Bump the pip group across 1 directory with 7 updates

[dependabot[bot]]

Bumps the pip group with 7 updates in the /adminpage directory:

Package	From	To
pyjwt	1.7.1	2.4.0
djangorestframework	3.11.2	3.15.2
pillow	8.1.1	10.3.0
sentry-sdk	0.16.5	2.8.0
django-sendfile2	0.6.0	0.7.0
requests	2.25.1	2.32.2
django-tinymce	3.4.0	4.1.0

Updates pyjwt from 1.7.1 to 2.4.0

Release notes

Sourced from pyjwt's releases.

2.4.0

Security

• [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24

What's Changed

• Add support for Python 3.10 by @​hugovk in jpadilla/pyjwt#699
• Don't use implicit optionals by @​rekyungmin in jpadilla/pyjwt#705
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#708
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#710
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#711
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#712
• documentation fix: show correct scope for decode_complete() by @​sseering in jpadilla/pyjwt#661
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#716
• Explicit check the key for ECAlgorithm by @​estin in jpadilla/pyjwt#713
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#720
• api_jwk: Add PyJWKSet.getitem by @​woodruffw in jpadilla/pyjwt#725
• Update usage.rst by @​guneybilen in jpadilla/pyjwt#727
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#728
• fix: Update copyright information by @​kkirsche in jpadilla/pyjwt#729
• Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @​dmahr1 in jpadilla/pyjwt#734
• Fixed typo in usage.rst by @​israelabraham in jpadilla/pyjwt#738
• Add detached payload support for JWS encoding and decoding by @​fviard in jpadilla/pyjwt#723
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#740
• Raise DeprecationWarning for jwt.decode(verify=...) by @​akx in jpadilla/pyjwt#742
• Don't mutate options dictionary in .decode_complete() by @​akx in jpadilla/pyjwt#743
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#748
• Replace various string interpolations with f-strings by @​akx in jpadilla/pyjwt#744
• Update CHANGELOG.rst by @​hipertracker in jpadilla/pyjwt#751

New Contributors

• @​hugovk made their first contribution in jpadilla/pyjwt#699
• @​rekyungmin made their first contribution in jpadilla/pyjwt#705
• @​sseering made their first contribution in jpadilla/pyjwt#661
• @​estin made their first contribution in jpadilla/pyjwt#713
• @​woodruffw made their first contribution in jpadilla/pyjwt#725
• @​guneybilen made their first contribution in jpadilla/pyjwt#727
• @​dmahr1 made their first contribution in jpadilla/pyjwt#734
• @​israelabraham made their first contribution in jpadilla/pyjwt#738
• @​fviard made their first contribution in jpadilla/pyjwt#723
• @​akx made their first contribution in jpadilla/pyjwt#742
• @​hipertracker made their first contribution in jpadilla/pyjwt#751

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0

2.3.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#700
• Add exception chaining by @​ehdgua01 in jpadilla/pyjwt#702
• Revert "Remove arbitrary kwargs." by @​auvipy in jpadilla/pyjwt#701

... (truncated)

Changelog

Sourced from pyjwt's changelog.

v2.4.0 <https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0>__

Security

- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
Changed

- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713
- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742

Fixed
~~~~~

- Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705
- documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661
- fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729
- Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743

Added
~~~~~

- Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699
- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725
- Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727
- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734
- Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738
- Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723
- Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744
- Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751

`v2.3.0 <https://github.com/jpadilla/pyjwt/compare/2.2.0...2.3.0>`__
-----------------------------------------------------------------------

Fixed
~~~~~

- Revert "Remove arbitrary kwargs." `[#701](https://github.com/jpadilla/pyjwt/issues/701) <https://github.com/jpadilla/pyjwt/pull/701>`__

Added
~~~~~

- Add exception chaining `[#702](https://github.com/jpadilla/pyjwt/issues/702) <https://github.com/jpadilla/pyjwt/pull/702>`__

`v2.2.0 <https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0>`__
-----------------------------------------------------------------------

</tr></table> 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>

<ul>
<li><a href="https://github.com/jpadilla/pyjwt/commit/83ff831a4d11190e3a0bed781da43f8d84352653"><code>83ff831</code></a> chore: update changelog</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/4c1ce8fd9019dd312ff257b5141cdb6d897379d9"><code>4c1ce8f</code></a> chore: update changelog</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/96f3f0275745c5a455c019a0d3476a054980e8ea"><code>96f3f02</code></a> fix: failing advisory test</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc"><code>9c52867</code></a> Merge pull request from GHSA-ffqj-6fqr-9h24</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/24b29adfebcb4f057a3cef5aaf35653bc0c1c8cc"><code>24b29ad</code></a> Update CHANGELOG.rst (<a href="https://redirect.github.com/jpadilla/pyjwt/issues/751">#751</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/31f5acb8fb3ec6cdfe2b1b0a4a8f329b5f3ca67f"><code>31f5acb</code></a> Replace various string interpolations with f-strings (<a href="https://redirect.github.com/jpadilla/pyjwt/issues/744">#744</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/5581a31c21de70444c1162bcfa29f7e0fc86edda"><code>5581a31</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/jpadilla/pyjwt/issues/748">#748</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/3d4d82248f1120c87f1f4e0e8793eaa1d54843a6"><code>3d4d822</code></a> Don't mutate options dictionary in .decode_complete() (<a href="https://redirect.github.com/jpadilla/pyjwt/issues/743">#743</a>)</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/1f1fe15bb41846c602b3e106176b2c692b93a613"><code>1f1fe15</code></a> Add a deprecation warning when jwt.decode() is called with the legacy verify=...</li>
<li><a href="https://github.com/jpadilla/pyjwt/commit/35fa28e59d99b99c6a780d2a029a74d6bbba8b1e"><code>35fa28e</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/jpadilla/pyjwt/issues/740">#740</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/1.7.1...2.4.0">compare view</a></li>
</ul>
</details>

<br />


Updates `djangorestframework` from 3.11.2 to 3.15.2

Release notes
Sourced from djangorestframework's releases.

Version 3.15.1
What's Changed

Update the message to be consistent with the Django `HttpResponseBa… by @​maycuatroi in encode/django-rest-framework#9287
Make inflection package truly optional by @​browniebroke in encode/django-rest-framework#9303
Fix broken links in release notes for 3.15 by @​browniebroke in encode/django-rest-framework#9305
TokenAdmin.autocomplete_fields Breaks Some Use Cases, Revert by @​alexdlaird in encode/django-rest-framework#9301
Add drf-sendables to third-party-packages.md by @​amikrop in encode/django-rest-framework#9261
Revert "feat: Add some changes to ValidationError to support django style vad…" by @​auvipy in encode/django-rest-framework#9326
Revert "Re-prefetch related objects after updating" by @​auvipy in encode/django-rest-framework#9327
Revert #8863 by @​tomchristie in encode/django-rest-framework#9330
Revert #8009 by @​tomchristie in encode/django-rest-framework#9332
Revert #9030 by @​tomchristie in encode/django-rest-framework#9333
Revert "Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces" by @​auvipy in encode/django-rest-framework#9335
SearchFilter.get_search_terms returns list. by @​tomchristie in encode/django-rest-framework#9338
Version 3.15.1 by @​tomchristie in encode/django-rest-framework#9339

New Contributors

@​maycuatroi made their first contribution in encode/django-rest-framework#9287
@​alexdlaird made their first contribution in encode/django-rest-framework#9301

Full Changelog: https://github.com/encode/django-rest-framework/compare/3.15.0...3.15.1
Version 3.14.0

Django 2.2 is no longer supported. #8662
Django 4.1 compatibility. #8591
Add --api-version CLI option to generateschema management command. #8663
Enforce is_valid(raise_exception=False) as a keyword-only argument. #7952
Stop calling set_context on Validators. #8589
Return NotImplemented from ErrorDetails.__ne__. #8538
Don't evaluate DateTimeField.default_timezone when a custom timezone is set. #8531
Make relative URLs clickable in Browseable API. #8464
Support ManyRelatedField falling back to the default value when the attribute specified by dot notation doesn't exist. Matches ManyRelatedField.get_attribute to Field.get_attribute. #7574
Make schemas.openapi.get_reference public. #7515
Make ReturnDict support dict union operators on Python 3.9 and later. #8302
Update throttling to check if request.user is set before checking if the user is authenticated. #8370

Version 3.13.1

Revert schema naming changes with function based @api_view. #8297

Version 3.13.0

Django 4.0 compatability. #8178
Add max_length and min_length options to ListSerializer. #8165
Add get_request_serializer and get_response_serializer hooks to AutoSchema. #7424
Fix OpenAPI representation of null-able read only fields. #8116
Respect UNICODE_JSON setting in API schema outputs. #7991
Fix for RemoteUserAuthentication. #7158
Make Field constructors keyword-only. #7632

3.12.4
No release notes provided.



Commits

c7a7eae Version 3.15.2 (#9439)
3b41f01 Fix potential XSS vulnerability in break_long_headers template filter (#9435)
fe92f0d Add __hash__ method for permissions.OperandHolder class (#9417)
fbdab09 docs: Correct some evaluation results and a httpie option in Tutorial1 (#9421)
36d5c0e tests: Check urlpatterns after cleanups (#9400)
9d4ed05 Don't use Windows line endings
b34bde4 Fix typo in setup.cfg setting
ab681f2 Update requirements in docs
2237724 bump pygments (security hygiene)
d58b8da Update deprecation hints
Additional commits viewable in compare view





Updates `pillow` from 8.1.1 to 10.3.0

Release notes
Sourced from pillow's releases.

10.3.0
https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html
Changes

CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [@​hugovk]
Use functools.lru_cache for hopper() #7912 [@​hugovk]
Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [@​radarhere]
Improve speed of loading QOI images #7925 [@​radarhere]
Added RGB to I;16N conversion #7920 [@​radarhere]
Add --report argument to main.py to omit supported formats #7818 [@​nulano]
Added RGB to I;16, I;16L and I;16B conversion #7918 [@​radarhere]
Fix editable installation with custom build backend and configuration options #7658 [@​nulano]
Fix putdata() for I;16N on big-endian #7209 [@​Yay295]
Determine MPO size from markers, not EXIF data #7884 [@​radarhere]
Improved conversion from RGB to RGBa, LA and La #7888 [@​radarhere]
Support FITS images with GZIP_1 compression #7894 [@​radarhere]
Use I;16 mode for 9-bit JPEG 2000 images #7900 [@​scaramallion]
Raise ValueError if kmeans is negative #7891 [@​radarhere]
Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [@​radarhere]
Raise ValueError for negative values when loading P1-P3 PPM images #7882 [@​radarhere]
Added reading of JPEG2000 palettes #7870 [@​radarhere]
Added alpha_quality argument when saving WebP images #7872 [@​radarhere]
Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions #7881 [@​radarhere]
Removed Python and NumPy pinning on Cygwin #7880 [@​radarhere]
Update UnidentifiedImageError and version imports #7644 [@​radarhere]
Stop reading EPS image at EOF marker #7753 [@​radarhere]
PSD layer co-ordinates may be negative #7706 [@​radarhere]
Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer #7791 [@​radarhere]
When saving GIF frame that restores to background color, do not fill identical pixels #7788 [@​radarhere]
Fixed reading PNG iCCP compression method #7823 [@​radarhere]
Allow writing IFDRational to UNDEFINED tag #7840 [@​radarhere]
Fix logged tag name when loading Exif data #7842 [@​radarhere]
Use maximum frame size in IHDR chunk when saving APNG images #7821 [@​radarhere]
Prevent opening P TGA images without a palette #7797 [@​radarhere]
Use palette when loading ICO images #7798 [@​radarhere]
Use consistent arguments for load_read and load_seek #7713 [@​radarhere]
Turn off nullability warnings for macOS SDK #7827 [@​radarhere]
Fix shift-sign issue in Convert.c #7838 [@​r-barnes]
winbuild: Refactor dependency versions into constants #7843 [@​hugovk]
Build macOS arm64 wheels natively #7852 [@​radarhere]
Fixed typo #7855 [@​radarhere]
Open 16-bit grayscale PNGs as I;16 #7849 [@​radarhere]
Handle truncated chunks at the end of PNG images #7709 [@​lajiyuan]
Match mask size to pasted image size in GifImagePlugin #7779 [@​radarhere]
Changed SupportsGetMesh protocol to be public #7841 [@​radarhere]
Release GIL while calling WebPAnimDecoderGetNext #7782 [@​evanmiller]
Fixed reading FLI/FLC images with a prefix chunk #7804 [@​twolife]
Updated package name for Tidelift #7810 [@​radarhere]
Removed unused code #7744 [@​radarhere]



... (truncated)


Changelog
Sourced from pillow's changelog.

10.3.0 (2024-04-01)


CVE-2024-28219: Use strncpy to avoid buffer overflow #7928
[radarhere, hugovk]


Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927
[radarhere, hugovk]


Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883
[radarhere]


Add --report argument to __main__.py to omit supported formats #7818
[nulano, radarhere, hugovk]


Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, #7920
[radarhere]


Fix editable installation with custom build backend and configuration options #7658
[nulano, radarhere]


Fix putdata() for I;16N on big-endian #7209
[Yay295, hugovk, radarhere]


Determine MPO size from markers, not EXIF data #7884
[radarhere]


Improved conversion from RGB to RGBa, LA and La #7888
[radarhere]


Support FITS images with GZIP_1 compression #7894
[radarhere]


Use I;16 mode for 9-bit JPEG 2000 images #7900
[scaramallion, radarhere]


Raise ValueError if kmeans is negative #7891
[radarhere]


Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893
[radarhere]


Raise ValueError for negative values when loading P1-P3 PPM images #7882
[radarhere]


Added reading of JPEG2000 palettes #7870
[radarhere]


Added alpha_quality argument when saving WebP images #7872
[radarhere]




... (truncated)


Commits

5c89d88 10.3.0 version bump
63cbfcf Update CHANGES.rst [ci skip]
2776126 Merge pull request #7928 from python-pillow/lcms
aeb51cb Merge branch 'main' into lcms
5beb0b6 Update CHANGES.rst [ci skip]
cac6ffa Merge pull request #7927 from python-pillow/imagemath
f5eeeac Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval
facf3af Added release notes
2a93aba Use strncpy to avoid buffer overflow
a670597 Update CHANGES.rst [ci skip]
Additional commits viewable in compare view





Updates `sentry-sdk` from 0.16.5 to 2.8.0

Release notes
Sourced from sentry-sdk's releases.

2.8.0
Various fixes & improvements

profiler_id uses underscore (#3249) by @​Zylphrex
Don't send full env to subprocess (#3251) by @​kmichel-aiven
Stop using Hub in HttpTransport (#3247) by @​szokeasaurusrex
Remove ipdb from test requirements (#3237) by @​rominf
Avoid propagation of empty baggage (#2968) by @​hartungstenio
Add entry point for SentryPropagator (#3086) by @​mender
Bump checkouts/data-schemas from 8c13457 to 88273a9 (#3225) by @​dependabot

2.7.1
Various fixes & improvements

fix(otel): Fix missing baggage (#3218) by @​sentrivana
This is the config file of asdf-vm which we do not use. (#3215) by @​antonpirker
Added option to disable middleware spans in Starlette (#3052) by @​antonpirker
build: Update tornado version in setup.py to match code check. (#3206) by @​aclemons

2.7.0

Add origin to spans and transactions (#3133) by @​antonpirker
OTel: Set up typing for OTel (#3168) by @​sentrivana
OTel: Auto instrumentation skeleton (#3143) by @​sentrivana
OpenAI: If there is an internal error, still return a value (#3192) by @​colin-sentry
MongoDB: Add MongoDB collection span tag (#3182) by @​0Calories
MongoDB: Change span operation from db.query to db (#3186) by @​0Calories
MongoDB: Remove redundant command name in query description (#3189) by @​0Calories
Apache Spark: Fix spark driver integration (#3162) by @​seyoon-lim
Apache Spark: Add Spark test suite to tox.ini and to CI (#3199) by @​sentrivana
Codecov: Add failed test commits in PRs (#3190) by @​antonpirker
Update library, Python versions in tests (#3202) by @​sentrivana
Remove Hub from our test suite (#3197) by @​antonpirker
Use env vars for default CA cert bundle location (#3160) by @​DragoonAethis
Create a separate test group for AI (#3198) by @​sentrivana
Add additional stub packages for type checking (#3122) by @​Daverball
Proper naming of requirements files (#3191) by @​antonpirker
Pinning pip because new version does not work with some versions of Celery and Httpx (#3195) by @​antonpirker
build(deps): bump supercharge/redis-github-action from 1.7.0 to 1.8.0 (#3193) by @​dependabot
build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#3171) by @​dependabot
build(deps): update pytest-asyncio requirement (#3087) by @​dependabot

2.6.0

Introduce continuous profiling mode (#2830) by @​Zylphrex
Profiling: Add deprecation comment for profiler internals (#3167) by @​sentrivana
Profiling: Move thread data to trace context (#3157) by @​Zylphrex
Explicitly export cron symbols for typecheckers (#3072) by @​spladug
Cleaning up ASGI tests for Django (#3180) by @​antonpirker
Celery: Add Celery receive latency (#3174) by @​antonpirker
Metrics: Update type hints for tag values (#3156) by @​elramen
Django: Fix psycopg3 reconnect error (#3111) by @​szokeasaurusrex



... (truncated)


Changelog
Sourced from sentry-sdk's changelog.

2.8.0
Various fixes & improvements

profiler_id uses underscore (#3249) by @​Zylphrex
Don't send full env to subprocess (#3251) by @​kmichel-aiven
Stop using Hub in HttpTransport (#3247) by @​szokeasaurusrex
Remove ipdb from test requirements (#3237) by @​rominf
Avoid propagation of empty baggage (#2968) by @​hartungstenio
Add entry point for SentryPropagator (#3086) by @​mender
Bump checkouts/data-schemas from 8c13457 to 88273a9 (#3225) by @​dependabot

2.7.1
Various fixes & improvements

fix(otel): Fix missing baggage (#3218) by @​sentrivana
This is the config file of asdf-vm which we do not use. (#3215) by @​antonpirker
Added option to disable middleware spans in Starlette (#3052) by @​antonpirker
build: Update tornado version in setup.py to match code check. (#3206) by @​aclemons

2.7.0

Add origin to spans and transactions (#3133) by @​antonpirker
OTel: Set up typing for OTel (#3168) by @​sentrivana
OTel: Auto instrumentation skeleton (#3143) by @​sentrivana
OpenAI: If there is an internal error, still return a value (#3192) by @​colin-sentry
MongoDB: Add MongoDB collection span tag (#3182) by @​0Calories
MongoDB: Change span operation from db.query to db (#3186) by @​0Calories
MongoDB: Remove redundant command name in query description (#3189) by @​0Calories
Apache Spark: Fix spark driver integration (#3162) by @​seyoon-lim
Apache Spark: Add Spark test suite to tox.ini and to CI (#3199) by @​sentrivana
Codecov: Add failed test commits in PRs (#3190) by @​antonpirker
Update library, Python versions in tests (#3202) by @​sentrivana
Remove Hub from our test suite (#3197) by @​antonpirker
Use env vars for default CA cert bundle location (#3160) by @​DragoonAethis
Create a separate test group for AI (#3198) by @​sentrivana
Add additional stub packages for type checking (#3122) by @​Daverball
Proper naming of requirements files (#3191) by @​antonpirker
Pinning pip because new version does not work with some versions of Celery and Httpx (#3195) by @​antonpirker
build(deps): bump supercharge/redis-github-action from 1.7.0 to 1.8.0 (#3193) by @​dependabot
build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#3171) by @​dependabot
build(deps): update pytest-asyncio requirement (#3087) by @​dependabot

2.6.0

Introduce continuous profiling mode (#2830) by @​Zylphrex
Profiling: Add deprecation comment for profiler internals (#3167) by @​sentrivana
Profiling: Move thread data to trace context (#3157) by @​Zylphrex
Explicitly export cron symbols for typecheckers (#3072) by @​spladug



... (truncated)


Commits

6f4685e Update CHANGELOG.md
7e6998e release: 2.8.0
32335dd fix(profiling): profiler_id uses underscore (#3249)
763e40a fix(integrations): don't send full env to subprocess (#3251)
31efa62 ref(transport): Stop using Hub in HttpTransport (#3247)
defb448 build: Remove ipdb from test requirements (#3237)
407f651 feat(opentelemetry): Add entry point for SentryPropagator (#3086)
eab218c build(deps): bump checkouts/data-schemas from 8c13457 to 88273a9 (#3225)
5782560 fix(opentelemetry): avoid propagation of empty baggage (#2968)
6701616 Merge branch 'release/2.7.1'
Additional commits viewable in compare view





Updates `django-sendfile2` from 0.6.0 to 0.7.0

Release notes
Sourced from django-sendfile2's releases.

v0.7.0

Fix reflected file download vulnerability
Add support for spaces in filenames

v0.6.1

Fixed Django 4.0 compatibility
Add support for Python 3.10
Remove support for Python 3.5 and 3.6
Remove support for Django 3.1




Changelog
Sourced from django-sendfile2's changelog.

0.7.0
:release-date: 2022-08-08

Fix reflected file download vulnerability
Add support for spaces in filenames

0.6.1
:release-date: 2021-01-18

Fixed Django 4.0 compatibility
Add support for Python 3.10
Remove support for Python 3.5 and 3.6
Remove support for Django 3.1




Commits

a13039a Update changelog
4c37085 Merge pull request from GHSA-pcjh-6r5h-r92r
d011d75 feat: support for filenames with spaces (#55)
9d375a8 Remove PyPy (#54)
1857bbe Fix broken CI
5a7a7c6 Update CHANGELOG
50c26a0 House keeping (#53)
6145876 Test against Django 3.2
7faa875 Add docs badge to README
370fe44 Default branch name change
Additional commits viewable in compare view





Updates `requests` from 2.25.1 to 2.32.2

Release notes
Sourced from requests's releases.

v2.32.2
2.32.2 (2024-05-21)
Deprecations


To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)


v2.32.1
2.32.1 (2024-05-20)
Bugfixes

Add missing test certs to the sdist distributed on PyPI.

v2.32.0
2.32.0 (2024-05-20)
🐍 PYCON US 2024 EDITION 🐍
Security

Fixed an issue where setting verify=False on the first request from a
Session will cause subsequent requests to the same origin to also ignore
cert verification, regardless of the value of verify.
(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)

Improvements

verify=True now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (#6667)
Requests now supports optional use of character detection
(chardet or charset_normalizer) when repackaged or vendored.
This enables pip and other projects to minimize their vendoring
surface area. The Response.text() and apparent_encoding<...

_Description has been truncated_