search

svthalia / concrexit

Thalia Website built on Django.
https://thalia.nu
Other
23 stars 11 forks source link

Bump the patch-updates group with 3 updates #3651

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps the patch-updates group with 3 updates: django, boto3 and coverage.

Updates django from 5.0.2 to 5.0.3

Commits
  • 4b64d72 [5.0.x] Bumped version for 5.0.3 release.
  • 3394fc6 [5.0.x] Fixed CVE-2024-27351 -- Prevented potential ReDoS in Truncator.words().
  • 80761c3 [5.0.x] Fixed #35198 -- Fixed facet filters crash on querysets with no primar...
  • 24de811 [5.0.x] Fixed typo in docs/ref/contrib/admin/index.txt.
  • bf7fedc [5.0.x] Removed #django-geo IRC channel in docs.
  • a8de04f [5.0.x] Refs #34964 -- Doc'd that Q expression order is preserved.
  • b1f2833 [5.0.x] Added release date for 5.0.3, 4.2.11, and 3.2.25.
  • 5d9be66 [5.0.x] Removed distracting note from tutorial 4.
  • 69e5b13 [5.0.x] Fixed #35238 -- Fixed database serialization crash when base managers...
  • e72fdc8 [5.0.x] Fixed #35153 -- Added note about locale name notation to FORMAT_MODUL...
  • Additional commits viewable in compare view


Updates boto3 from 1.34.44 to 1.34.69

Changelog

Sourced from boto3's changelog.

1.34.69

  • api-change:firehose: [botocore] Updates Amazon Firehose documentation for message regarding Enforcing Tags IAM Policy.
  • api-change:kendra: [botocore] Documentation update, March 2024. Corrects some docs for Amazon Kendra.
  • api-change:pricing: [botocore] Add ResourceNotFoundException to ListPriceLists and GetPriceListFileUrl APIs
  • api-change:rolesanywhere: [botocore] This release relaxes constraints on the durationSeconds request parameter for the *Profile APIs that support it. This parameter can now take on values that go up to 43200.
  • api-change:securityhub: [botocore] Added new resource detail object to ASFF, including resource for LastKnownExploitAt

1.34.68

  • api-change:codeartifact: [botocore] This release adds Package groups to CodeArtifact so you can more conveniently configure package origin controls for multiple packages.

1.34.67

  • api-change:accessanalyzer: [botocore] This release adds support for policy validation and external access findings for DynamoDB tables and streams. IAM Access Analyzer helps you author functional and secure resource-based policies and identify cross-account access. Updated service API, documentation, and paginators.
  • api-change:codebuild: [botocore] This release adds support for new webhook events (RELEASED and PRERELEASED) and filter types (TAG_NAME and RELEASE_NAME).
  • api-change:connect: [botocore] This release updates the *InstanceStorageConfig APIs to support a new ResourceType: REAL_TIME_CONTACT_ANALYSIS_CHAT_SEGMENTS. Use this resource type to enable streaming for real-time analysis of chat contacts and to associate a Kinesis stream where real-time analysis chat segments will be published.
  • api-change:dynamodb: [botocore] This release introduces 3 new APIs ('GetResourcePolicy', 'PutResourcePolicy' and 'DeleteResourcePolicy') and modifies the existing 'CreateTable' API for the resource-based policy support. It also modifies several APIs to accept a 'TableArn' for the 'TableName' parameter.
  • api-change:managedblockchain-query: [botocore] AMB Query: update GetTransaction to include transactionId as input
  • api-change:savingsplans: [botocore] Introducing the Savings Plans Return feature enabling customers to return their Savings Plans within 7 days of purchase.

1.34.66

  • api-change:cloudformation: [botocore] Documentation update, March 2024. Corrects some formatting.
  • api-change:ec2: [botocore] This release adds the new DescribeMacHosts API operation for getting information about EC2 Mac Dedicated Hosts. Users can now see the latest macOS versions that their underlying Apple Mac can support without needing to be updated.
  • api-change:finspace: [botocore] Adding new attributes readWrite and onDemand to dataview models for Database Maintenance operations.
  • api-change:logs: [botocore] Update LogSamples field in Anomaly model to be a list of LogEvent
  • api-change:managedblockchain-query: [botocore] Introduces a new API for Amazon Managed Blockchain Query: ListFilteredTransactionEvents.

1.34.65

  • api-change:cloudformation: [botocore] This release supports for a new API ListStackSetAutoDeploymentTargets, which provider auto-deployment configuration as a describable resource. Customers can now view the specific combinations of regions and OUs that are being auto-deployed.
  • api-change:kms: [botocore] Adds the ability to use the default policy name by omitting the policyName parameter in calls to PutKeyPolicy and GetKeyPolicy
  • api-change:mediatailor: [botocore] This release adds support to allow customers to show different content within a channel depending on metadata associated with the viewer.
  • api-change:rds: [botocore] This release launches the ModifyIntegration API and support for data filtering for zero-ETL Integrations.
  • api-change:s3: [botocore] Fix two issues with response root node names.
  • api-change:timestream-query: [botocore] Documentation updates, March 2024

1.34.64

... (truncated)

Commits
  • 4f1c6c0 Merge branch 'release-1.34.69'
  • c3f1e7d Bumping version to 1.34.69
  • e43fc9d Add changelog entries from botocore
  • 51e7d94 Merge branch 'release-1.34.68'
  • 6607f5f Merge branch 'release-1.34.68' into develop
  • ba6e41d Bumping version to 1.34.68
  • 3a37d63 Add changelog entries from botocore
  • b5d959a Merge branch 'release-1.34.67'
  • 6a1a7b6 Merge branch 'release-1.34.67' into develop
  • 40e8e24 Bumping version to 1.34.67
  • Additional commits viewable in compare view


Updates coverage from 7.4.3 to 7.4.4

Changelog

Sourced from coverage's changelog.

Version 7.4.4 — 2024-03-14

  • Fix: in some cases, even with [run] relative_files=True, a data file could be created with absolute path names. When combined with other relative data files, it was random whether the absolute file names would be made relative or not. If they weren't, then a file would be listed twice in reports, as detailed in issue 1752_. This is now fixed: absolute file names are always made relative when combining. Thanks to Bruno Rodrigues dos Santos for support.

  • Fix: the last case of a match/case statement had an incorrect message if the branch was missed. It said the pattern never matched, when actually the branch is missed if the last case always matched.

  • Fix: clicking a line number in the HTML report now positions more accurately.

  • Fix: the report:format setting was defined as a boolean, but should be a string. Thanks, Tanaydin Sirin <pull 1754_>_. It is also now documented on the :ref:configuration page <config_report_format>.

.. _issue 1752: nedbat/coveragepy#1752 .. _pull 1754: nedbat/coveragepy#1754

.. _changes_7-4-3:

Commits
  • bc5e2d7 docs: sample HTML for 7.4.4
  • 9b0008b docs: prep for 7.4.4
  • a536161 docs: thanks, Bruno Rodrigues dos Santos
  • e06e4f9 chore: make doc_upgrade
  • f30818e chore: make upgrade
  • 1b19799 fix: ensure absolute paths are relative when combined #1752
  • 1ef020d build: more cheats for convenient URLs
  • 3d57a07 docs: document the report:format setting
  • 8e30221 fix: correct the type of report:format in config.py (#1754)
  • 6289be8 refactor: use dataclasses, no namedtuple
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 3 months ago

Superseded by #3653.