Changelog
### 3.7.4
```
==================
Bugfixes
--------
- **(SECURITY BUG)** Started preventing open redirects in the
``aiohttp.web.normalize_path_middleware`` middleware. For
more details, see
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg.
Thanks to `Beast Glatisant <https://github.com/g147>`__ for
finding the first instance of this issue and `Jelmer Vernooij
<https://jelmer.uk/>`__ for reporting and tracking it down
in aiohttp.
`5497 <https://github.com/aio-libs/aiohttp/issues/5497>`_
- Fix interpretation difference of the pure-Python and the Cython-based
HTTP parsers construct a ``yarl.URL`` object for HTTP request-target.
Before this fix, the Python parser would turn the URI's absolute-path
for ``//some-path`` into ``/`` while the Cython code preserved it as
``//some-path``. Now, both do the latter.
`5498 <https://github.com/aio-libs/aiohttp/issues/5498>`_
----
```
Links
- PyPI: https://pypi.org/project/aiohttp
- Changelog: https://pyup.io/changelogs/aiohttp/
- Repo: https://github.com/aio-libs/aiohttp
Changelog
### 1.5.5
```
:released: February 20, 2021
.. change::
:tags: bug
Adjusted the use of SQLAlchemy's ".copy()" internals to use "._copy()"
for version 1.4.0, as this method is being renamed.
.. change::
:tags: bug, environment
:tickets: 797
Added new config file option ``prepend_sys_path``, which is a series of
paths that will be prepended to sys.path; the default value in newly
generated alembic.ini files is ".". This fixes a long-standing issue
where for some reason running the alembic command line would not place the
local "." path in sys.path, meaning an application locally present in "."
and importable through normal channels, e.g. python interpreter, pytest,
etc. would not be located by Alembic, even though the ``env.py`` file is
loaded relative to the current path when ``alembic.ini`` contains a
relative path. To enable for existing installations, add the option to the
alembic.ini file as follows::
sys.path path, will be prepended to sys.path if present.
defaults to the current working directory.
prepend_sys_path = .
.. seealso::
:ref:`installation` - updated documentation reflecting that local
installation of the project is not necessary if running the Alembic cli
from the local path.
.. changelog::
```
### 1.5.4
```
:released: February 3, 2021
.. change::
:tags: bug, versioning
:tickets: 789
Fixed bug in versioning model where a downgrade across a revision with a
dependency on another branch, yet an ancestor is also dependent on that
branch, would produce an erroneous state in the alembic_version table,
making upgrades impossible without manually repairing the table.
.. changelog::
```
Links
- PyPI: https://pypi.org/project/alembic
- Changelog: https://pyup.io/changelogs/alembic/
- Homepage: https://alembic.sqlalchemy.org
- Docs: https://pythonhosted.org/alembic/
Changelog
### 0.15.2
```
Bug Fixes
* Add `python_requires` in `setup.py` to fix dependency resolution issues
(by graingert in c808a663)
```
### 0.15.1
```
Bug Fixes
* Fix a segfault issue when a Cython protocol is de-referencing itself from `Context.run()` callbacks
(by fantix in 70cafc82)
```
### 0.15.0
```
New Features
* Add name keyword argument to `loop.create_task()`
(by fantix in d51ce367 for 309)
* Add typing support
(by bryanforbes in 9426e2b1, for 358)
Bug Fixes
* SSL: many improvements
(by fantix in 6476aad6, 8beacd26, 98e113ee, ae44ec2d, asvetlov in 9bc4a204)
* Fix `KeyboardInterrupt` handling logic
(by 1st1 in c32c7039 for 295, jack1142 in 8c471f82 for 337)
* Python 3.8/3.9 compatibility fixes, drop support for 3.5/3.6
(by jack1142 in 28702195 for 314, achimnol in 0d14ec64 for 328, aeros in 6ef69a79 for 349, shadchin in 1fd90665, fantix in 465717fd, 200e1404, afc3ee8f, cdd2218f, b7048b94)
* UDP: multiple bug fixes
(by fantix in 1d9267af for 319, 9e017e6e for 304, 506a2aa1)
* Pipe: a critical crash fix that affects subprocess, pipe and socketpair
(by fantix in 5d41af80 and tardyp in c3929720 for 311 312 317)
* Restore context on protocol callbacks
(by versusvoid in 7b202ccf for 305, fantix in f691212b)
* Subprocess: stdio bug fixes
(by fantix in 8cdb3002 for 136, lovasoa in 68db1a23 for 363)
* Sock: fix issue in `sock_connect()` for large concurrency
(by fantix in fe3d0281 for 378)
* Misc fixes about docs URL, test typo, and CI compatibility
(by asfaltboy in 38105305, felixonmars in fcb37350, fantix in 6596685a)
Build
* Check Cython version semantically
(by YoSTEALTH in 5dc299b7)
* Add `.flake8` to distribution tarball
(by jlaine in e8eb5026 for 330)
* Switch to Github actions
(by elprans in 3be8967e, e21ceea0, fantix in 311997ed)
* Bump libuv to v1.40.0
(by fantix in 998c19ec)
```
Links
- PyPI: https://pypi.org/project/uvloop
- Changelog: https://pyup.io/changelogs/uvloop/
- Repo: http://github.com/MagicStack/uvloop
Changelog
### 2.7.2
```
===========================
Release date: 2021-02-28
* Fix False Positive on `Enum.__members__.items()`, `Enum.__members__.values`, and `Enum.__members__.keys`
Closes 4123
* Properly strip dangerous sys.path entries (not just the first one)
Closes 3636
```
### 2.7.1
```
===========================
Release date: 2021-02-23
* Expose `UnittestLinter` in pylint.testutils
* Don't check directories starting with '.' when using register_plugins
Closes 4119
```
### 2.7.0
```
===========================
Release date: 2021-02-21
* Introduce DeprecationMixin for reusable deprecation checks.
Closes 4049
* Fix false positive for ``builtin-not-iterating`` when ``map`` receives iterable
Closes 4078
* Python 3.6+ is now required.
* Fix false positive for ``builtin-not-iterating`` when ``zip`` receives iterable
* Add `nan-comparison` check for NaN comparisons
* Bug fix for empty-comment message line number.
Closes 4009
* Only emit `bad-reversed-sequence` on dictionaries if below py3.8
Closes 3940
* Handle class decorators applied to function.
Closes 3882
* Add check for empty comments
* Fix minor documentation issue in contribute.rst
* Enums are now required to be named in UPPER_CASE by ``invalid-name``.
Close 3834
* Add missing checks for deprecated functions.
* Postponed evaluation of annotations are now recognized by default if python version is above 3.10
Closes 3992
* Fix column metadata for anomalous backslash lints
* Drop support for Python 3.5
* Add support for pep585 with postponed evaluation
Closes 3320
* Check alternative union syntax - PEP 604
Closes 4065
* Fix multiple false positives with assignment expressions
Closes 3347, 3953, 3865, 3275
* Fix TypedDict inherit-non-class false-positive Python 3.9+
Closes 1927
* Fix issue with nested PEP 585 syntax
* Fix issue with nested PEP 604 syntax
* Fix a crash in `undefined-variable` caused by chained attributes in metaclass
Close 3742
* Fix false positive for `not-async-context-manager` when `contextlib.asynccontextmanager` is used
Close 3862
* Fix linter multiprocessing pool shutdown (triggered warnings when runned in parallels with other pytest plugins)
Closes 3779
* Fix a false-positive emission of `no-self-use` and `unused-argument` for methods
of generic structural types (`Protocol[T]`)
Closes 3885
* Fix bug that lead to duplicate messages when using ``--jobs 2`` or more.
Close 3584
* Adds option ``check-protected-access-in-special-methods`` in the ClassChecker to activate/deactivate
``protected-access`` message emission for single underscore prefixed attribute in special methods.
Close 3120
* Fix vulnerable regular expressions in ``pyreverse``
Close 3811
* ``inconsistent-return-statements`` message is now emitted if one of ``try/except`` statement
is not returning explicitly while the other do.
Closes 3468
* Fix ``useless-super-delegation`` false positive when default keyword argument is a dictionnary.
Close 3773
* Fix a crash when a specified config file does not exist
* Add support to ``ignored-argument-names`` in DocstringParameterChecker and adds `useless-param-doc` and `useless-type-doc` messages.
Close 3800
* Enforce docparams consistently when docstring is not present
Close 2738
* Fix ``duplicate-code`` false positive when lines only contain whitespace and non-alphanumeric characters (e.g. parentheses, bracket, comman, etc.)
* Improve lint message for `singleton-comparison` with bools
* Fix spell-checker crash on indented docstring lines that look like comments
Close 3786
* Fix AttributeError in checkers/refactoring.py
* Improve sphinx directives spelling filter
* Fix a bug with postponed evaluation when using aliases for annotations.
Close 3798
* Fix minor documentation issues
* Improve the performance of the line length check.
* Removed incorrect deprecation of ``inspect.getfullargspec``
* Fix ``signature-differs`` false positive for functions with variadics
Close 3737
* Fix a crash in `consider-using-enumerate` when encountering `range()` without arguments
Close 3735
* `len-as-conditions` is now triggered only for classes that are inheriting directly from list, dict, or set and not implementing the `__bool__` function, or from generators like range or list/dict/set comprehension. This should reduce the false positives for other classes, like pandas's DataFrame or numpy's Array.
Close 1879
* Fixes duplicate-errors not working with -j2+
Close 3314
* `generated-members` now matches the qualified name of members
Close 2498
* Add check for bool function to `len-as-condition`
* Add `simplifiable-condition` check for extraneous constants in conditionals using and/or.
* Add `condition-evals-to-constant` check for conditionals using and/or that evaluate to a constant.
Close 3407
* Changed setup.py to work with [distlib](https://pypi.org/project/distlib)
Close 3555
* New check: ``consider-using-generator``
This check warns when a comprehension is used inside an `any` or `all` function,
since it is unnecessary and should be replaced by a generator instead.
Using a generator would be less code and way faster.
Close 3165
* Add Github Actions to replace Travis and AppVeyor in the future
```
### 2.6.1
```
===========================
* Astroid version has been set as < 2.5
Close 4093
```
Links
- PyPI: https://pypi.org/project/pylint
- Changelog: https://pyup.io/changelogs/pylint/
- Repo: https://github.com/PyCQA/pylint
Changelog
### 3.22.0
```
--------------------
Features
^^^^^^^^
- The value of the :conf:`requires` configuration option is now exposed via
the :class:`tox.config.Config` object - by :user:`hroncok`
`1918 <https://github.com/tox-dev/tox/issues/1918>`_
```
### 3.21.4
```
--------------------
Bugfixes
^^^^^^^^
- Adapt tests not to assume the ``easy_install`` command exists, as it was removed from ``setuptools`` 52.0.0+ - by :user:`hroncok`
`1893 <https://github.com/tox-dev/tox/issues/1893>`_
```
Links
- PyPI: https://pypi.org/project/tox
- Changelog: https://pyup.io/changelogs/tox/
- Docs: http://tox.readthedocs.org
pyup-bot
commented
3 years ago
Update aiohttp from 3.7.3 to 3.7.4.
Changelog
### 3.7.4 ``` ================== Bugfixes -------- - **(SECURITY BUG)** Started preventing open redirects in the ``aiohttp.web.normalize_path_middleware`` middleware. For more details, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg. Thanks to `Beast Glatisant <https://github.com/g147>`__ for finding the first instance of this issue and `Jelmer Vernooij <https://jelmer.uk/>`__ for reporting and tracking it down in aiohttp. `5497 <https://github.com/aio-libs/aiohttp/issues/5497>`_ - Fix interpretation difference of the pure-Python and the Cython-based HTTP parsers construct a ``yarl.URL`` object for HTTP request-target. Before this fix, the Python parser would turn the URI's absolute-path for ``//some-path`` into ``/`` while the Cython code preserved it as ``//some-path``. Now, both do the latter. `5498 <https://github.com/aio-libs/aiohttp/issues/5498>`_ ---- ```Links
- PyPI: https://pypi.org/project/aiohttp - Changelog: https://pyup.io/changelogs/aiohttp/ - Repo: https://github.com/aio-libs/aiohttpUpdate alembic from 1.5.3 to 1.5.5.
Changelog
### 1.5.5 ``` :released: February 20, 2021 .. change:: :tags: bug Adjusted the use of SQLAlchemy's ".copy()" internals to use "._copy()" for version 1.4.0, as this method is being renamed. .. change:: :tags: bug, environment :tickets: 797 Added new config file option ``prepend_sys_path``, which is a series of paths that will be prepended to sys.path; the default value in newly generated alembic.ini files is ".". This fixes a long-standing issue where for some reason running the alembic command line would not place the local "." path in sys.path, meaning an application locally present in "." and importable through normal channels, e.g. python interpreter, pytest, etc. would not be located by Alembic, even though the ``env.py`` file is loaded relative to the current path when ``alembic.ini`` contains a relative path. To enable for existing installations, add the option to the alembic.ini file as follows:: sys.path path, will be prepended to sys.path if present. defaults to the current working directory. prepend_sys_path = . .. seealso:: :ref:`installation` - updated documentation reflecting that local installation of the project is not necessary if running the Alembic cli from the local path. .. changelog:: ``` ### 1.5.4 ``` :released: February 3, 2021 .. change:: :tags: bug, versioning :tickets: 789 Fixed bug in versioning model where a downgrade across a revision with a dependency on another branch, yet an ancestor is also dependent on that branch, would produce an erroneous state in the alembic_version table, making upgrades impossible without manually repairing the table. .. changelog:: ```Links
- PyPI: https://pypi.org/project/alembic - Changelog: https://pyup.io/changelogs/alembic/ - Homepage: https://alembic.sqlalchemy.org - Docs: https://pythonhosted.org/alembic/Update asyncpgsa from 0.26.3 to 0.27.1.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
- PyPI: https://pypi.org/project/asyncpgsa - Changelog: https://pyup.io/changelogs/asyncpgsa/ - Repo: https://github.com/canopytax/asyncpgsaUpdate sentry-sdk from 0.19.5 to 0.20.3.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
- PyPI: https://pypi.org/project/sentry-sdk - Repo: https://github.com/getsentry/sentry-pythonUpdate uvloop from 0.14.0 to 0.15.2.
Changelog
### 0.15.2 ``` Bug Fixes * Add `python_requires` in `setup.py` to fix dependency resolution issues (by graingert in c808a663) ``` ### 0.15.1 ``` Bug Fixes * Fix a segfault issue when a Cython protocol is de-referencing itself from `Context.run()` callbacks (by fantix in 70cafc82) ``` ### 0.15.0 ``` New Features * Add name keyword argument to `loop.create_task()` (by fantix in d51ce367 for 309) * Add typing support (by bryanforbes in 9426e2b1, for 358) Bug Fixes * SSL: many improvements (by fantix in 6476aad6, 8beacd26, 98e113ee, ae44ec2d, asvetlov in 9bc4a204) * Fix `KeyboardInterrupt` handling logic (by 1st1 in c32c7039 for 295, jack1142 in 8c471f82 for 337) * Python 3.8/3.9 compatibility fixes, drop support for 3.5/3.6 (by jack1142 in 28702195 for 314, achimnol in 0d14ec64 for 328, aeros in 6ef69a79 for 349, shadchin in 1fd90665, fantix in 465717fd, 200e1404, afc3ee8f, cdd2218f, b7048b94) * UDP: multiple bug fixes (by fantix in 1d9267af for 319, 9e017e6e for 304, 506a2aa1) * Pipe: a critical crash fix that affects subprocess, pipe and socketpair (by fantix in 5d41af80 and tardyp in c3929720 for 311 312 317) * Restore context on protocol callbacks (by versusvoid in 7b202ccf for 305, fantix in f691212b) * Subprocess: stdio bug fixes (by fantix in 8cdb3002 for 136, lovasoa in 68db1a23 for 363) * Sock: fix issue in `sock_connect()` for large concurrency (by fantix in fe3d0281 for 378) * Misc fixes about docs URL, test typo, and CI compatibility (by asfaltboy in 38105305, felixonmars in fcb37350, fantix in 6596685a) Build * Check Cython version semantically (by YoSTEALTH in 5dc299b7) * Add `.flake8` to distribution tarball (by jlaine in e8eb5026 for 330) * Switch to Github actions (by elprans in 3be8967e, e21ceea0, fantix in 311997ed) * Bump libuv to v1.40.0 (by fantix in 998c19ec) ```Links
- PyPI: https://pypi.org/project/uvloop - Changelog: https://pyup.io/changelogs/uvloop/ - Repo: http://github.com/MagicStack/uvloopUpdate ipython from 7.19.0 to 7.21.0.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
- PyPI: https://pypi.org/project/ipython - Changelog: https://pyup.io/changelogs/ipython/ - Homepage: https://ipython.orgUpdate pylint from 2.6.0 to 2.7.2.
Changelog
### 2.7.2 ``` =========================== Release date: 2021-02-28 * Fix False Positive on `Enum.__members__.items()`, `Enum.__members__.values`, and `Enum.__members__.keys` Closes 4123 * Properly strip dangerous sys.path entries (not just the first one) Closes 3636 ``` ### 2.7.1 ``` =========================== Release date: 2021-02-23 * Expose `UnittestLinter` in pylint.testutils * Don't check directories starting with '.' when using register_plugins Closes 4119 ``` ### 2.7.0 ``` =========================== Release date: 2021-02-21 * Introduce DeprecationMixin for reusable deprecation checks. Closes 4049 * Fix false positive for ``builtin-not-iterating`` when ``map`` receives iterable Closes 4078 * Python 3.6+ is now required. * Fix false positive for ``builtin-not-iterating`` when ``zip`` receives iterable * Add `nan-comparison` check for NaN comparisons * Bug fix for empty-comment message line number. Closes 4009 * Only emit `bad-reversed-sequence` on dictionaries if below py3.8 Closes 3940 * Handle class decorators applied to function. Closes 3882 * Add check for empty comments * Fix minor documentation issue in contribute.rst * Enums are now required to be named in UPPER_CASE by ``invalid-name``. Close 3834 * Add missing checks for deprecated functions. * Postponed evaluation of annotations are now recognized by default if python version is above 3.10 Closes 3992 * Fix column metadata for anomalous backslash lints * Drop support for Python 3.5 * Add support for pep585 with postponed evaluation Closes 3320 * Check alternative union syntax - PEP 604 Closes 4065 * Fix multiple false positives with assignment expressions Closes 3347, 3953, 3865, 3275 * Fix TypedDict inherit-non-class false-positive Python 3.9+ Closes 1927 * Fix issue with nested PEP 585 syntax * Fix issue with nested PEP 604 syntax * Fix a crash in `undefined-variable` caused by chained attributes in metaclass Close 3742 * Fix false positive for `not-async-context-manager` when `contextlib.asynccontextmanager` is used Close 3862 * Fix linter multiprocessing pool shutdown (triggered warnings when runned in parallels with other pytest plugins) Closes 3779 * Fix a false-positive emission of `no-self-use` and `unused-argument` for methods of generic structural types (`Protocol[T]`) Closes 3885 * Fix bug that lead to duplicate messages when using ``--jobs 2`` or more. Close 3584 * Adds option ``check-protected-access-in-special-methods`` in the ClassChecker to activate/deactivate ``protected-access`` message emission for single underscore prefixed attribute in special methods. Close 3120 * Fix vulnerable regular expressions in ``pyreverse`` Close 3811 * ``inconsistent-return-statements`` message is now emitted if one of ``try/except`` statement is not returning explicitly while the other do. Closes 3468 * Fix ``useless-super-delegation`` false positive when default keyword argument is a dictionnary. Close 3773 * Fix a crash when a specified config file does not exist * Add support to ``ignored-argument-names`` in DocstringParameterChecker and adds `useless-param-doc` and `useless-type-doc` messages. Close 3800 * Enforce docparams consistently when docstring is not present Close 2738 * Fix ``duplicate-code`` false positive when lines only contain whitespace and non-alphanumeric characters (e.g. parentheses, bracket, comman, etc.) * Improve lint message for `singleton-comparison` with bools * Fix spell-checker crash on indented docstring lines that look like comments Close 3786 * Fix AttributeError in checkers/refactoring.py * Improve sphinx directives spelling filter * Fix a bug with postponed evaluation when using aliases for annotations. Close 3798 * Fix minor documentation issues * Improve the performance of the line length check. * Removed incorrect deprecation of ``inspect.getfullargspec`` * Fix ``signature-differs`` false positive for functions with variadics Close 3737 * Fix a crash in `consider-using-enumerate` when encountering `range()` without arguments Close 3735 * `len-as-conditions` is now triggered only for classes that are inheriting directly from list, dict, or set and not implementing the `__bool__` function, or from generators like range or list/dict/set comprehension. This should reduce the false positives for other classes, like pandas's DataFrame or numpy's Array. Close 1879 * Fixes duplicate-errors not working with -j2+ Close 3314 * `generated-members` now matches the qualified name of members Close 2498 * Add check for bool function to `len-as-condition` * Add `simplifiable-condition` check for extraneous constants in conditionals using and/or. * Add `condition-evals-to-constant` check for conditionals using and/or that evaluate to a constant. Close 3407 * Changed setup.py to work with [distlib](https://pypi.org/project/distlib) Close 3555 * New check: ``consider-using-generator`` This check warns when a comprehension is used inside an `any` or `all` function, since it is unnecessary and should be replaced by a generator instead. Using a generator would be less code and way faster. Close 3165 * Add Github Actions to replace Travis and AppVeyor in the future ``` ### 2.6.1 ``` =========================== * Astroid version has been set as < 2.5 Close 4093 ```Links
- PyPI: https://pypi.org/project/pylint - Changelog: https://pyup.io/changelogs/pylint/ - Repo: https://github.com/PyCQA/pylintUpdate tox from 3.21.3 to 3.22.0.
Changelog
### 3.22.0 ``` -------------------- Features ^^^^^^^^ - The value of the :conf:`requires` configuration option is now exposed via the :class:`tox.config.Config` object - by :user:`hroncok` `1918 <https://github.com/tox-dev/tox/issues/1918>`_ ``` ### 3.21.4 ``` -------------------- Bugfixes ^^^^^^^^ - Adapt tests not to assume the ``easy_install`` command exists, as it was removed from ``setuptools`` 52.0.0+ - by :user:`hroncok` `1893 <https://github.com/tox-dev/tox/issues/1893>`_ ```Links
- PyPI: https://pypi.org/project/tox - Changelog: https://pyup.io/changelogs/tox/ - Docs: http://tox.readthedocs.orgUpdate mypy from 0.800 to 0.812.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
- PyPI: https://pypi.org/project/mypy - Homepage: http://www.mypy-lang.org/Update virtualenv from 20.4.1 to 20.4.2.
Changelog
### 20.4.2 ``` ~~~~~~~~~~~~~~~~~ - Running virtualenv ``--upgrade-embed-wheels`` crashes - by :user:`gaborbernat`. (`2058 <https://github.com/pypa/virtualenv/issues/2058>`_) ```Links
- PyPI: https://pypi.org/project/virtualenv - Changelog: https://pyup.io/changelogs/virtualenv/ - Homepage: https://virtualenv.pypa.io/