Skip to content

build(deps): bump the python-dependencies group across 1 directory with 12 updates#921

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/python-dependencies-97e5c46ce6
Open

build(deps): bump the python-dependencies group across 1 directory with 12 updates#921
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/python-dependencies-97e5c46ce6

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2024

Bumps the python-dependencies group with 12 updates in the / directory:

Package From To
django 5.0.7 5.1.2
gunicorn 22.0.0 23.0.0
lxml 5.2.2 5.3.0
markdown 3.6 3.7
psycopg 3.2.2 3.2.3
werkzeug 3.0.3 3.1.0
black 24.8.0 24.10.0
mypy 1.11.2 1.13.0
pylint 3.3.0 3.3.1
django-stubs 5.0.4 5.1.1
pylint-django 2.5.5 2.6.1
djlint 1.35.2 1.35.4

Updates django from 5.0.7 to 5.1.2

Commits
  • c499184 [5.1.x] Bumped version for 5.1.2 release.
  • 6e07a77 [5.1.x] Added release date for 5.1.2.
  • 17fa759 [5.1.x] Fixed #35809 -- Set background color for selected rows in the admin's...
  • e245f62 [5.1.x] Updated translations from Transifex.
  • 6bedb10 [5.1.x] Reindented attributes and methods for classes in docs/ref/middleware....
  • bf64ac3 [5.1.x] Fixed #35670 -- Clarified the return value for LoginRequiredMiddlewar...
  • 5303113 [5.1.x] Relocated path() explanation to docs/ref/urls.txt to simplify tutoria...
  • 22bce64 [5.1.x] Fixed #35734 -- Used JSONB_BUILD_OBJECT database function on PostgreS...
  • 9e146b2 [5.1.x] Made cosmetic edits to the Steering council docs.
  • 251180f [5.1.x] Removed setting the release schedule from Steering Council prerogativ...
  • Additional commits viewable in compare view

Updates gunicorn from 22.0.0 to 23.0.0

Release notes

Sourced from gunicorn's releases.

23.0.0

Gunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and which improve safety

You're invited to upgrade asap your own installation.

23.0.0 - 2024-08-10

  • minor docs fixes (:pr:3217, :pr:3089, :pr:3167)
  • worker_class parameter accepts a class (:pr:3079)
  • fix deadlock if request terminated during chunked parsing (:pr:2688)
  • permit receiving Transfer-Encodings: compress, deflate, gzip (:pr:3261)
  • permit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:3261)
  • sdist generation now explicitly excludes sphinx build folder (:pr:3257)
  • decode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising TypeError (:pr:2336)
  • raise correct Exception when encounting invalid chunked requests (:pr:3258)
  • the SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:3192)
  • include IPv6 loopback address [::1] in default for :ref:forwarded-allow-ips and :ref:proxy-allow-ips (:pr:3192)

** NOTE **

  • The SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release
  • Review your :ref:forwarded-allow-ips setting if you are still not seeing the SCRIPT_NAME transmitted
  • Review your :ref:forwarder-headers setting if you are missing headers after upgrading from a version prior to 22.0.0

** Breaking changes **

  • refuse requests where the uri field is empty (:pr:3255)
  • refuse requests with invalid CR/LR/NUL in heade field values (:pr:3253)
  • remove temporary --tolerate-dangerous-framing switch from 22.0 (:pr:3260)
  • If any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.

Fix CVE-2024-1135

Commits
  • 411986d fix doc
  • 334392e Merge pull request #2559 from laggardkernel/bugfix/reexec-env
  • e75c353 Merge pull request #3189 from pajod/patch-py36
  • 9357b28 keep document user in access_log_format setting
  • 79fdef0 bump to 23.0.0
  • 3acd9fb Merge pull request #2620 from talkerbox/improve-access-log-format-docs
  • 3f56d76 Merge pull request #3192 from pajod/patch-allowed-script-name
  • 256d474 docs: revert duped directive
  • ffa48b5 test: default change was intentional
  • 52538ca docs: recommend SCRIPT_NAME=/subfolder
  • Additional commits viewable in compare view

Updates lxml from 5.2.2 to 5.3.0

Changelog

Sourced from lxml's changelog.

5.3.0 (2024-08-10)

Features added

  • GH#421: Nested CDATA sections are no longer rejected but split on output to represent ]]> correctly. Patch by Gertjan Klein.

Bugs fixed

  • LP#2060160: Attribute values serialised differently in xmlfile.element() and xmlfile.write().

  • LP#2058177: The ISO-Schematron implementation could fail on unknown prefixes. Patch by David Lakin.

Other changes

  • LP#2067707: The strip_cdata option in HTMLParser() turned out to be useless and is now deprecated.

  • Binary wheels use the library versions libxml2 2.12.9 and libxslt 1.1.42.

  • Windows binary wheels use the library versions libxml2 2.11.8 and libxslt 1.1.39.

  • Built with Cython 3.0.11.

Commits
  • 475f4ab Update release date.
  • e356a1e Build: Add some debug output.
  • 8345680 Build: Retry library downloads on failures.
  • 2fe6c90 CI: Test oldest officially supported library versions again (the slightly new...
  • 00335a1 Build: Improve download regexes.
  • f3da47d Prepare release of lxml 5.3.0.
  • 3119703 Add missing global name to "all" in lxml.etree.
  • 9de6180 Build: Upgrade cibuildwheel version also for the matrix setup.
  • 54e36cb Build: Upgrade libxslt to latest (1.1.42).
  • d4f56ee Build: Slightly increase the oldest libxslt version that we test against to w...
  • Additional commits viewable in compare view

Updates markdown from 3.6 to 3.7

Release notes

Sourced from markdown's releases.

Release 3.7

Changed

Refactor abbr Extension

A new AbbrTreeprocessor has been introduced, which replaces the now deprecated AbbrInlineProcessor. Abbreviation processing now happens after Attribute Lists, avoiding a conflict between the two extensions (#1460).

The AbbrPreprocessor class has been renamed to AbbrBlockprocessor, which better reflects what it is. AbbrPreprocessor has been deprecated.

A call to Markdown.reset() now clears all previously defined abbreviations.

Abbreviations are now sorted by length before executing AbbrTreeprocessor to ensure that multi-word abbreviations are implemented even if an abbreviation exists for one of those component words. (#1465)

Abbreviations without a definition are now ignored. This avoids applying abbr tags to text without a title value.

Added an optional glossary configuration option to the abbreviations extension. This provides a simple and efficient way to apply a dictionary of abbreviations to every page.

Abbreviations can now be disabled by setting their definition to "" or ''. This can be useful when using the glossary option.

Fixed

  • Fixed links to source code on GitHub from the documentation (#1453).
Changelog

Sourced from markdown's changelog.

[3.7] -- 2024-08-16

Changed

Refactor abbr Extension

A new AbbrTreeprocessor has been introduced, which replaces the now deprecated AbbrInlineProcessor. Abbreviation processing now happens after Attribute Lists, avoiding a conflict between the two extensions (#1460).

The AbbrPreprocessor class has been renamed to AbbrBlockprocessor, which better reflects what it is. AbbrPreprocessor has been deprecated.

A call to Markdown.reset() now clears all previously defined abbreviations.

Abbreviations are now sorted by length before executing AbbrTreeprocessor to ensure that multi-word abbreviations are implemented even if an abbreviation exists for one of those component words. (#1465)

Abbreviations without a definition are now ignored. This avoids applying abbr tags to text without a title value.

Added an optional glossary configuration option to the abbreviations extension. This provides a simple and efficient way to apply a dictionary of abbreviations to every page.

Abbreviations can now be disabled by setting their definition to "" or ''. This can be useful when using the glossary option.

Fixed

  • Fixed links to source code on GitHub from the documentation (#1453).
Commits
  • da03cd6 Bump version to 3.7
  • bd836a1 Update griffe_extensions to support Griffe v 1.0.
  • 33359fa Abbr Extension: Definition Sorting and Glossary storage
  • ec8c305 Refactor abbr Extension
  • 993b57b Fixed links to source code on GitHub from the documentation
  • See full diff in compare view

Updates psycopg from 3.2.2 to 3.2.3

Changelog

Sourced from psycopg's changelog.

.. currentmodule:: psycopg

.. index:: single: Release notes single: News

psycopg release notes

Current release

Psycopg 3.2.3 ^^^^^^^^^^^^^

  • Release binary packages including PostgreSQL 17 libpq (:ticket:[#852](https://github.com/psycopg/psycopg/issues/852)).

Psycopg 3.2.2 ^^^^^^^^^^^^^

  • Drop !TypeDef specifications as string from public modules, as they cannot be composed by users as !typing objects previously could (:ticket:[#860](https://github.com/psycopg/psycopg/issues/860)).
  • Release Python 3.13 binary packages.

Psycopg 3.2.1 ^^^^^^^^^^^^^

  • Fix packaging metadata breaking [c], [binary] dependencies (:ticket:[#853](https://github.com/psycopg/psycopg/issues/853)).

Psycopg 3.2

.. rubric:: New top-level features

  • Add support for integer, floating point, boolean NumPy scalar types__ (:ticket:[#332](https://github.com/psycopg/psycopg/issues/332)).
  • Add !timeout and !stop_after parameters to Connection.notifies() (:ticket:340).
  • Allow dumpers to return !None, to be converted to NULL (:ticket:[#377](https://github.com/psycopg/psycopg/issues/377)).
  • Add :ref:raw-query-cursors to execute queries using placeholders in PostgreSQL format ($1, $2...) (:tickets:[#560](https://github.com/psycopg/psycopg/issues/560), [#839](https://github.com/psycopg/psycopg/issues/839)).
  • Add capabilities object to :ref:inspect the libpq capabilities <capabilities> (:ticket:[#772](https://github.com/psycopg/psycopg/issues/772)).
  • Add ~rows.scalar_row to return scalar values from a query (:ticket:[#723](https://github.com/psycopg/psycopg/issues/723)).
  • Add ~Connection.cancel_safe() for encrypted and non-blocking cancellation when using libpq v17. Use such method internally to implement

... (truncated)

Commits
  • ce8f073 chore: bump psycopg package version to 3.2.3
  • 9af9267 Merge pull request #917 from psycopg/pg17
  • 9c9369b docs: mention PostgreSQL 17 in binary packages in the news file
  • d0b1a3a ci: install flex to build libpq
  • 17e8d85 ci(macos): fix dylib path for postgres 17 from brew
  • d066132 ci(macos): update brew to install PostgreSQL 17
  • 2cc362e ci: bump to PostgreSQL 17 in binary packages
  • 810bfcf chore: add PostgreSQL 17 TRANSACTION_TIMEOUT error
  • 2a02421 ci: Add PostgreSQL 17 to CI test grid, remove PostgreSQL 11
  • bea783d fix(windows): resolve absolute path to libpq
  • Additional commits viewable in compare view

Updates werkzeug from 3.0.3 to 3.1.0

Release notes

Sourced from werkzeug's releases.

3.1.0

This is the Werkzeug 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/Werkzeug/3.1.0/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-0 Milestone: https://github.com/pallets/werkzeug/milestone/34?closed=1

  • Drop support for Python 3.8. #2966
  • Remove previously deprecated code. #2967
  • Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. #2964
  • OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. #2968
  • Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.
    • Dict values are always str | None. Setting properties will convert the value to a string. Setting a property to False is equivalent to setting it to None. Getting typed properties will return None if conversion raises ValueError, rather than the string. #2980
    • max_age is None if present without a value, rather than -1. #2980
    • no_cache is a boolean for requests, it is True instead of "*" when present. It remains a string for responses. #2980
    • max_stale is True if present without a value, rather than "*". #2980
    • no_transform is a boolean. Previously it was mistakenly always None. #2881
    • min_fresh is None if present without a value, rather than "*". #2881
    • private is True if present without a value, rather than "*". #2980
    • Added the must_understand property. #2881
    • Added the stale_while_revalidate, and stale_if_error properties. #2948
    • Type annotations more accurately reflect the values. #2881
  • Support Cookie CHIPS (Partitioned Cookies). #2797
  • Add 421 MisdirectedRequest HTTP exception. #2850
  • Increase default work factor for PBKDF2 to 1,000,000 iterations. #2969
  • Inline annotations for datastructures, removing stub files. #2970
  • MultiDict.getlist catches TypeError in addition to ValueError when doing type conversion. #2976
  • Implement | and |= operators for MultiDict, Headers, and CallbackDict, and disallow |= on immutable types. #2977

3.0.6

This is the Werkzeug 3.0.6 security fix release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Werkzeug/3.0.6/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6

  • Fix how max_form_memory_size is applied when parsing large non-file fields. GHSA-q34m-jh98-gwm2
  • safe_join catches certain paths on Windows that were not caught by ntpath.isabs on Python < 3.11. GHSA-f9vj-2wh5-fj8j

3.0.5

This is the Werkzeug 3.0.5 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Werkzeug/3.0.5/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5 Milestone: https://github.com/pallets/werkzeug/milestone/37?closed=1

  • The Watchdog reloader ignores file closed no write events. #2945
  • Logging works with client addresses containing an IPv6 scope. #2952
  • Ignore invalid authorization parameters. #2955
  • Improve type annotation fore SharedDataMiddleware. #2958
  • Compatibility with Python 3.13 when generating debugger pin and the current UID does not have an associated name. #2957

... (truncated)

Changelog

Sourced from werkzeug's changelog.

Version 3.1.0

Released 2024-10-31

  • Drop support for Python 3.8. :pr:2966

  • Remove previously deprecated code. :pr:2967

  • Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. :issue:2964

  • OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. :issue:2968

  • Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.

    • Dict values are always str | None. Setting properties will convert the value to a string. Setting a property to False is equivalent to setting it to None. Getting typed properties will return None if conversion raises ValueError, rather than the string. :issue:2980
    • max_age is None if present without a value, rather than -1. :issue:2980
    • no_cache is a boolean for requests, it is True instead of "*" when present. It remains a string for responses. :issue:2980
    • max_stale is True if present without a value, rather than "*". :issue:2980
    • no_transform is a boolean. Previously it was mistakenly always None. :issue:2881
    • min_fresh is None if present without a value, rather than "*". :issue:2881
    • private is True if present without a value, rather than "*". :issue:2980
    • Added the must_understand property. :issue:2881
    • Added the stale_while_revalidate, and stale_if_error properties. :issue:2948
    • Type annotations more accurately reflect the values. :issue:2881

  • Support Cookie CHIPS (Partitioned Cookies). :issue:2797

  • Add 421 MisdirectedRequest HTTP exception. :issue:2850

  • Increase default work factor for PBKDF2 to 1,000,000 iterations. :issue:2969

  • Inline annotations for datastructures, removing stub files. :issue:2970

  • MultiDict.getlist catches TypeError in addition to ValueError when doing type conversion. :issue:2976

  • Implement | and |= operators for MultiDict, Headers, and CallbackDict, and disallow |= on immutable types. :issue:2977

Version 3.0.6

... (truncated)

Commits

Updates black from 24.8.0 to 24.10.0

Release notes

Sourced from black's releases.

24.10.0

Highlights

  • Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
  • Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
  • Black no longer supports running with Python 3.8 (#4452)

Stable style

  • Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
  • Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

  • Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

  • Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

  • Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
  • blackd now requires a newer version of aiohttp. (#4451)

Output

  • Added Python target version information on parse error (#4378)
  • Add information about Black version to internal error messages (#4457)
Changelog

Sourced from black's changelog.

24.10.0

Highlights

  • Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
  • Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
  • Black no longer supports running with Python 3.8 (#4452)

Stable style

  • Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
  • Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

  • Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

  • Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

  • Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
  • blackd now requires a newer version of aiohttp. (#4451)

Output

  • Added Python target version information on parse error (#4378)
  • Add information about Black version to internal error messages (#4457)
Commits

Updates mypy from 1.11.2 to 1.13.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Change to enum membership semantics

As per the updated typing specification for enums, enum members must be left unannotated.

class Pet(Enum):
    CAT = 1  # Member attribute
    DOG = 2  # Member attribute
    WOLF: int = 3  # New error: Enum members must be left unannotated
species: str  # Considered a non-member attribute

In particular, the specification change can result in issues in type stubs (.pyi files), since historically it was common to leave the value absent:

# In a type stub (.pyi file)
class Pet(Enum):
# Change in semantics: previously considered members, now non-member attributes
CAT: int
DOG: int
# Mypy will now issue a warning if it detects this situation in type stubs:
# &gt; Detected enum &quot;Pet&quot; in a type stub with zero members.
# &gt; There is a chance this is due to a recent change in the semantics of enum membership.
# &gt; If so, use `member = value` to mark an enum member, instead of `member: type`

class Pet(Enum):
# As per the specification, you should now do one of the following:
DOG = 1  # Member attribute with value 1 and known type
WOLF = cast(int, ...)  # Member attribute with unknown value but known type
LION = ...  # Member attribute with unknown value and unknown type

Contributed by Terence Honles in PR 17207 and Shantanu Jain in PR 18068.

Mypy 1.13

We’ve just uploaded mypy 1.13 to the Python Package Index (PyPI). Mypy is a static type checker for Python. You can install it as follows:

python3 -m pip install -U mypy

... (truncated)

Commits

Updates pylint from 3.3.0 to 3.3.1

Commits

Updates django-stubs from 5.0.4 to 5.1.1

Commits

Updates pylint-django from 2.5.5 to 2.6.1

Release notes

Sourced from pylint-django's releases.

Version 2.6.1 (10 Oct 2024)

NOTICE

We dropped support for Python 3.7, 3.8, and for pylint below 3.0.

Bugfixes

  • Added Django aliases for ranges to support psycopg 2 and 3 #421
  • Support for Python 3.12 datetime #427
  • Fixed location of installed LICENSE file #431
  • Fixed ForeignKeyStringChecker referencing linter config incorrectly #430

Other

  • CI now tests against Django 5.1

Version 2.6.0 (9 Oct 2024)

Not released on pypi for lack of a release pipeline at the time the tag was created, see 2.6.1.

Changelog

Sourced from pylint-django's changelog.

Version 2.6.1

NOTICE


We dropped support for Python 3.7, 3.8, and for pylint below 3.0.

Bugfixes

  • Added Django aliases for ranges to support psycopg 2 and 3 ([#421](https://github.com/pylint-dev/pylint-django/issues/421) <https://github.com/pylint-dev/pylint-django/pull/421>_)
  • Support for Python 3.12 datetime ([#427](https://github.com/pylint-dev/pylint-django/issues/427) <https://github.com/pylint-dev/pylint-django/pull/427>_)
  • Fixed location of installed LICENSE file ([#431](https://github.com/pylint-dev/pylint-django/issues/431) <https://github.com/pylint-dev/pylint-django/issues/431>_)
  • Fixed ForeignKeyStringChecker referencing linter config incorrectly ([#430](https://github.com/pylint-dev/pylint-django/issues/430) <https://github.com/pylint-dev/pylint-django/issues/430>_)

Other


- CI now tests against Django 5.1

Version 2.6.0 (09 Oct. 2024)


Not released for lack of a release pipeline at the time the tag was created.

Commits

Updates djlint from 1.35.2 to 1.35.4

Release notes

Sourced from djlint's releases.

v1.35.4

Compiled mypyc wheels are now also available, which improve performance by ~21% over Pure Python. They will be automatically installed by your package manager when available for your platform. Pure Python wheel is still available.

Other changes have been made to improve performance, thanks to @​JCWasmx86. See the commits for more details.

Formatting performance comparison with the previous version (tested on https://github.com/openedx/edx-platform with single thread):

Version Seconds
v1.35.3 20.39
v1.35.4 pure Python 14.39
v1.35.4 compiled 11.35

v1.35.3

This release significantly improves performance, especially for large files and large projects.

Formatting https://github.com/openedx/edx-platform took 87 seconds in the previous version, now it takes only 4 seconds (>2000% speedup)! Tested on a 32-core computer.

  • Performance improved by caching some functions. Thanks to @​JCWasmx86!
  • Removed the limitation on the number of workers introduced in v1.35.0.
  • Drop Python 3.8 support.
Changelog

Sourced from djlint's changelog.

[1.35.4] - 2024-11-01

Compiled mypyc wheels are now also available, which improve performance by ~21% over Pure Python. They will be automatically installed by your package manager when available for your platform. Pure Python wheel is still available.

Other changes have been made to improve performance, thanks to @​JCWasmx86. See the commits for more details.

Formatting performance comparison with the previous version (tested on https://github.com/openedx/edx-platform with single thread):

Version Seconds
v1.35.3 20.39
v1.35.4 pure Python 14.39
v1.35.4 compiled 11.35

[1.35.3] - 2024-10-30

This release significantly improves performance, especially for large files and large projects.

Formatting https://github.com/openedx/edx-platform took 87 seconds in the previous version, now it takes only 4 seconds (>2000% speedup)! Tested on a 32-core computer.

  • Performance improved by caching some functions. Thanks to @​JCWasmx86!
  • Removed the limitation on the number of workers introduced in v1.35.0.
  • Drop Python 3.8 support.
Commits
  • 7b983ef chore: edit changelog
  • a502628 chore: fix pypi publish
  • c8bc351 chore: don't publilsh to npm until published to pypi
  • f15ea13 v1.35.4
  • 6694c66 chore: fix publish workflow
  • 994dbac chore: don't assign re.finditer to variable
  • e4b977e perf: use regex more efficiently
  • b7ff74c perf: replace any() with for loops
  • 04dbd5f perf: deduplicate regex flags (#987)
  • 69638ce perf: reduce number of pure calls (#986)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the python-dependencies group across 1 directory wi…
294fedc 
…th 12 updates

Bumps the python-dependencies group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [django](https://github.com/django/django) | `5.0.7` | `5.1.2` |
| [gunicorn](https://github.com/benoitc/gunicorn) | `22.0.0` | `23.0.0` |
| [lxml](https://github.com/lxml/lxml) | `5.2.2` | `5.3.0` |
| [markdown](https://github.com/Python-Markdown/markdown) | `3.6` | `3.7` |
| [psycopg](https://github.com/psycopg/psycopg) | `3.2.2` | `3.2.3` |
| [werkzeug](https://github.com/pallets/werkzeug) | `3.0.3` | `3.1.0` |
| [black](https://github.com/psf/black) | `24.8.0` | `24.10.0` |
| [mypy](https://github.com/python/mypy) | `1.11.2` | `1.13.0` |
| [pylint](https://github.com/pylint-dev/pylint) | `3.3.0` | `3.3.1` |
| [django-stubs](https://github.com/typeddjango/django-stubs) | `5.0.4` | `5.1.1` |
| [pylint-django](https://github.com/pylint-dev/pylint-django) | `2.5.5` | `2.6.1` |
| [djlint](https://github.com/djlint/djLint) | `1.35.2` | `1.35.4` |



Updates `django` from 5.0.7 to 5.1.2
- [Commits](django/django@5.0.7...5.1.2)

Updates `gunicorn` from 22.0.0 to 23.0.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@22.0.0...23.0.0)

Updates `lxml` from 5.2.2 to 5.3.0
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](lxml/lxml@lxml-5.2.2...lxml-5.3.0)

Updates `markdown` from 3.6 to 3.7
- [Release notes](https://github.com/Python-Markdown/markdown/releases)
- [Changelog](https://github.com/Python-Markdown/markdown/blob/master/docs/changelog.md)
- [Commits](Python-Markdown/markdown@3.6...3.7)

Updates `psycopg` from 3.2.2 to 3.2.3
- [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst)
- [Commits](psycopg/psycopg@3.2.2...3.2.3)

Updates `werkzeug` from 3.0.3 to 3.1.0
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@3.0.3...3.1.0)

Updates `black` from 24.8.0 to 24.10.0
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@24.8.0...24.10.0)

Updates `mypy` from 1.11.2 to 1.13.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.11.2...v1.13.0)

Updates `pylint` from 3.3.0 to 3.3.1
- [Release notes](https://github.com/pylint-dev/pylint/releases)
- [Commits](pylint-dev/pylint@v3.3.0...v3.3.1)

Updates `django-stubs` from 5.0.4 to 5.1.1
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](typeddjango/django-stubs@5.0.4...5.1.1)

Updates `pylint-django` from 2.5.5 to 2.6.1
- [Release notes](https://github.com/pylint-dev/pylint-django/releases)
- [Changelog](https://github.com/pylint-dev/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pylint-dev/pylint-django/commits/v2.6.1)

Updates `djlint` from 1.35.2 to 1.35.4
- [Release notes](https://github.com/djlint/djLint/releases)
- [Changelog](https://github.com/djlint/djLint/blob/master/CHANGELOG.md)
- [Commits](djlint/djLint@v1.35.2...v1.35.4)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: gunicorn
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: lxml
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: markdown
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: psycopg
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: werkzeug
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: black
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: mypy
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: django-stubs
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: pylint-django
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: djlint
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants