Skip to content
This repository was archived by the owner on May 15, 2025. It is now read-only.

Bump the all group across 1 directory with 6 updates #150

Closed
dependabot wants to merge 1 commit into from
Closed

Bump the all group across 1 directory with 6 updates #150

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Dec 2, 2024
edited
Loading

Bumps the all group with 6 updates in the /localcert directory:

Package From To
coverage 7.6.4 7.6.8
cryptography 43.0.3 44.0.0
django 5.1.2 5.1.3
django-allauth 65.1.0 65.3.0
pyjwt 2.9.0 2.10.1
sqlparse 0.5.1 0.5.2

Updates coverage from 7.6.4 to 7.6.8

Changelog

Sourced from coverage's changelog.

Version 7.6.8 — 2024-11-23

  • Fix: the LCOV report code assumed that a branch line that took no branches meant that the entire line was unexecuted. This isn't true in a few cases: the line might always raise an exception, or might have been optimized away. Fixes issue 1896_.

  • Fix: similarly, the HTML report will now explain that a line that jumps to none of its expected destinations must have always raised an exception. Previously, it would say something nonsensical like, "line 4 didn't jump to line 5 because line 4 was never true, and it didn't jump to line 7 because line 4 was always true." This was also shown in issue 1896_.

.. _issue 1896: nedbat/coveragepy#1896

.. _changes_7-6-7:

Version 7.6.7 — 2024-11-15

  • Fix: ugh, the other assert from 7.6.5 can also be encountered in the wild, so it's been restored to a conditional. Sorry for the churn.

.. _changes_7-6-6:

Version 7.6.6 — 2024-11-15

  • One of the new asserts from 7.6.5 caused problems in real projects, as reported in issue 1891_. The assert has been removed.

.. _issue 1891: nedbat/coveragepy#1891

.. _changes_7-6-5:

Version 7.6.5 — 2024-11-14

  • Fix: fine-tuned the exact Python version (3.12.6) when exiting from with statements changed how they traced. This affected whether people saw the fix for issue 1880_.

  • Fix: isolate our code more from mocking in the os module that in rare cases can cause bizarre behavior <pytest-cov-666_>_.

  • Refactor: some code unreachable code paths in parser.py were changed to

... (truncated)

Commits
  • 6134266 docs: sample HTML for 7.6.8
  • 041f963 docs: prep for 7.6.8
  • 7fe48b6 build: don't search generated report files
  • f219144 docs: start changelog entries with capital letters
  • d1a916a fix: a line that branches nowhere must always raise an exception
  • 2ace7a2 fix: don't assume 'no branches' means 'not executed' #1896
  • 3ed5915 style: all of ci should use underscores
  • 0db86f2 build: automate updating readthedocs
  • 2a89551 chore: make upgrade (not sure why files became absolute)
  • ba9c157 chore: make doc_upgrade
  • Additional commits viewable in compare view

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27


* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.

.. _v43-0-3:

Commits

Updates django from 5.1.2 to 5.1.3

Commits
  • 69bf08e [5.1.x] Bumped version for 5.1.3 release.
  • e3984ca [5.1.x] Added release date for 5.1.3.
  • 4ae3581 [5.1.x] Made minor edits to form fields docs.
  • 9fa2d23 [5.1.x] Fixed #35876 -- Displayed non-ASCII fieldset names when rendering Mod...
  • 5045dab [5.1.x] Added missing lang attributes to html elements in docs.
  • ffc67aa [5.1.x] Fixed #35864 -- Documented EmailMessage.connection is ignored when us...
  • 4915fea [5.1.x] Fixed #35873 -- Corrected Form.as_table() call in form docs.
  • b57a839 [5.1.x] Refs #35844 -- Expanded compatibility for expected error messages in ...
  • c5ddc85 [5.1.x] Corrected note on importing fields in model field reference docs.
  • 0a1091f [5.1.x] Removed unneeded OS reference on running the test suite in contributi...
  • Additional commits viewable in compare view

Updates django-allauth from 65.1.0 to 65.3.0

Commits

Updates pyjwt from 2.9.0 to 2.10.1

Release notes

Sourced from pyjwt's releases.

2.10.1

Fixed

Full Changelog: jpadilla/pyjwt@2.10.0...2.10.1

2.10.0

What's Changed

New Contributors

Full Changelog: jpadilla/pyjwt@2.9.0...2.10.0

Changelog

Sourced from pyjwt's changelog.

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

Fixed


- Prevent partial matching of `iss` claim by @fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__

v2.10.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0&gt;__


Changed

  • Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @​luhn in [#975](https://github.com/jpadilla/pyjwt/issues/975) <https://github.com/jpadilla/pyjwt/pull/975>__

  • Use Sequence for parameter types rather than List where applicable by @​imnotjames in [#970](https://github.com/jpadilla/pyjwt/issues/970) <https://github.com/jpadilla/pyjwt/pull/970>__

  • Add JWK support to JWT encode by @​luhn in [#979](https://github.com/jpadilla/pyjwt/issues/979) <https://github.com/jpadilla/pyjwt/pull/979>__

  • Encoding and decoding payloads using the none algorithm by @​jpadilla in #c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>

    Before:

    .. code-block:: pycon

    import jwt jwt.encode({"payload": "abc"}, key=None, algorithm=None)

    After:

    .. code-block:: pycon

    import jwt jwt.encode({"payload": "abc"}, key=None, algorithm="none")

  • Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @​Divan009 in [#1005](https://github.com/jpadilla/pyjwt/issues/1005) <https://github.com/jpadilla/pyjwt/pull/1005>__

  • Refactor project configuration files from setup.cfg to pyproject.toml by @​cleder in [#995](https://github.com/jpadilla/pyjwt/issues/995) <https://github.com/jpadilla/pyjwt/pull/995>__

  • Ruff linter and formatter changes by @​gagandeepp in [#1001](https://github.com/jpadilla/pyjwt/issues/1001) <https://github.com/jpadilla/pyjwt/pull/1001>__

  • Drop support for Python 3.8 (EOL) by @​kkirsche in [#1007](https://github.com/jpadilla/pyjwt/issues/1007) <https://github.com/jpadilla/pyjwt/pull/1007>__

Fixed


- Encode EC keys with a fixed bit length by @etianen in `[#990](https://github.com/jpadilla/pyjwt/issues/990) <https://github.com/jpadilla/pyjwt/pull/990>`__
- Add an RTD config file to resolve Read the Docs build failures by @kurtmckee in `[#977](https://github.com/jpadilla/pyjwt/issues/977) <https://github.com/jpadilla/pyjwt/pull/977>`__
- Docs: Update ``iat`` exception docs by @pachewise in `[#974](https://github.com/jpadilla/pyjwt/issues/974) <https://github.com/jpadilla/pyjwt/pull/974>`__
- Docs: Fix ``decode_complete`` scope and algorithms by @RbnRncn in `[#982](https://github.com/jpadilla/pyjwt/issues/982) <https://github.com/jpadilla/pyjwt/pull/982>`__
- Fix doctest for ``docs/usage.rst`` by @pachewise in `[#986](https://github.com/jpadilla/pyjwt/issues/986) <https://github.com/jpadilla/pyjwt/pull/986>`__
</tr></table>

... (truncated)

Commits

Updates sqlparse from 0.5.1 to 0.5.2

Changelog

Sourced from sqlparse's changelog.

Release 0.5.2 (Nov 14, 2024)

Bug Fixes

  • EXTENSION is now recognized as a keyword (issue785).
  • SQL hints are not removed when removing comments (issue262, by skryzh).
Commits
  • 7084df8 Add support for Python 3.13.
  • 5f37dd6 Bump version to 0.5.2.
  • 7c70674 Update authors and changelog.
  • 48bd14e [feature] returning .gitignore to previous version
  • 2f9c7ec [feature] deleting envs from .gitignore, creating test for SQL-Hints
  • 8eb778c [fix] issue262 adding comment and tests
  • af6df6c [fix] fixing SQL-Hint deleting when clearing script from comments
  • a2c7e64 Update column_defs_lowlevel.py
  • e48000a Add EXTENSION as keyword (fixes #785).
  • 5785736 Use hatch for upload as well.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all group across 1 directory with 6 updates
f6a318f 
Bumps the all group with 6 updates in the /localcert directory:

| Package | From | To |
| --- | --- | --- |
| [coverage](https://github.com/nedbat/coveragepy) | `7.6.4` | `7.6.8` |
| [cryptography](https://github.com/pyca/cryptography) | `43.0.3` | `44.0.0` |
| [django](https://github.com/django/django) | `5.1.2` | `5.1.3` |
| [django-allauth](https://github.com/sponsors/pennersr) | `65.1.0` | `65.3.0` |
| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.9.0` | `2.10.1` |
| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.5.1` | `0.5.2` |



Updates `coverage` from 7.6.4 to 7.6.8
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.6.4...7.6.8)

Updates `cryptography` from 43.0.3 to 44.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@43.0.3...44.0.0)

Updates `django` from 5.1.2 to 5.1.3
- [Commits](django/django@5.1.2...5.1.3)

Updates `django-allauth` from 65.1.0 to 65.3.0
- [Commits](https://github.com/sponsors/pennersr/commits)

Updates `pyjwt` from 2.9.0 to 2.10.1
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](jpadilla/pyjwt@2.9.0...2.10.1)

Updates `sqlparse` from 0.5.1 to 0.5.2
- [Release notes](https://github.com/andialbrecht/sqlparse/releases)
- [Changelog](https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG)
- [Commits](andialbrecht/sqlparse@0.5.1...0.5.2)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: django-allauth
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: pyjwt
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: sqlparse
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 2, 2024
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Dec 9, 2024

Superseded by #152.

@dependabot dependabot bot closed this Dec 9, 2024
@dependabot dependabot bot deleted the dependabot/pip/localcert/all-20907599f3 branch December 9, 2024 03:06
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant