ral-facilities / inventory-management-system-api

Apache License 2.0
1 stars 0 forks source link

Bump the pip group across 1 directory with 9 updates #367

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 3 months ago

Bumps the pip group with 9 updates in the / directory:

Package From To
cryptography 42.0.8 43.0.0
fastapi[all] 0.111.0 0.112.2
pyjwt 2.8.0 2.9.0
uvicorn 0.30.1 0.30.6
pylint 3.2.5 3.2.6
black 24.4.2 24.8.0
pytest 8.2.2 8.3.2
pytest-asyncio 0.23.7 0.24.0
faker 26.0.0 28.0.0

Updates cryptography from 42.0.8 to 43.0.0

Changelog

Sourced from cryptography's changelog.

43.0.0 - 2024-07-20


* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1e has been
  removed.  Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.8.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
* Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
* :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
  now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still
  considered insecure, users should generally use a key size of 2048-bits.
* :func:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`
  now emits ASN.1 that more closely follows the recommendations in :rfc:`2315`.
* Added new :doc:`/hazmat/decrepit/index` module which contains outdated and
  insecure cryptographic primitives.
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish`, which were
  deprecated in 37.0.0, have been added to this module. They will be removed
  from the ``cipher`` module in 45.0.0.
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES`
  and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ARC4` into
  :doc:`/hazmat/decrepit/index` and deprecated them in the ``cipher`` module.
  They will be removed from the ``cipher`` module in 48.0.0.
* Added support for deterministic
  :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` (:rfc:`6979`)
* Added support for client certificate verification to the
  :mod:`X.509 path validation <cryptography.x509.verification>` APIs in the
  form of :class:`~cryptography.x509.verification.ClientVerifier`,
  :class:`~cryptography.x509.verification.VerifiedClient`, and
  ``PolicyBuilder``
  :meth:`~cryptography.x509.verification.PolicyBuilder.build_client_verifier`.
* Added Certificate
  :attr:`~cryptography.x509.Certificate.public_key_algorithm_oid`
  and Certificate Signing Request
  :attr:`~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid`
  to determine the :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
  Object Identifier of the public key found inside the certificate.
* Added :attr:`~cryptography.x509.InvalidityDate.invalidity_date_utc`, a
  timezone-aware alternative to the naïve ``datetime`` attribute
  :attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
* Added support for parsing empty DN string in
  :meth:`~cryptography.x509.Name.from_rfc4514_string`.
* Added the following properties that return timezone-aware ``datetime`` objects:
  :meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_time_utc`,
</tr></table> 

... (truncated)

Commits


Updates fastapi[all] from 0.111.0 to 0.112.2

Release notes

Sourced from fastapi[all]'s releases.

0.112.2

Fixes

Refactors

Docs

  • 📝 Fix a typo in docs/en/docs/virtual-environments.md. PR #12064 by @​aymenkrifa.
  • 📝 Add docs about Environment Variables and Virtual Environments. PR #12054 by @​tiangolo.
  • 📝 Add Asyncer mention in async docs. PR #12037 by @​tiangolo.
  • 📝 Move the Features docs to the top level to improve the main page menu. PR #12036 by @​tiangolo.
  • ✏️ Fix import typo in reference example for Security. PR #11168 by @​0shah0.
  • 📝 Highlight correct line in tutorial docs/en/docs/tutorial/body-multiple-params.md. PR #11978 by @​svlandeg.
  • 🔥 Remove Sentry link from Advanced Middleware docs. PR #12031 by @​alejsdev.
  • 📝 Clarify management tasks for translations, multiples files in one PR. PR #12030 by @​tiangolo.
  • 📝 Edit the link to the OpenAPI "Responses Object" and "Response Object" sections in the "Additional Responses in OpenAPI" section. PR #11996 by @​VaitoSoi.
  • 🔨 Specify email-validator dependency with dash. PR #11515 by @​jirikuncar.
  • 🌐 Add Spanish translation for docs/es/docs/project-generation.md. PR #11947 by @​alejsdev.
  • 📝 Fix minor typo. PR #12026 by @​MicaelJarniac.
  • 📝 Several docs improvements, tweaks, and clarifications. PR #11390 by @​nilslindemann.
  • 📝 Add missing compresslevel parameter on docs for GZipMiddleware. PR #11350 by @​junah201.
  • 📝 Fix inconsistent response code when item already exists in docs for testing. PR #11818 by @​lokomilo.
  • 📝 Update docs/en/docs/tutorial/body.md with Python 3.10 union type example. PR #11415 by @​rangzen.

Translations

  • 🌐 Add Portuguese translation for docs/pt/docs/tutorial/request_file.md. PR #12018 by @​Joao-Pedro-P-Holanda.
  • 🌐 Add Japanese translation for docs/ja/docs/learn/index.md. PR #11592 by @​ukwhatn.
  • 📝 Update Spanish translation docs for consistency. PR #12044 by @​alejsdev.
  • 🌐 Update Chinese translation for docs/zh/docs/tutorial/dependencies/dependencies-with-yield.md. PR #12028 by @​xuvjso.
  • 📝 Update FastAPI People, do not translate to have the most recent info. PR #12034 by @​tiangolo.
  • 🌐 Update Urdu translation for docs/ur/docs/benchmarks.md. PR #10046 by @​AhsanSheraz.

Internal

... (truncated)

Commits
  • d00af00 🔖 Release version 0.112.2
  • b69a9f3 📝 Update release notes
  • 51b625e 🐛 Fix allow_inf_nan option for Param and Body classes (#11867)
  • 48b36f2 📝 Update release notes
  • 3a4ac24 🐛 Ensure that app.include_router merges nested lifespans (#9630)
  • 22bf988 📝 Update release notes
  • 6935fe8 📝 Update release notes
  • 8f03716 📝 Fix a typo in virtual environement page (#12064)
  • d0ce9d2 📝 Update release notes
  • 705659b 📝 Add docs about Environment Variables and Virtual Environments (#12054)
  • Additional commits viewable in compare view


Updates pyjwt from 2.8.0 to 2.9.0

Release notes

Sourced from pyjwt's releases.

2.9.0

What's Changed

New Contributors

Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0

Changelog

Sourced from pyjwt's changelog.

v2.9.0 <https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0>__

Changed


- Drop support for Python 3.7 (EOL) by @hugovk in `[#910](https://github.com/jpadilla/pyjwt/issues/910) <https://github.com/jpadilla/pyjwt/pull/910>`__
- Allow JWT issuer claim validation to accept a list of strings too by @mattpollak in `[#913](https://github.com/jpadilla/pyjwt/issues/913) <https://github.com/jpadilla/pyjwt/pull/913>`__

Fixed


- Fix unnecessary string concatenation by @sirosen in `[#904](https://github.com/jpadilla/pyjwt/issues/904) &lt;https://github.com/jpadilla/pyjwt/pull/904&gt;`__
- Fix docs for ``jwt.decode_complete`` to include ``strict_aud`` option by @woodruffw in `[#923](https://github.com/jpadilla/pyjwt/issues/923) &lt;https://github.com/jpadilla/pyjwt/pull/923&gt;`__
- Fix docs step by @jpadilla in `[#950](https://github.com/jpadilla/pyjwt/issues/950) &lt;https://github.com/jpadilla/pyjwt/pull/950&gt;`__
- Fix: Remove an unused variable from example code block by @kenkoooo in `[#958](https://github.com/jpadilla/pyjwt/issues/958) &lt;https://github.com/jpadilla/pyjwt/pull/958&gt;`__

Added
  • Add support for Python 3.12 by @​hugovk in [#910](https://github.com/jpadilla/pyjwt/issues/910) &lt;https://github.com/jpadilla/pyjwt/pull/910&gt;__
  • Improve performance of is_ssh_key + add unit test by @​bdraco in [#940](https://github.com/jpadilla/pyjwt/issues/940) &lt;https://github.com/jpadilla/pyjwt/pull/940&gt;__
  • Allow jwt.decode() to accept a PyJWK object by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
  • Make algorithm_name attribute available on PyJWK by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
  • Raise InvalidKeyError on invalid PEM keys to be compatible with cryptography 42.x.x by @​CollinEMac in [#952](https://github.com/jpadilla/pyjwt/issues/952) &lt;https://github.com/jpadilla/pyjwt/pull/952&gt;__
  • Raise an exception when required cryptography dependency is missing by @​tobloef in &lt;https://github.com/jpadilla/pyjwt/pull/963&gt;__
Commits


Updates uvicorn from 0.30.1 to 0.30.6

Release notes

Sourced from uvicorn's releases.

Version 0.30.6

Fixed

  • Don't warn when upgrade is not WebSocket and depedencies are installed (#2360)

Full Changelog: https://github.com/encode/uvicorn/compare/0.30.5...0.30.6

Version 0.30.5

Fixed

  • Don't close connection before receiving body on H11 (#2408)

Full Changelog: https://github.com/encode/uvicorn/compare/0.30.4...0.30.5

Version 0.30.4

Fixed

  • Close connection when h11 sets client state to MUST_CLOSE #2375

Full Changelog: https://github.com/encode/uvicorn/compare/0.30.3...0.30.4

Version 0.30.3

Fixed

  • Suppress KeyboardInterrupt from CLI and programmatic usage (#2384)
  • ClientDisconnect inherits from OSError instead of IOError (#2393)

Full Changelog: https://github.com/encode/uvicorn/compare/0.30.2...0.30.3

Version 0.30.2

Added

Fixed

  • Iterate subprocesses in-place on the process manager (#2373)

Full Changelog: https://github.com/encode/uvicorn/compare/0.30.1...0.30.2

Changelog

Sourced from uvicorn's changelog.

0.30.6 (2024-08-13)

Fixed

  • Don't warn when upgrade is not WebSocket and depedencies are installed (#2360)

0.30.5 (2024-08-02)

Fixed

  • Don't close connection before receiving body on H11 (#2408)

0.30.4 (2024-07-31)

Fixed

  • Close connection when h11 sets client state to MUST_CLOSE (#2375)

0.30.3 (2024-07-20)

Fixed

  • Suppress KeyboardInterrupt from CLI and programmatic usage (#2384)
  • ClientDisconnect inherits from OSError instead of IOError (#2393)

0.30.2 (2024-07-20)

Added

Fixed

  • Iterate subprocesses in-place on the process manager (#2373)
Commits


Updates pylint from 3.2.5 to 3.2.6

Commits


Updates black from 24.4.2 to 24.8.0

Release notes

Sourced from black's releases.

24.8.0

Stable style

  • Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

  • Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

  • Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
  • Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
  • Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
  • Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
  • Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

  • Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

  • Fix blackd (and all extras installs) for docker container (#4357)
Changelog

Sourced from black's changelog.

24.8.0

Stable style

  • Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

  • Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

  • Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
  • Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
  • Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
  • Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
  • Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

  • Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

  • Fix blackd (and all extras installs) for docker container (#4357)
Commits
  • b965c2a Prepare release 24.8.0 (#4426)
  • 9ccf279 Document find_project_root ignoring pyproject.toml without [tool.black]...
  • 14b6e61 fix: Enhace black efficiently to skip directories listed in .gitignore (#4415)
  • b1c4dd9 fix: respect braces better in f-string parsing (#4422)
  • 4b4ae43 Fix incorrect linenos on fstring tokens with escaped newlines (#4423)
  • 7fa1faf docs: fix the installation command of extra for blackd (#4413)
  • 8827acc Bump sphinx from 7.3.7 to 7.4.0 in /docs (#4404)
  • b0da11d Bump furo from 2024.5.6 to 2024.7.18 in /docs (#4409)
  • 721dff5 fix: avoid formatting backslash strings inside f-strings (#4401)
  • 7e2afc9 Update actions/checkout to v4 to stop node deprecation warnings (#4379)
  • Additional commits viewable in compare view


Updates pytest from 8.2.2 to 8.3.2

Release notes

Sourced from pytest's releases.

8.3.2

pytest 8.3.2 (2024-07-24)

Bug fixes

  • #12652: Resolve regression [conda]{.title-ref} environments where no longer being automatically detected.

    -- by RonnyPfannschmidt{.interpreted-text role="user"}

8.3.1

pytest 8.3.1 (2024-07-20)

The 8.3.0 release failed to include the change notes and docs for the release. This patch release remedies this. There are no other changes.

8.3.0

pytest 8.3.0 (2024-07-20)

New features

  • #12231: Added [--xfail-tb]{.title-ref} flag, which turns on traceback output for XFAIL results.

    • If the [--xfail-tb]{.title-ref} flag is not given, tracebacks for XFAIL results are NOT shown.
    • The style of traceback for XFAIL is set with [--tb]{.title-ref}, and can be [auto|long|short|line|native|no]{.title-ref}.
    • Note: Even if you have [--xfail-tb]{.title-ref} set, you won't see them if [--tb=no]{.title-ref}.

    Some history:

    With pytest 8.0, [-rx]{.title-ref} or [-ra]{.title-ref} would not only turn on summary reports for xfail, but also report the tracebacks for xfail results. This caused issues with some projects that utilize xfail, but don't want to see all of the xfail tracebacks.

    This change detaches xfail tracebacks from [-rx]{.title-ref}, and now we turn on xfail tracebacks with [--xfail-tb]{.title-ref}. With this, the default [-rx]{.title-ref}/ [-ra]{.title-ref} behavior is identical to pre-8.0 with respect to xfail tracebacks. While this is a behavior change, it brings default behavior back to pre-8.0.0 behavior, which ultimately was considered the better course of action.

  • #12281: Added support for keyword matching in marker expressions.

    Now tests can be selected by marker keyword arguments. Supported values are int{.interpreted-text role="class"}, (unescaped) str{.interpreted-text role="class"}, bool{.interpreted-text role="class"} & None{.interpreted-text role="data"}.

    See marker examples <marker_keyword_expression_example>{.interpreted-text role="ref"} for more information.

    -- by lovetheguitar{.interpreted-text role="user"}

  • #12567: Added --no-fold-skipped command line option.

    If this option is set, then skipped tests in short summary are no longer grouped by reason but all tests are printed individually with their nodeid in the same way as other statuses.

    -- by pbrezina{.interpreted-text role="user"}

... (truncated)

Commits
  • bbcec9c Prepare release version 8.3.2
  • 78fe8b6 Merge pull request #12657 from pytest-dev/patchback/backports/8.3.x/6c806b499...
  • 238bad2 Merge pull request #12656 from RonnyPfannschmidt/fix-12652-detect-conda-env
  • ae6034a Merge pull request #12641 from pytest-dev/patchback/backports/8.3.x/c03989cee...
  • 31337ab Merge pull request #12640 from pytest-dev/update-user
  • ca3070b Merge pull request #12637 from pytest-dev/release-8.3.1
  • de98446 Prepare release version 8.3.1
  • bd0a042 Merge pull request #12636 from pytest-dev/update-release-notes
  • 664325b doc/changelog: update 8.3.0 notes
  • 19d225d Merge pull request #12635 from pytest-dev/release-8.3.0
  • Additional commits viewable in compare view


Updates pytest-asyncio from 0.23.7 to 0.24.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 0.24.0

0.24.0 (2024-08-22)

  • BREAKING: Updated minimum supported pytest version to v8.2.0
  • Adds an optional loop_scope keyword argument to pytest.mark.asyncio. This argument controls which event loop is used to run the marked async test. #706, #871
  • Deprecates the optional scope keyword argument to pytest.mark.asyncio for API consistency with pytest_asyncio.fixture. Users are encouraged to use the loop_scope keyword argument, which does exactly the same.
  • Raises an error when passing scope or loop_scope as a positional argument to @pytest.mark.asyncio. #812
  • Fixes a bug that caused module-scoped async fixtures to fail when reused in other modules #862 #668

pytest-asyncio 0.24.0a1

0.24.0 (UNRELEASED)

  • BREAKING: Updated minimum supported pytest version to v8.2.0
  • Adds an optional loop_scope keyword argument to pytest.mark.asyncio. This argument controls which event loop is used to run the marked async test. #706, #871
  • Deprecates the optional scope keyword argument to pytest.mark.asyncio for API consistency with pytest_asyncio.fixture. Users are encouraged to use the loop_scope keyword argument, which does exactly the same.
  • Raises an error when passing scope or loop_scope as a positional argument to @pytest.mark.asyncio. #812
  • Fixes a bug that caused module-scoped async fixtures to fail when reused in other modules #862 #668

pytest-asyncio 0.24.0a0

0.24.0 (UNRELEASED)

  • Adds an optional loop_scope keyword argument to pytest.mark.asyncio. This argument controls which event loop is used to run the marked async test. #706, #871
  • Deprecates the optional scope keyword argument to pytest.mark.asyncio for API consistency with pytest_asyncio.fixture. Users are encouraged to use the loop_scope keyword argument, which does exactly the same.
  • Raises an error when passing scope or loop_scope as a positional argument to @pytest.mark.asyncio. #812

pytest-asyncio 0.23.8

0.23.8 (2024-07-17)

  • Fixes a bug that caused duplicate markers in async tests #813

Known issues

As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.

Commits
  • fb5422f docs: Set release date for v0.24 in changelog.
  • 6dc7f58 docs: Add migration guides for pytest-asyncio v0.21 and v0.23.
  • 1bfc181 Wire Sphinx builds into the RTD config via tox
  • f03cf13 Build(deps): Bump hypothesis in /dependencies/default
  • 69540bf Build(deps): Bump attrs from 24.1.0 to 24.2.0 in /dependencies/default
  • b0ccfc5 Build(deps): Bump hypothesis in /dependencies/default
  • 574f1db Build(deps): Bump babel from 2.15.0 to 2.16.0 in /dependencies/docs
  • ae30dac Update .readthedocs.yaml to install pytest-asyncio
  • 972a704 Derive project version using importlib
  • d587a52 [pre-commit.ci] pre-commit autoupdate
  • Additional commits viewable in compare view


Updates faker from 26.0.0 to 28.0.0

Release notes

Sourced from faker's releases.

Release v28.0.0

See CHANGELOG.md.

Release v27.4.0

See CHANGELOG.md.

Release v27.3.0

See CHANGELOG.md.

Release v27.2.0

See CHANGELOG.md.

Release v27.1.0

See CHANGELOG.md.

Release v27.0.0

See CHANGELOG.md.

Release v26.3.0

See CHANGELOG.md.

Release v26.2.0

See CHANGELOG.md.

Release v26.1.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v28.0.0 - 2024-08-23

  • Fix pydecimal handling of positive keyword. Thanks @​tahzeer.

v27.4.0 - 2024-08-21

v27.3.0 - 2024-08-21

v27.2.0 - 2024-08-21

v27.1.0 - 2024-08-21

v27.0.0 - 2024-08-12

  • Re-introduce part_of_speech argument to words() method.

v26.3.0 - 2024-08-08

  • Extend ro_RO company localization with prefixes. Thanks @​DDSNA.

v26.2.0 - 2024-08-06

  • Add Swahili (sw) provider for generating Swahili names. Thanks @​5uru.

v26.1.0 - 2024-08-01

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging... _Description has been truncated_
dependabot[bot] commented 2 months ago

Superseded by #370.