Bumps the backend-tests-python-dependencies group with 2 updates in the /backend/services/iot-manager/tests directory: docker and requests.
Bumps the backend-tests-python-dependencies group with 22 updates in the /backend/tests directory:
This is a fix release for the 8.1.x feature branch. If you were having issues with type checking tools like pyright or mypy not accepting uses of Click's decorators, this should fix that.
This is a fix release for the 8.1.x feature branch. This fixes an issue with decorator type annotations that caused type checkers to fail for valid code. There are no runtime behavior changes.
The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. #5448
Don't initialize the cli attribute in the sansio scaffold, but rather in the Flask concrete class. #5270
3.0.2
This is a fix release for the 3.0.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.
This is a fix release for the 3.0.x feature release branch.
Fixes an issue where using other JSON providers, such as flask-orjson, previously caused loaded session data to have an incorrect format in some cases.
This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 3.0.x branch is now the supported fix branch, the 2.3.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.
The default hashlib.sha1 may not be available in FIPS builds. Don't
access it at import time so the developer has time to change the default.
:issue:5448
Don't initialize the cli attribute in the sansio scaffold, but rather in
the Flask concrete class. :pr:5270
Version 3.0.2
Released 2024-02-03
Correct type for jinja_loader property. :issue:5388
Fix error with --extra-files and --exclude-patterns CLI options.
:issue:5391
Version 3.0.1
Released 2024-01-18
Correct type for path argument to send_file. :issue:5230
Fix a typo in an error message for the flask run --key option. :pr:5344
Session data is untagged without relying on the built-in json.loadsobject_hook. This allows other JSON providers that don't implement that.
:issue:5381
Address more type findings when using mypy strict mode. :pr:5383
Version 3.0.0
Released 2023-09-30
Remove previously deprecated code. :pr:5223
Deprecate the __version__ attribute. Use feature detection, or
importlib.metadata.version("flask"), instead. :issue:5230
Restructure the code such that the Flask (app) and Blueprint
classes have Sans-IO bases. :pr:5127
This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 2.2.x branch is now the supported fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.
Use modern packaging metadata with pyproject.toml instead of setup.cfg.
Use flit_core instead of setuptools as build backend.
Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("itsdangerous"), instead.
Serializer and the return type of dumps is generic for type checking. By default it is Serializer[str] and dumps returns a str. If a different serializer argument is given, it will try to infer the return type of its dumps method.
The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default.
Use modern packaging metadata with pyproject.toml instead of setup.cfg.
:pr:326
Use flit_core instead of setuptools as build backend.
Deprecate the __version__ attribute. Use feature detection, or
importlib.metadata.version("itsdangerous"), instead. :issue:371
Serializer and the return type of dumps is generic for type checking.
By default it is Serializer[str] and dumps returns a str. If a
different serializer argument is given, it will try to infer the return
type of its dumps method. :issue:347
The default hashlib.sha1 may not be available in FIPS builds. Don't
access it at import time so the developer has time to change the default.
:issue:375
This is a fix release for the 2.1.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.
Fixes a regression in striptags behavior from 2.14. Spaces are now collapsed correctly.
This is a fix release for the 2.1.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.
Improves performance of the Markup.striptags method for large input.
Restore behavior where parsing multipart/x-www-form-urlencoded data with
invalid UTF-8 bytes in the body results in no form data parsed rather than a
413 error. #2930
Improve parse_options_header performance when parsing unterminated
quoted string values. #2904
Debugger pin auth is synchronized across threads/processes when tracking
failed entries. #2916
Dev server handles unexpected SSLEOFError due to issue in Python < 3.13.
#2926
Debugger pin auth works when the URL already contains a query string.
#2918
Restore behavior where parsing multipart/x-www-form-urlencoded data with
invalid UTF-8 bytes in the body results in no form data parsed rather than a
413 error. :issue:2930
Improve parse_options_header performance when parsing unterminated
quoted string values. :issue:2904
Debugger pin auth is synchronized across threads/processes when tracking
failed entries. :issue:2916
Dev server handles unexpected SSLEOFError due to issue in Python < 3.13.
:issue:2926
Debugger pin auth works when the URL already contains a query string.
:issue:2918
Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
HTTPAdapter. (#6716)
Fixed issue where Requests started failing to run on Python versions compiled
without the ssl module. (#6724)
v2.32.2
2.32.2 (2024-05-21)
Deprecations
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
v2.32.1
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
verify=True now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (#6667)
Requests now supports optional use of character detection
(chardet or charset_normalizer) when repackaged or vendored.
Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
HTTPAdapter. (#6716)
Fixed issue where Requests started failing to run on Python versions compiled
without the ssl module. (#6724)
2.32.2 (2024-05-21)
Deprecations
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
verify=True now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (#6667)
Requests now supports optional use of character detection
(chardet or charset_normalizer) when repackaged or vendored.
This enables pip and other projects to minimize their vendoring
surface area. The Response.text() and apparent_encoding APIs
will default to utf-8 if neither library is present. (#6702)
#12652: Resolve regression [conda]{.title-ref} environments where no longer being automatically detected.
-- by RonnyPfannschmidt{.interpreted-text role="user"}
8.3.1
pytest 8.3.1 (2024-07-20)
The 8.3.0 release failed to include the change notes and docs for the release. This patch release remedies this. There are no other changes.
8.3.0
pytest 8.3.0 (2024-07-20)
New features
#12231: Added [--xfail-tb]{.title-ref} flag, which turns on traceback output for XFAIL results.
If the [--xfail-tb]{.title-ref} flag is not given, tracebacks for XFAIL results are NOT shown.
The style of traceback for XFAIL is set with [--tb]{.title-ref}, and can be [auto|long|short|line|native|no]{.title-ref}.
Note: Even if you have [--xfail-tb]{.title-ref} set, you won't see them if [--tb=no]{.title-ref}.
Some history:
With pytest 8.0, [-rx]{.title-ref} or [-ra]{.title-ref} would not only turn on summary reports for xfail, but also report the tracebacks for xfail results. This caused issues with some projects that utilize xfail, but don't want to see all of the xfail tracebacks.
This change detaches xfail tracebacks from [-rx]{.title-ref}, and now we turn on xfail tracebacks with [--xfail-tb]{.title-ref}. With this, the default [-rx]{.title-ref}/ [-ra]{.title-ref} behavior is identical to pre-8.0 with respect to xfail tracebacks. While this is a behavior change, it brings default behavior back to pre-8.0.0 behavior, which ultimately was considered the better course of action.
#12281: Added support for keyword matching in marker expressions.
Now tests can be selected by marker keyword arguments.
Supported values are int{.interpreted-text role="class"}, (unescaped) str{.interpreted-text role="class"}, bool{.interpreted-text role="class"} & None{.interpreted-text role="data"}.
See marker examples <marker_keyword_expression_example>{.interpreted-text role="ref"} for more information.
-- by lovetheguitar{.interpreted-text role="user"}
#12567: Added --no-fold-skipped command line option.
If this option is set, then skipped tests in short summary are no longer grouped
by reason but all tests are printed individually with their nodeid in the same
way as other statuses.
PyMongo 4.8 brings a number of improvements including:
The handshake metadata for "os.name" on Windows has been simplified to "Windows" to improve import time.
The repr of bson.binary.Binary is now redacted when the subtype is SENSITIVE_SUBTYPE(8).
Secure Software Development Life Cycle automation for release process.
GitHub Releases now include a Software Bill of Materials, and signature
files corresponding to the distribution files released on PyPI.
Fixed a bug in change streams where both startAtOperationTime and resumeToken
could be added to a retry attempt, which caused the retry to fail.
Fallback to stdlib ssl module when pyopenssl import fails with AttributeError.
Improved performance of MongoClient operations, especially when many operations are being run concurrently.
Unavoidable breaking changes
Since we are now using hatch as our build backend, we no longer have a usable setup.py file
and require installation using pip. Attempts to invoke the setup.py file will raise an exception.
Additionally, pip >= 21.3 is now required for editable installs.
.. warning:: PyMongo 4.8 drops support for Python 3.7 and PyPy 3.8: Python 3.8+ or PyPy 3.9+ is now required.
PyMongo 4.8 brings a number of improvements including:
The handshake metadata for "os.name" on Windows has been simplified to "Windows" to improve import time.
The repr of bson.binary.Binary is now redacted when the subtype is SENSITIVE_SUBTYPE(8).
Secure Software Development Life Cycle automation for release process.
GitHub Releases now include a Software Bill of Materials, and signature
files corresponding to the distribution files released on PyPI.
Fixed a bug in change streams where both startAtOperationTime and resumeToken
could be added to a retry attempt, which caused the retry to fail.
Fallback to stdlib ssl module when pyopenssl import fails with AttributeError.
Improved performance of MongoClient operations, especially when many operations are being run concurrently.
Since we are now using hatch as our build backend, we no longer have a usable setup.py file
and require installation using pip. Attempts to invoke the setup.py file will raise an exception.
Additionally, pip >= 21.3 is now required for editable installs.
Issues Resolved
...............
See the PyMongo 4.8 release notes in JIRA_ for the list of resolved issues
in this release.
Bumps the backend-tests-python-dependencies group with 5 updates in the /backend/services/deployments/tests/mock-workflows directory:
8.1.3
8.1.7
2.2.5
3.0.3
2.1.2
2.2.0
2.1.2
2.1.5
3.0.3
3.0.4
Bumps the backend-tests-python-dependencies group with 2 updates in the /backend/services/iot-manager/tests directory: docker and requests. Bumps the backend-tests-python-dependencies group with 22 updates in the /backend/tests directory:
8.1.1
8.3.2
4.6.3
4.8.0
2024.7.4
2024.8.30
2.32.2
2.32.3
3.7
3.8
9.2.2
11.0.3
1.34.101
1.35.10
42.0.5
43.0.0
7.2.5
7.2.8
6.0.1
6.0.2
5.0.4
5.0.8
2.0.4
3.0.0
9.9.0
10.9.0
23.2.0
24.2.0
1.16.0
1.17.0
3.14.0
3.15.4
29.0.0
30.1.0
24.0
24.1
10.3.0
10.4.0
3.1.2
3.1.4
1.0.10
1.1.0
12.0
13.0.1
Updates
click
from 8.1.3 to 8.1.7Release notes
Sourced from click's releases.
Changelog
Sourced from click's changelog.
... (truncated)
Commits
874ca2b
release version 8.1.76e1f6d3
completion(fish): add back ; as line endings in fish script (#2570)a955c77
update fish enabling script3c1529e
add back semicolons in fish scripta260ca6
Replace bash shell completion version error with warning (#2576)d9db70c
bash version support shows warning instead of error22b9b1c
Fix incorrect passing of flags to re.sub (#2581)d69d210
fix flake8 findingaf2da1e
Fix incorrect passing of flags to re.subbb6a872
start version 8.1.7Updates
flask
from 2.2.5 to 3.0.3Release notes
Sourced from flask's releases.
... (truncated)
Changelog
Sourced from flask's changelog.
... (truncated)
Commits
c12a5d8
release version 3.0.35e22cc9
Don't set the cli attribute in the sansio scaffold (#5270)5fdce4c
Don't set the cli attribute in the sansio scaffoldadb7dd9
don't access app.logger when configuring app.loggerb739390
support FIPS builds without SHA-1 (#5460)db46111
access sha1 lazily7320e31
start version 3.0.387d5f5b
update project files (#5457)d5e321b
release version 3.0.2 (#5403)d203059
release version 3.0.2Updates
itsdangerous
from 2.1.2 to 2.2.0Release notes
Sourced from itsdangerous's releases.
Changelog
Sourced from itsdangerous's changelog.
Commits
096c8d4
release version 2.2.07f4dcf8
access sha1 lazily93ae366
change entry for generic serializer135eb23
Generic serializer (#377)999ce7a
Improve generic typing further52890d7
improve generic typing385c0eb
typeSerializer
as generic (#374)01001c6
type Serializer as genericbc88e94
improve typing (#373)69a3bca
improve typingUpdates
markupsafe
from 2.1.2 to 2.1.5Release notes
Sourced from markupsafe's releases.
Changelog
Sourced from markupsafe's changelog.
Commits
fbba4ac
release version 2.1.5c5fa23b
update publish actions60a6512
striptags collapses spaces correctly (#418)0b6bee0
collapse spaces after stripping tags73e6a48
start version 2.1.5d704bf4
use pip-compile, dependabot updates (#419)1f82932
use pip-compile, dependabot updates25a640f
release version 2.1.4 (#414)b7cd652
release version 2.1.43bead8e
update cibuildwheel for 3.12 wheelsUpdates
werkzeug
from 3.0.3 to 3.0.4Release notes
Sourced from werkzeug's releases.
Changelog
Sourced from werkzeug's changelog.
Commits
b933ccb
release version 3.0.4c09de73
debugger works on urls with query string (#2942)1d1d987
debugger works on urls with query string32a77a0
treat SSLEOFError as dropped connection (#2941)cf18d03
treat SSLEOFError as dropped connectiona1db120
synchronize failed pin entry (#2940)6504819
synchronize failed pin entry7abec4b
improve parse_options_header performance (#2939)3a893d2
improve parse_options_header performance3a52597
restore invalid bytes behavior for form parser (#2938)Updates
docker
from 6.1.3 to 7.1.0Release notes
Sourced from docker's releases.
... (truncated)
Commits
a365202
Merge pull request #3264 from krissetto/rename-env-var-in-release-pipeline1ab40c8
Fix env var name in release pipeline to match hatch expectationsb33088e
Merge pull request #3263 from krissetto/fix-release-pipeline45488ac
Fix env var name in release pipeline20879ec
Merge pull request #3262 from krissetto/changelog-7.1.04f2a26d
Added 7.1.0 changelog7785ad9
Merge pull request #3257 from felixfontein/requests-hotfixd8e9bcb
requests 2.32.0 and 2.32.1 have been yanked.2a059a9
Extend fix to requests 2.32.2+.e33e0a4
Hotfix for requests 2.32.0.Updates
requests
from 2.31.0 to 2.32.3Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
0e322af
v2.32.3e188799
Don't create default SSLContext if ssl module isn't present (#6724)145b539
Merge pull request #6716 from sigmavirus24/bug/6715b1d73dd
Don't use default SSLContext with custom poolmanager kwargs6badbac
Update HISTORY.mda62a2d3
Allow for overriding of specific pool key params88dce9d
v2.32.2c98e4d1
Merge pull request #6710 from nateprewitt/api_rename92075b3
Add deprecation warningaa1461b
Move _get_connection to get_connection_with_tls_contextUpdates
pytest
from 8.1.1 to 8.3.2Release notes
Sourced from pytest's releases.
... (truncated)
Commits
bbcec9c
Prepare release version 8.3.278fe8b6
Merge pull request #12657 from pytest-dev/patchback/backports/8.3.x/6c806b499...238bad2
Merge pull request #12656 from RonnyPfannschmidt/fix-12652-detect-conda-envae6034a
Merge pull request #12641 from pytest-dev/patchback/backports/8.3.x/c03989cee...31337ab
Merge pull request #12640 from pytest-dev/update-userca3070b
Merge pull request #12637 from pytest-dev/release-8.3.1de98446
Prepare release version 8.3.1bd0a042
Merge pull request #12636 from pytest-dev/update-release-notes664325b
doc/changelog: update 8.3.0 notes19d225d
Merge pull request #12635 from pytest-dev/release-8.3.0Updates
pymongo
from 4.6.3 to 4.8.0Release notes
Sourced from pymongo's releases.
Changelog
Sourced from pymongo's changelog.
... (truncated)
Commits
d504d14
BUMP 4.8.0ab9e748
PYTHON-4515 Improve 4.8 changelog (#1713)2fdf707
PYTHON-4507 [v4.8] pip>=21.3 is required for editable installs (#1711)5139adb
PYTHON-4515 [v4.8] Update changelog for 4.8 (#1710)b3c55ff
BUMP 4.8.0.dev1113b9da
BUMP 4.8.0b0585411a
PYTHON-4388 [v4.8] Fix security events handling in release workflow again (#1...f1f4938
PYTHON-4388 [v4.8] Fix permissions in release workflow (#1708)a0d232b
PYTHON-4499 [v4.8] Log pymongo.connection at DEBUG without EventListeners (#1...14ed482
PYTHON-4388 [v4.8] Fix dist handling in SSDLC workflow (#1706)Updates
certifi
from 2024.7.4 to 2024.8.30Commits
325c2fd
2024.08.30 (#304)d66bf5f
Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#302)2150f23
Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#301)fc... _Description has been truncated_