to code (da7f286) ``` ### 1.6.4 ``` - Fix 952, add support for HTTP 307 and 308 redirect codes (69468ad) ``` ### 1.6.3 ``` - Fix type hints issues (949) - Add support for Python beta release 3.12 in CI (946) - Add maintainer email in setup.py (3d464fc) ``` ### 1.6.2 ``` - Add support for SSLKEYLOGFILE environment variable (943) - Add support for callable header arguments (932) - Change handling of proxy environment variables, is_secure set to true now prevents http_proxy from getting used (929) ``` ### 1.6.1 ``` - Fix Dispatcher keyboard interrupt. Should solve reconnect loop with rel (924) ``` ### 1.6.0 ``` - Fix teardown issue when ping thread is not properly ended (918) - Fix double ping wait time on first ping (912) - Minor type hints improvements (eda6724, 54b3013) ``` ### 1.5.3 ``` - Add logic to avoid error in the case where content-length header does not exist, bug introduced in 1.5.2 (911) - Fix wsdump.py script typing, bug introduced in 1.5.2 (914) ``` ### 1.5.2 ``` - Add type hints (908) - Fix pytype errors (906) - Fix args passed to logging function (898) - Standardize PEP 3101 formatting (c6a445f) - Add more verbose exception for unsuccessful handshake for 900 (f85ae1f) ``` ### 1.5.1 ``` - Fix logic bug that can cause disconnects (893) ``` ### 1.5.0 ``` - Refactor and improve ping/pong logic to resolve several issues, including an infinite loop issue during reconnect (862) - Fix issue where `skip_utf8_validation = True` is ignored (886) - Fix issue where sslopt `is_ssl` is ignored (875) - Downgrade "websocket connected" message from logging.warning to logging.info (888) - Update github actions to newer versions (669fe1b) ``` ### 1.4.2 ``` - create_dispatcher is determined by URL ws/wss, NOT by presence of sslopt args, to maintain consistency (875) - Remove redundant key generation line (864) - Updated docs to fix old links and updated CI to include Python 3.11 ``` ### 1.4.1 ``` - Fix stack growth bug when `run_forever` reconnects (854) - Add doctest CI for sphinx docs code examples (d150099) - General docs improvements ``` ### 1.4.0 ``` - Fix automatic reconnect with `run_forever` (838) - Allow a timeout to be set when using a proxy (842) ``` ### 1.3.3 ``` - Fix unclosed socket error (826) - Update header dict access (818) - Add utf8 workaround to docs (fc9ee9f) ``` ### 1.3.2 ``` - Add support for pre-initialized stream socket in new WebSocketApp (804) - Remove rel.saferead() in examples (f0bf03d) - Increase scope of linting checks (dca4022) - Start adding type hints (a8a4099) ``` ### 1.3.1 ``` - Fix 10 year old bug and improve dispatcher handling for run_forever (795) - Fix run_forever to never return None, only return True or False, and add two tests (788) - Remove Python 3.6 support, EOL in Dec 2021 ``` ### 1.3.0 ``` - BREAKING: Set Origin header to use https:// scheme when wss:// WebSocket URL is passed (#787) - Replace deprecated/broken WebSocket URLs with working ones (6ad5197) - Add documentation referencing rel for automatic reconnection with run_forever() - Add missing opcodes 1012, 1013 (771) - Add errno.ENETUNREACH to improve error handling (da1b050) - Minor documentation improvements and typo fixes ``` ### 1.2.3 ``` - Fix broken run_forever() functionality (769) ``` ### 1.2.2 ``` - Migrate wsdump script in setup.py from scripts to newer entry_points (763) - Add support for ssl.SSLContext for arbitrary SSL parameters (762) - Remove keep_running variable (752) - Remove HAVE_CONTEXT_CHECK_HOSTNAME variable (dac1692) - Replace deprecated ssl.PROTOCOL_TLS with ssl.PROTOCOL_TLS_CLIENT (760) - Simplify code and improve Python 3 support (751, 750, 746) - Fill default license template fields (748) - Update CI tests - Improve documentation (732, 733, 734, 737, 766, 768) ``` ### 1.2.1 ``` - Fix python-socks dependency issue mentioned in 728 - Replace echo.websocket.org with a local websockets echo server for unit tests (4951de2) ``` ### 1.2.0 ``` - Fix 697, 665: Transition from LGPL 2.1 license to Apache 2.0 license - Revert 417 and reimplement SOCKS proxy support with python-socks instead of PySocks (fbcbd43) ``` ### 1.1.1 ``` - Fix 377: increase exception verbosity in _app.py callback exception - Fix 717: race condition during connection close - Fix 722: improve handling where credentials include symbols like - Fix 711: improve handling if ssl is None ``` ### 1.1.0 ``` - Set enable_multithread to True by default (beb135a) - Performance improvement in _mask() function (287970e, 433) - Performance improvement in recv_strict() function (60e4711, 255) - Performance improvement by removing numpy-related code (a462d45) - Support uppercase no_proxy, http_proxy, https_proxy env vars (150df4f, 700) - Add sslopt 'server_hostname' support (698) - Replace deprecated ssl.PROTOCOL_SSLv23 with ssl.PROTOCOL_TLS (494564f) - Update documentation, README (7c9d604, 704) ``` ### 1.0.1 ``` - Fix exception handling bug 694 ``` ### 1.0.0 ``` - Removed Python 2 code, now only Python 3 compatible (d45343b, b7c5733, ff67af8) - Use semver for release versions, unlike breaking release 0.58.0 (669) - Enhance enableTrace output (13e83b4) - Improve unit tests to over 80% code coverage (1679ab0, a00dd2d, etc.) - Fix old _app.py close status code bug (resulted in on_close() requiring 3 args) (686) - Replace select import with selectors (568) ``` ### 0.59.0 ``` - Last main release to support Python 2 - Fix Python 2 urlparse scheme (332) - Add support for headers with multiple values (627) - Add debug support for reserved custom status codes (639) - Allow multiple Set-Cookie: headers (649) - Simplified cookie sorting (662) - Add no_proxy support (671) - Add Host header to HTTP proxy request (677) - Improve PEP8 style compliance (dc3f5c4) ```

Links

- PyPI: https://pypi.org/project/websocket-client - Changelog: https://data.safetycli.com/changelogs/websocket-client/ - Repo: https://github.com/websocket-client/websocket-client/releases

Update pytz from 2021.1 to 2023.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

- PyPI: https://pypi.org/project/pytz - Homepage: http://pythonhosted.org/pytz - Docs: https://pythonhosted.org/pytz/

Update pycryptodomex from 3.10.1 to 3.20.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

- PyPI: https://pypi.org/project/pycryptodomex - Homepage: https://www.pycryptodome.org

Update scrypt from 0.8.18 to 0.8.21.

Changelog

### 0.8.21 ``` Build wheels for pypi ``` ### 0.8.20 ``` * Fix 8 by adding missing gettimeofday.c to MANIFEST.in ```

Links

- PyPI: https://pypi.org/project/scrypt - Changelog: https://data.safetycli.com/changelogs/scrypt/ - Repo: https://github.com/holgern/py-scrypt

Update cryptography from 3.4.7 to 42.0.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

- PyPI: https://pypi.org/project/cryptography

Update mock from 4.0.3 to 5.1.0.

Changelog

### 5.1.0 ``` ----- - bpo-44185: :func:`unittest.mock.mock_open` will call the :func:`close` method of the file handle mock when it is exiting from the context manager. Patch by Samet Yaslan. - gh-94924: :func:`unittest.mock.create_autospec` now properly returns coroutine functions compatible with :func:`inspect.iscoroutinefunction` - bpo-17013: Add ``ThreadingMock`` to :mod:`unittest.mock` that can be used to create Mock objects that can wait until they are called. Patch by Karthikeyan Singaravelan and Mario Corchero. - bpo-41768: :mod:`unittest.mock` speccing no longer calls class properties. Patch by Melanie Witt. ``` ### 5.0.2 ``` ----- - gh-102978: Fixes :func:`unittest.mock.patch` not enforcing function signatures for methods decorated with ``classmethod`` or ``staticmethod`` when patch is called with ``autospec=True``. - gh-103329: Regression tests for the behaviour of ``unittest.mock.PropertyMock`` were added. ``` ### 5.0.1 ``` ----- - gh-100740: Fix ``unittest.mock.Mock`` not respecting the spec for attribute names prefixed with ``assert``. - gh-100690: ``Mock`` objects which are not unsafe will now raise an ``AttributeError`` when accessing an attribute that matches the name of an assertion but without the prefix ``assert_``, e.g. accessing ``called_once`` instead of ``assert_called_once``. This is in addition to this already happening for accessing attributes with prefixes ``assert``, ``assret``, ``asert``, ``aseert``, and ``assrt``. - gh-96127: ``inspect.signature`` was raising ``TypeError`` on call with mock objects. Now it correctly returns ``(*args, **kwargs)`` as infered signature. ``` ### 5.0.0 ``` ----- - gh-98624: Add a mutex to unittest.mock.NonCallableMock to protect concurrent access to mock attributes. - bpo-43478: Mocks can no longer be used as the specs for other Mocks. As a result, an already-mocked object cannot have an attribute mocked using `autospec=True` or be the subject of a `create_autospec(...)` call. This can uncover bugs in tests since these Mock-derived Mocks will always pass certain tests (e.g. isinstance) and builtin assert functions (e.g. assert_called_once_with) will unconditionally pass. - bpo-45156: Fixes infinite loop on :func:`unittest.mock.seal` of mocks created by :func:`~unittest.create_autospec`. - bpo-41403: Make :meth:`mock.patch` raise a :exc:`TypeError` with a relevant error message on invalid arg. Previously it allowed a cryptic :exc:`AttributeError` to escape. - gh-91803: Fix an error when using a method of objects mocked with :func:`unittest.mock.create_autospec` after it was sealed with :func:`unittest.mock.seal` function. - bpo-41877: AttributeError for suspected misspellings of assertions on mocks are now pointing out that the cause are misspelled assertions and also what to do if the misspelling is actually an intended attribute name. The unittest.mock document is also updated to reflect the current set of recognised misspellings. - bpo-43478: Mocks can no longer be provided as the specs for other Mocks. As a result, an already-mocked object cannot be passed to `mock.Mock()`. This can uncover bugs in tests since these Mock-derived Mocks will always pass certain tests (e.g. isinstance) and builtin assert functions (e.g. assert_called_once_with) will unconditionally pass. - bpo-45010: Remove support of special method ``__div__`` in :mod:`unittest.mock`. It is not used in Python 3. - gh-84753: :func:`inspect.iscoroutinefunction` now properly returns ``True`` when an instance of :class:`unittest.mock.AsyncMock` is passed to it. This makes it consistent with behavior of :func:`asyncio.iscoroutinefunction`. Patch by Mehdi ABAAKOUK. - bpo-46852: Remove the undocumented private ``float.__set_format__()`` method, previously known as ``float.__setformat__()`` in Python 3.7. Its docstring said: "You probably don't want to use this function. It exists mainly to be used in Python's test suite." Patch by Victor Stinner. - gh-98086: Make sure ``patch.dict()`` can be applied on async functions. - gh-100287: Fix the interaction of :func:`unittest.mock.seal` with :class:`unittest.mock.AsyncMock`. - gh-83076: Instantiation of ``Mock()`` and ``AsyncMock()`` is now 3.8x faster. - bpo-41877: A check is added against misspellings of autospect, auto_spec and set_spec being passed as arguments to patch, patch.object and create_autospec. ```

Links

- PyPI: https://pypi.org/project/mock - Changelog: https://data.safetycli.com/changelogs/mock/ - Docs: http://mock.readthedocs.org/en/latest/

Update Click from 7.1.2 to 8.1.7.

Changelog

### 8.1.7 ``` ------------- Released 2023-08-17 - Fix issue with regex flags in shell completion. :issue:`2581` - Bash version detection issues a warning instead of an error. :issue:`2574` - Fix issue with completion script for Fish shell. :issue:`2567` ``` ### 8.1.6 ``` ------------- Released 2023-07-18 - Fix an issue with type hints for ``click.group()``. :issue:`2558` ``` ### 8.1.5 ``` ------------- Released 2023-07-13 - Fix an issue with type hints for ``click.command()``, ``click.option()``, and other decorators. Introduce typing tests. :issue:`2558` ``` ### 8.1.4 ``` ------------- Released 2023-07-06 - Replace all ``typing.Dict`` occurrences to ``typing.MutableMapping`` for parameter hints. :issue:`2255` - Improve type hinting for decorators and give all generic types parameters. :issue:`2398` - Fix return value and type signature of `shell_completion.add_completion_class` function. :pr:`2421` - Bash version detection doesn't fail on Windows. :issue:`2461` - Completion works if there is a dot (``.``) in the program name. :issue:`2166` - Improve type annotations for pyright type checker. :issue:`2268` - Improve responsiveness of ``click.clear()``. :issue:`2284` - Improve command name detection when using Shiv or PEX. :issue:`2332` - Avoid showing empty lines if command help text is empty. :issue:`2368` - ZSH completion script works when loaded from ``fpath``. :issue:`2344`. - ``EOFError`` and ``KeyboardInterrupt`` tracebacks are not suppressed when ``standalone_mode`` is disabled. :issue:`2380` - ``group.command`` does not fail if the group was created with a custom ``command_class``. :issue:`2416` - ``multiple=True`` is allowed for flag options again and does not require setting ``default=()``. :issue:`2246, 2292, 2295` - Make the decorators returned by ``argument()`` and ``option()`` reusable when the ``cls`` parameter is used. :issue:`2294` - Don't fail when writing filenames to streams with strict errors. Replace invalid bytes with the replacement character (``�``). :issue:`2395` - Remove unnecessary attempt to detect MSYS2 environment. :issue:`2355` - Remove outdated and unnecessary detection of App Engine environment. :pr:`2554` - ``echo()`` does not fail when no streams are attached, such as with ``pythonw`` on Windows. :issue:`2415` - Argument with ``expose_value=False`` do not cause completion to fail. :issue:`2336` ``` ### 8.1.3 ``` ------------- Released 2022-04-28 - Use verbose form of ``typing.Callable`` for ``command`` and ``group``. :issue:`2255` - Show error when attempting to create an option with ``multiple=True, is_flag=True``. Use ``count`` instead. :issue:`2246` ``` ### 8.1.2 ``` ------------- Released 2022-03-31 - Fix error message for readable path check that was mixed up with the executable check. :pr:`2236` - Restore parameter order for ``Path``, placing the ``executable`` parameter at the end. It is recommended to use keyword arguments instead of positional arguments. :issue:`2235` ``` ### 8.1.1 ``` ------------- Released 2022-03-30 - Fix an issue with decorator typing that caused type checking to report that a command was not callable. :issue:`2227` ``` ### 8.1.0 ``` ------------- Released 2022-03-28 - Drop support for Python 3.6. :pr:`2129` - Remove previously deprecated code. :pr:`2130` - ``Group.resultcallback`` is renamed to ``result_callback``. - ``autocompletion`` parameter to ``Command`` is renamed to ``shell_complete``. - ``get_terminal_size`` is removed, use ``shutil.get_terminal_size`` instead. - ``get_os_args`` is removed, use ``sys.argv[1:]`` instead. - Rely on :pep:`538` and :pep:`540` to handle selecting UTF-8 encoding instead of ASCII. Click's locale encoding detection is removed. :issue:`2198` - Single options boolean flags with ``show_default=True`` only show the default if it is ``True``. :issue:`1971` - The ``command`` and ``group`` decorators can be applied with or without parentheses. :issue:`1359` - The ``Path`` type can check whether the target is executable. :issue:`1961` - ``Command.show_default`` overrides ``Context.show_default``, instead of the other way around. :issue:`1963` - Parameter decorators and ``group`` handles ``cls=None`` the same as not passing ``cls``. ``option`` handles ``help=None`` the same as not passing ``help``. :issue:`1959` - A flag option with ``required=True`` requires that the flag is passed instead of choosing the implicit default value. :issue:`1978` - Indentation in help text passed to ``Option`` and ``Command`` is cleaned the same as using the ``option`` and ``command`` decorators does. A command's ``epilog`` and ``short_help`` are also processed. :issue:`1985` - Store unprocessed ``Command.help``, ``epilog`` and ``short_help`` strings. Processing is only done when formatting help text for output. :issue:`2149` - Allow empty str input for ``prompt()`` when ``confirmation_prompt=True`` and ``default=""``. :issue:`2157` - Windows glob pattern expansion doesn't fail if a value is an invalid pattern. :issue:`2195` - It's possible to pass a list of ``params`` to ``command``. Any params defined with decorators are appended to the passed params. :issue:`2131`. - ``command`` decorator is annotated as returning the correct type if a ``cls`` argument is used. :issue:`2211` - A ``Group`` with ``invoke_without_command=True`` and ``chain=False`` will invoke its result callback with the group function's return value. :issue:`2124` - ``to_info_dict`` will not fail if a ``ParamType`` doesn't define a ``name``. :issue:`2168` - Shell completion prioritizes option values with option prefixes over new options. :issue:`2040` - Options that get an environment variable value using ``autoenvvar_prefix`` treat an empty value as ``None``, consistent with a direct ``envvar``. :issue:`2146` ``` ### 8.0.4 ``` ------------- Released 2022-02-18 - ``open_file`` recognizes ``Path("-")`` as a standard stream, the same as the string ``"-"``. :issue:`2106` - The ``option`` and ``argument`` decorators preserve the type annotation of the decorated function. :pr:`2155` - A callable default value can customize its help text by overriding ``__str__`` instead of always showing ``(dynamic)``. :issue:`2099` - Fix a typo in the Bash completion script that affected file and directory completion. If this script was generated by a previous version, it should be regenerated. :issue:`2163` - Fix typing for ``echo`` and ``secho`` file argument. :issue:`2174, 2185` ``` ### 8.0.3 ``` ------------- Released 2021-10-10 - Fix issue with ``Path(resolve_path=True)`` type creating invalid paths. :issue:`2088` - Importing ``readline`` does not cause the ``confirm()`` prompt to disappear when pressing backspace. :issue:`2092` - Any default values injected by ``invoke()`` are cast to the corresponding parameter's type. :issue:`2089, 2090` ``` ### 8.0.2 ``` ------------- Released 2021-10-08 - ``is_bool_flag`` is not set to ``True`` if ``is_flag`` is ``False``. :issue:`1925` - Bash version detection is locale independent. :issue:`1940` - Empty ``default`` value is not shown for ``multiple=True``. :issue:`1969` - Fix shell completion for arguments that start with a forward slash such as absolute file paths. :issue:`1929` - ``Path`` type with ``resolve_path=True`` resolves relative symlinks to be relative to the containing directory. :issue:`1921` - Completion does not skip Python's resource cleanup when exiting, avoiding some unexpected warning output. :issue:`1738, 2017` - Fix type annotation for ``type`` argument in ``prompt`` function. :issue:`2062` - Fix overline and italic styles, which were incorrectly added when adding underline. :pr:`2058` - An option with ``count=True`` will not show "[x>=0]" in help text. :issue:`2072` - Default values are not cast to the parameter type twice during processing. :issue:`2085` - Options with ``multiple`` and ``flag_value`` use the flag value instead of leaving an internal placeholder. :issue:`2001` ``` ### 8.0.1 ``` ------------- Released 2021-05-19 - Mark top-level names as exported so type checking understand imports in user projects. :issue:`1879` - Annotate ``Context.obj`` as ``Any`` so type checking allows all operations on the arbitrary object. :issue:`1885` - Fix some types that weren't available in Python 3.6.0. :issue:`1882` - Fix type checking for iterating over ``ProgressBar`` object. :issue:`1892` - The ``importlib_metadata`` backport package is installed on Python < 3.8. :issue:`1889` - Arguments with ``nargs=-1`` only use env var value if no command line values are given. :issue:`1903` - Flag options guess their type from ``flag_value`` if given, like regular options do from ``default``. :issue:`1886` - Added documentation that custom parameter types may be passed already valid values in addition to strings. :issue:`1898` - Resolving commands returns the name that was given, not ``command.name``, fixing an unintended change to help text and ``default_map`` lookups. When using patterns like ``AliasedGroup``, override ``resolve_command`` to change the name that is returned if needed. :issue:`1895` - If a default value is invalid, it does not prevent showing help text. :issue:`1889` - Pass ``windows_expand_args=False`` when calling the main command to disable pattern expansion on Windows. There is no way to escape patterns in CMD, so if the program needs to pass them on as-is then expansion must be disabled. :issue:`1901` ``` ### 8.0.0 ``` ------------- Released 2021-05-11 - Drop support for Python 2 and 3.5. - Colorama is always installed on Windows in order to provide style and color support. :pr:`1784` - Adds a repr to Command, showing the command name for friendlier debugging. :issue:`1267`, :pr:`1295` - Add support for distinguishing the source of a command line parameter. :issue:`1264`, :pr:`1329` - Add an optional parameter to ``ProgressBar.update`` to set the ``current_item``. :issue:`1226`, :pr:`1332` - ``version_option`` uses ``importlib.metadata`` (or the ``importlib_metadata`` backport) instead of ``pkg_resources``. The version is detected based on the package name, not the entry point name. The Python package name must match the installed package name, or be passed with ``package_name=``. :issue:`1582` - If validation fails for a prompt with ``hide_input=True``, the value is not shown in the error message. :issue:`1460` - An ``IntRange`` or ``FloatRange`` option shows the accepted range in its help text. :issue:`1525`, :pr:`1303` - ``IntRange`` and ``FloatRange`` bounds can be open (``<``) instead of closed (``<=``) by setting ``min_open`` and ``max_open``. Error messages have changed to reflect this. :issue:`1100` - An option defined with duplicate flag names (``"--foo/--foo"``) raises a ``ValueError``. :issue:`1465` - ``echo()`` will not fail when using pytest's ``capsys`` fixture on Windows. :issue:`1590` - Resolving commands returns the canonical command name instead of the matched name. This makes behavior such as help text and ``Context.invoked_subcommand`` consistent when using patterns like ``AliasedGroup``. :issue:`1422` - The ``BOOL`` type accepts the values "on" and "off". :issue:`1629` - A ``Group`` with ``invoke_without_command=True`` will always invoke its result callback. :issue:`1178` - ``nargs == -1`` and ``nargs > 1`` is parsed and validated for values from environment variables and defaults. :issue:`729` - Detect the program name when executing a module or package with ``python -m name``. :issue:`1603` - Include required parent arguments in help synopsis of subcommands. :issue:`1475` - Help for boolean flags with ``show_default=True`` shows the flag name instead of ``True`` or ``False``. :issue:`1538` - Non-string objects passed to ``style()`` and ``secho()`` will be converted to string. :pr:`1146` - ``edit(require_save=True)`` will detect saves for editors that exit very fast on filesystems with 1 second resolution. :pr:`1050` - New class attributes make it easier to use custom core objects throughout an entire application. :pr:`938` - ``Command.context_class`` controls the context created when running the command. - ``Context.invoke`` creates new contexts of the same type, so a custom type will persist to invoked subcommands. - ``Context.formatter_class`` controls the formatter used to generate help and usage. - ``Group.command_class`` changes the default type for subcommands with ``group.command()``. - ``Group.group_class`` changes the default type for subgroups with ``group.group()``. Setting it to ``type`` will create subgroups of the same type as the group itself. - Core objects use ``super()`` consistently for better support of subclassing. - Use ``Context.with_resource()`` to manage resources that would normally be used in a ``with`` statement, allowing them to be used across subcommands and callbacks, then cleaned up when the context ends. :pr:`1191` - The result object returned by the test runner's ``invoke()`` method has a ``return_value`` attribute with the value returned by the invoked command. :pr:`1312` - Required arguments with the ``Choice`` type show the choices in curly braces to indicate that one is required (``{a|b|c}``). :issue:`1272` - If only a name is passed to ``option()``, Click suggests renaming it to ``--name``. :pr:`1355` - A context's ``show_default`` parameter defaults to the value from the parent context. :issue:`1565` - ``click.style()`` can output 256 and RGB color codes. Most modern terminals support these codes. :pr:`1429` - When using ``CliRunner.invoke()``, the replaced ``stdin`` file has ``name`` and ``mode`` attributes. This lets ``File`` options with the ``-`` value match non-testing behavior. :issue:`1064` - When creating a ``Group``, allow passing a list of commands instead of a dict. :issue:`1339` - When a long option name isn't valid, use ``difflib`` to make better suggestions for possible corrections. :issue:`1446` - Core objects have a ``to_info_dict()`` method. This gathers information about the object's structure that could be useful for a tool generating user-facing documentation. To get the structure of an entire CLI, use ``Context(cli).to_info_dict()``. :issue:`461` - Redesign the shell completion system. :issue:`1484`, :pr:`1622` - Support Bash >= 4.4, Zsh, and Fish, with the ability for extensions to add support for other shells. - Allow commands, groups, parameters, and types to override their completions suggestions. - Groups complete the names commands were registered with, which can differ from the name they were created with. - The ``autocompletion`` parameter for options and arguments is renamed to ``shell_complete``. The function must take ``ctx, param, incomplete``, must do matching rather than return all values, and must return a list of strings or a list of ``CompletionItem``. The old name and behavior is deprecated and will be removed in 8.1. - The env var values used to start completion have changed order. The shell now comes first, such as ``{shell}_source`` rather than ``source_{shell}``, and is always required. - Completion correctly parses command line strings with incomplete quoting or escape sequences. :issue:`1708` - Extra context settings (``obj=...``, etc.) are passed on to the completion system. :issue:`942` - Include ``--help`` option in completion. :pr:`1504` - ``ParameterSource`` is an ``enum.Enum`` subclass. :issue:`1530` - Boolean and UUID types strip surrounding space before converting. :issue:`1605` - Adjusted error message from parameter type validation to be more consistent. Quotes are used to distinguish the invalid value. :issue:`1605` - The default value for a parameter with ``nargs`` > 1 and ``multiple=True`` must be a list of tuples. :issue:`1649` - When getting the value for a parameter, the default is tried in the same section as other sources to ensure consistent processing. :issue:`1649` - All parameter types accept a value that is already the correct type. :issue:`1649` - For shell completion, an argument is considered incomplete if its value did not come from the command line args. :issue:`1649` - Added ``ParameterSource.PROMPT`` to track parameter values that were prompted for. :issue:`1649` - Options with ``nargs`` > 1 no longer raise an error if a default is not given. Parameters with ``nargs`` > 1 default to ``None``, and parameters with ``multiple=True`` or ``nargs=-1`` default to an empty tuple. :issue:`472` - Handle empty env vars as though the option were not passed. This extends the change introduced in 7.1 to be consistent in more cases. :issue:`1285` - ``Parameter.get_default()`` checks ``Context.default_map`` to handle overrides consistently in help text, ``invoke()``, and prompts. :issue:`1548` - Add ``prompt_required`` param to ``Option``. When set to ``False``, the user will only be prompted for an input if no value was passed. :issue:`736` - Providing the value to an option can be made optional through ``is_flag=False``, and the value can instead be prompted for or passed in as a default value. :issue:`549, 736, 764, 921, 1015, 1618` - Fix formatting when ``Command.options_metavar`` is empty. :pr:`1551` - Revert adding space between option help text that wraps. :issue:`1831` - The default value passed to ``prompt`` will be cast to the correct type like an input value would be. :pr:`1517` - Automatically generated short help messages will stop at the first ending of a phrase or double linebreak. :issue:`1082` - Skip progress bar render steps for efficiency with very fast iterators by setting ``update_min_steps``. :issue:`676` - Respect ``case_sensitive=False`` when doing shell completion for ``Choice`` :issue:`1692` - Use ``mkstemp()`` instead of ``mktemp()`` in pager implementation. :issue:`1752` - If ``Option.show_default`` is a string, it is displayed even if ``default`` is ``None``. :issue:`1732` - ``click.get_terminal_size()`` is deprecated and will be removed in 8.1. Use :func:`shutil.get_terminal_size` instead. :issue:`1736` - Control the location of the temporary directory created by ``CLIRunner.isolated_filesystem`` by passing ``temp_dir``. A custom directory will not be removed automatically. :issue:`395` - ``click.confirm()`` will prompt until input is given if called with ``default=None``. :issue:`1381` - Option prompts validate the value with the option's callback in addition to its type. :issue:`457` - ``confirmation_prompt`` can be set to a custom string. :issue:`723` - Allow styled output in Jupyter on Windows. :issue:`1271` - ``style()`` supports the ``strikethrough``, ``italic``, and ``overline`` styles. :issue:`805, 1821` - Multiline marker is removed from short help text. :issue:`1597` - Restore progress bar behavior of echoing only the label if the file is not a TTY. :issue:`1138` - Progress bar output is shown even if execution time is less than 0.5 seconds. :issue:`1648` - Progress bar ``item_show_func`` shows the current item, not the previous item. :issue:`1353` - The ``Path`` param type can be passed ``path_type=pathlib.Path`` to return a path object instead of a string. :issue:`405` - ``TypeError`` is raised when parameter with ``multiple=True`` or ``nargs > 1`` has non-iterable default. :issue:`1749` - Add a ``pass_meta_key`` decorator for passing a key from ``Context.meta``. This is useful for extensions using ``meta`` to store information. :issue:`1739` - ``Path`` ``resolve_path`` resolves symlinks on Windows Python < 3.8. :issue:`1813` - Command deprecation notice appears at the start of the help text, as well as in the short help. The notice is not in all caps. :issue:`1791` - When taking arguments from ``sys.argv`` on Windows, glob patterns, user dir, and env vars are expanded. :issue:`1096` - Marked messages shown by the CLI with ``gettext()`` to allow applications to translate Click's built-in strings. :issue:`303` - Writing invalid characters to ``stderr`` when using the test runner does not raise a ``UnicodeEncodeError``. :issue:`848` - Fix an issue where ``readline`` would clear the entire ``prompt()`` line instead of only the input when pressing backspace. :issue:`665` - Add all kwargs passed to ``Context.invoke()`` to ``ctx.params``. Fixes an inconsistency when nesting ``Context.forward()`` calls. :issue:`1568` - The ``MultiCommand.resultcallback`` decorator is renamed to ``result_callback``. The old name is deprecated. :issue:`1160` - Fix issues with ``CliRunner`` output when using ``echo_stdin=True``. :issue:`1101` - Fix a bug of ``click.utils.make_default_short_help`` for which the returned string could be as long as ``max_width + 3``. :issue:`1849` - When defining a parameter, ``default`` is validated with ``multiple`` and ``nargs``. More validation is done for values being processed as well. :issue:`1806` - ``HelpFormatter.write_text`` uses the full line width when wrapping text. :issue:`1871` ```

Links

- PyPI: https://pypi.org/project/click - Changelog: https://data.safetycli.com/changelogs/click/ - Homepage: https://palletsprojects.com/p/click/

Update pycodestyle from 2.7.0 to 2.11.1.

Changelog

### 2.11.1 ``` ------------------- Changes: * E275: fix false positive with fstrings containing keyword parts in python 3.12 ``` ### 2.11.0 ``` ------------------- Changes: * Drop EOL python 3.6 / 3.7. PR 1129, 1160. * Add support for python 3.12. PR 1147, 1148, 1152, 1153, 1154, 1163, 1164, 1165, 1166, 1176, 1177, 1182. * E721: adjust handling of type comparison. Allowed forms are now ``isinstance(x, t)`` or ``type(x) is t``. PR 1086, 1167. * Remove handling of python 2 ``<>`` operator. PR 1161. * W606: removed. ``async`` / ``await`` are always keywords. PR 1162. * Internal: move tests to pytest. PR 1168, 1169, 1171, 1173, 1174, 1175. * Remove handling of python 2 ``ur''`` strings. PR 1181. ``` ### 2.10.0 ``` ------------------- Changes: * E231: allow trailing comma inside 1-tuples in ``[]``. PR 1108. * W601, W602, W603, W604: removed (no longer relevant in python 3). PR 1111. * E741: also apply to lambdas. PR 1106. * E741: fix false positive for comparison operators. PR 1118. ``` ### 2.9.1 ``` ------------------ Changes: * E275: fix false positive for yield expressions. PR 1091. ``` ### 2.9.0 ``` ------------------ Changes: * E221, E222, E223, E224: add support for ``:=`` operator. PR 1032. * Drop python 2.7 / 3.5. * E262: consider non-breaking spaces (``\xa0``) as whitespace. PR 1035. * Improve performance of ``_is_binary_operator``. PR 1052. * E275: requires whitespace around keywords. PR 1063. * Add support for python 3.11. PR 1070. ``` ### 2.8.0 ``` ------------------ Changes: * Drop python 3.4. PR 982. * E712: fix false negative with multiple comparisons. PR 987. * E211: fix false positives with ``match``. PR 989. * E772: improve performance of bare except check. PR 992. * Backport tokenize performance improvement from python 3.10. PR 993. * E225: fix for lambdas containing positional-only args. PR 1012. * Remove ``indent_size_str`` "setting". PR 995. * E402: allow ``__all__`` to be typed. PR 1019. * E225: fix false positives for ``*`` in ``case``. PR 1003. * E201: detect tabs as whitespace. PR 1015. ```

Links

- PyPI: https://pypi.org/project/pycodestyle - Changelog: https://data.safetycli.com/changelogs/pycodestyle/ - Homepage: https://pycodestyle.pycqa.org/

Update pyflakes from 2.3.1 to 3.2.0.

Changelog

### 3.2.0 ``` - Add support for ``*T`` (TypeVarTuple) and ``**P`` (ParamSpec) in PEP 695 annotations. ``` ### 3.1.0 ``` - Drop support for EOL python 3.6 / 3.7 - Remove ``ContinueInFinally`` check (only relevant in python < 3.8) - Fix forward annotations inside a nested scope - Produce an error when a definition shadows an unused variable - Fix accessed global annotation being redefined in a local scope - Allow redefinition of functions across ``match`` arms - Fix potential ``None`` for ``lineno`` during tokenization errors - Add support for PEP 695 and python 3.12 ``` ### 3.0.1 ``` - Fix crash on augmented assign to ``print`` builtin ``` ### 3.0.0 ``` - Detect undefined name in variable defined by an annotated assignment - Add a new error for names which are annotated but unused - Remove handling of python 2.x `` type:`` comments. Use annotations instead ``` ### 2.5.0 ``` - Drop support for EOL python 2.7 / 3.4 / 3.5 - Ignore ``__all__`` when not directly assigned - Handle ``TypeAlias`` annotations as aliases (PEP 613) - Assignment expressions (``:=``) target outer scope in comprehensions - Add support for new python 3.11 syntax - Unify output so it is always ``filename:lineno:col: message`` - Properly report ``SyntaxError`` from stdin in python < 3.9 - Fix offsets of ``SyntaxError``s in pypy ``` ### 2.4.0 ``` - Remove unused tracing code (``traceTree``) - Add support for ``match`` statement - Detect ``typing`` module attributes when imported with ``import ... as ...`` ```

Links

- PyPI: https://pypi.org/project/pyflakes - Changelog: https://data.safetycli.com/changelogs/pyflakes/ - Repo: https://github.com/PyCQA/pyflakes

Update six from 1.15.0 to 1.16.0.

Changelog

### 1.16.0 ``` ------ - Pull request 343, issue 341, pull request 349: Port _SixMetaPathImporter to Python 3.10. ```

Links

- PyPI: https://pypi.org/project/six - Changelog: https://data.safetycli.com/changelogs/six/ - Repo: https://github.com/benjaminp/six

[pyup-bot]

Closing this in favor of #456