Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
HTTPAdapter. (#6716)
Fixed issue where Requests started failing to run on Python versions compiled
without the ssl module. (#6724)
v2.32.2
2.32.2 (2024-05-21)
Deprecations
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
v2.32.1
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
HTTPAdapter. (#6716)
Fixed issue where Requests started failing to run on Python versions compiled
without the ssl module. (#6724)
2.32.2 (2024-05-21)
Deprecations
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
Performance improvements for combining data files, especially when measuring
line coverage. A few different quadratic behaviors were eliminated. In one
extreme case of combining 700+ data files, the time dropped from more than
three hours to seven minutes. Thanks for Kraken Tech for funding the fix.
Performance improvements for generating HTML reports, with a side benefit of
reducing memory use, closing issue 1791_. Thanks to Daniel Diniz for
helping to diagnose the problem.
Fix: nested matches of exclude patterns could exclude too much code, as
reported in issue 1779_. This is now fixed.
Changed: previously, coverage.py would consider a module docstring to be an
executable statement if it appeared after line 1 in the file, but not
executable if it was the first line. Now module docstrings are never counted
as executable statements. This can change coverage.py's count of the number
of statements in a file, which can slightly change the coverage percentage
reported.
In the HTML report, the filter term and "hide covered" checkbox settings are
remembered between viewings, thanks to Daniel Diniz <pull 1776_>_.
Python 3.13.0b1 is supported.
Fix: parsing error handling is improved to ensure bizarre source files are
handled gracefully, and to unblock oss-fuzz fuzzing, thanks to Liam DeVoe <pull 1788_>. Closes issue 1787.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
The minor update of this production dependency was not automatically approved. For production dependencies, these semver updates can be automatically approved: patch
Bumps the minor-patch group with 7 updates in the / directory:
2.7.1
2.7.2
0.29.0
0.30.1
3.41.11
3.41.13
2.32.0
2.32.3
7.5.1
7.5.3
2.31.0.20240406
2.32.0.20240602
0.4.4
0.4.7
Updates
pydantic
from 2.7.1 to 2.7.2Release notes
Sourced from pydantic's releases.
Changelog
Sourced from pydantic's changelog.
Commits
70ac7a0
fix version08d6ed2
Merge branch '2.7' of https://github.com/pydantic/pydantic into 2.742f544a
fix versiona20da21
2.7.2 prep (#9515)f42ae9b
Logfire annoucement (#9362)451f780
Replace__spec__.parent
with__package__
(#9331)Updates
uvicorn
from 0.29.0 to 0.30.1Release notes
Sourced from uvicorn's releases.
Changelog
Sourced from uvicorn's changelog.
Commits
44a3071
Version 0.30.1 (#2349)6d666d9
Allow horizontal tabs\t
in response header values (#2345)9a6b3a8
Version 0.30.0 (#2348)53fa273
New multiprocess manager (#2183)22873a9
Suppress side-effects of signal propagation (#2317)14ffba8
Simplify CHANGELOG (#2337)5c78192
Add favicon and logo to the documentation (#2336)b9c03a8
Improve type hints on WebSockets implementations (#2335)14bdf04
Usepytestmark
to simplify test suite (#2334)0efd383
Sendcontent-length
header on 5xx (#2304)Updates
atlassian-python-api
from 3.41.11 to 3.41.13Release notes
Sourced from atlassian-python-api's releases.
Commits
e6ac21c
update ci (#1395)64647dd
Adjust linter issues5574b4c
Bamboo: normalize documentaton of that bamboo module5b1699c
Add disable plugin methods743971b
added plugin disable and enable methods (#1393)3de300c
[Doc] fix formatting of doc (#1392)bba9e38
[Confluence] forward start and limit for getting attachments (#1384)e0407e6
Added docs for bulk_update_issue_field method. Fixed docstring. (#1391)588f365
[Confluence] Expand parameter addition for get_draft_page_by_id (#1388)591ca2c
[Jira] Make get_issue_changelog start and limit work. (#1375)Updates
requests
from 2.32.0 to 2.32.3Release notes
Sourced from requests's releases.
Changelog
Sourced from requests's changelog.
Commits
0e322af
v2.32.3e188799
Don't create default SSLContext if ssl module isn't present (#6724)145b539
Merge pull request #6716 from sigmavirus24/bug/6715b1d73dd
Don't use default SSLContext with custom poolmanager kwargs6badbac
Update HISTORY.mda62a2d3
Allow for overriding of specific pool key params88dce9d
v2.32.2c98e4d1
Merge pull request #6710 from nateprewitt/api_rename92075b3
Add deprecation warningaa1461b
Move _get_connection to get_connection_with_tls_contextUpdates
coverage
from 7.5.1 to 7.5.3Changelog
Sourced from coverage's changelog.
Commits
f310d7e
docs: sample HTML for 7.5.3a51d52f
docs: prep for 7.5.3b666f3a
perf: it's faster in all versions if we don't cache tokenize #1791a2b4929
docs: changelog entry forcombine
performance improvementsb9aff50
perf: don't read full line_bits table each timec45ebac
perf: cache alias mapping390cb97
perf: avoid quadratic behavior when combining line coveraged3caf53
docs(build): tweaks to howto909e887
build: bump version242adea
build: don't claim pre-alpha-1 in classifiersUpdates
types-requests
from 2.31.0.20240406 to 2.32.0.20240602Commits
Updates
ruff
from 0.4.4 to 0.4.7Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
1ad5f9c
Bump version to v0.4.7 (#11646)e914bc3
F401 sort bindings before adding to all (#11648)27f6f04
[red-knot] initial (very incomplete) flow graph (#11624)d62a617
red-knot: Don't refer toModule
instances as IDs (#11649)16a926d
[red-knot] infer int literal types (#11623)05566c6
UpdateWho's Using Ruff?
section to includeGodot
(#11647)7ce17b7
Add Vim and Kate setup guide forruff server
(#11615)f9a6450
Use char index rather than position for indent slice (#11645)8a25531
red-knot: improve internal documentation inmodule.rs
(#11638)9b6d2ce
Fix incorect placement of trailing stub function comments (#11632)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show