search

svthalia / concrexit

Thalia Website built on Django.
https://thalia.nu
Other
23 stars 12 forks source link

Bump the patch-updates group with 3 updates #3625

Closed dependabot[bot] closed 7 months ago

dependabot[bot] commented 7 months ago

Bumps the patch-updates group with 3 updates: django, boto3 and coverage.

Updates django from 5.0.2 to 5.0.3

Commits
  • 4b64d72 [5.0.x] Bumped version for 5.0.3 release.
  • 3394fc6 [5.0.x] Fixed CVE-2024-27351 -- Prevented potential ReDoS in Truncator.words().
  • 80761c3 [5.0.x] Fixed #35198 -- Fixed facet filters crash on querysets with no primar...
  • 24de811 [5.0.x] Fixed typo in docs/ref/contrib/admin/index.txt.
  • bf7fedc [5.0.x] Removed #django-geo IRC channel in docs.
  • a8de04f [5.0.x] Refs #34964 -- Doc'd that Q expression order is preserved.
  • b1f2833 [5.0.x] Added release date for 5.0.3, 4.2.11, and 3.2.25.
  • 5d9be66 [5.0.x] Removed distracting note from tutorial 4.
  • 69e5b13 [5.0.x] Fixed #35238 -- Fixed database serialization crash when base managers...
  • e72fdc8 [5.0.x] Fixed #35153 -- Added note about locale name notation to FORMAT_MODUL...
  • Additional commits viewable in compare view


Updates boto3 from 1.34.44 to 1.34.54

Changelog

Sourced from boto3's changelog.

1.34.54

  • api-change:accessanalyzer: [botocore] Fixed a typo in description field.
  • api-change:autoscaling: [botocore] With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types.
  • api-change:ec2: [botocore] With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types.

1.34.53

  • api-change:docdb-elastic: [botocore] Launched Elastic Clusters Readable Secondaries, Start/Stop, Configurable Shard Instance count, Automatic Backups and Snapshot Copying
  • api-change:eks: [botocore] Added support for new AL2023 AMIs to the supported AMITypes.
  • api-change:lexv2-models: [botocore] This release makes AMAZON.QnAIntent generally available in Amazon Lex. This generative AI feature leverages large language models available through Amazon Bedrock to automate frequently asked questions (FAQ) experience for end-users.
  • api-change:migrationhuborchestrator: [botocore] Adds new CreateTemplate, UpdateTemplate and DeleteTemplate APIs.
  • api-change:quicksight: [botocore] TooltipTarget for Combo chart visuals; ColumnConfiguration limit increase to 2000; Documentation Update
  • api-change:sagemaker: [botocore] Adds support for ModelDataSource in Model Packages to support unzipped models. Adds support to specify SourceUri for models which allows registration of models without mandating a container for hosting. Using SourceUri, customers can decouple the model from hosting information during registration.
  • api-change:securitylake: [botocore] Add capability to update the Data Lake's MetaStoreManager Role in order to perform required data lake updates to use Iceberg table format in their data lake or update the role for any other reason.

1.34.52

  • api-change:batch: [botocore] This release adds Batch support for configuration of multicontainer jobs in ECS, Fargate, and EKS. This support is available for all types of jobs, including both array jobs and multi-node parallel jobs.
  • api-change:bedrock-agent-runtime: [botocore] This release adds support to override search strategy performed by the Retrieve and RetrieveAndGenerate APIs for Amazon Bedrock Agents
  • api-change:ce: [botocore] This release introduces the new API 'GetApproximateUsageRecords', which retrieves estimated usage records for hourly granularity or resource-level data at daily granularity.
  • api-change:ec2: [botocore] This release increases the range of MaxResults for GetNetworkInsightsAccessScopeAnalysisFindings to 1,000.
  • api-change:iot: [botocore] This release reduces the maximum results returned per query invocation from 500 to 100 for the SearchIndex API. This change has no implications as long as the API is invoked until the nextToken is NULL.
  • api-change:wafv2: [botocore] AWS WAF now supports configurable time windows for request aggregation with rate-based rules. Customers can now select time windows of 1 minute, 2 minutes or 10 minutes, in addition to the previously supported 5 minutes.

1.34.51

  • api-change:amplifyuibuilder: [botocore] We have added the ability to tag resources after they are created

1.34.50

  • api-change:apigateway: [botocore] Documentation updates for Amazon API Gateway.
  • api-change:drs: [botocore] Added volume status to DescribeSourceServer replicated volumes.
  • api-change:kafkaconnect: [botocore] Adds support for tagging, with new TagResource, UntagResource and ListTagsForResource APIs to manage tags and updates to existing APIs to allow tag on create. This release also adds support for the new DeleteWorkerConfiguration API.
  • api-change:rds: [botocore] This release adds support for gp3 data volumes for Multi-AZ DB Clusters.

1.34.49

  • api-change:appsync: [botocore] Documentation only updates for AppSync

... (truncated)

Commits
  • 40038ca Merge branch 'release-1.34.54'
  • 2123919 Bumping version to 1.34.54
  • e2a39f9 Add changelog entries from botocore
  • 914c71b Merge branch 'release-1.34.53'
  • b1db713 Merge branch 'release-1.34.53' into develop
  • 0fdef8b Bumping version to 1.34.53
  • f39ede7 Add changelog entries from botocore
  • 7d55662 Merge branch 'release-1.34.52' into develop
  • 78d211e Merge branch 'release-1.34.52'
  • f93792b Bumping version to 1.34.52
  • Additional commits viewable in compare view


Updates coverage from 7.4.1 to 7.4.3

Changelog

Sourced from coverage's changelog.

Version 7.4.3 — 2024-02-23

  • Fix: in some cases, coverage could fail with a RuntimeError: "Set changed size during iteration." This is now fixed, closing issue 1733_.

.. _issue 1733: nedbat/coveragepy#1733

.. _changes_7-4-2:

Version 7.4.2 — 2024-02-20

  • Fix: setting COVERAGE_CORE=sysmon no longer errors on 3.11 and lower, thanks Hugo van Kemenade <pull 1747_>_. It now issues a warning that sys.monitoring is not available and falls back to the default core instead.

.. _pull 1747: nedbat/coveragepy#1747

.. _changes_7-4-1:

Commits
  • 1af3624 docs: sample HTML for 7.4.3
  • f06c5e4 docs: prep for 7.4.3
  • 08fc997 fix: get atomic copies of iterables when flushing data. #1733
  • 4e34571 build: put a time limit on the Python nightly tests
  • a1d8d29 build: make targets should use underscores not dashes
  • f7d40a0 build: tweak the release instructions
  • 0f19b82 build: bump version
  • 5d69334 test: if a test fails randomly, let it retry with @​flaky
  • 65d686c docs: sample HTML for 7.4.2
  • 026dca7 docs: prep for 7.4.2
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 7 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.