Bump the pip group across 1 directory with 6 updates #440

dependabot · 2024-12-09T10:00:10Z

Bumps the pip group with 6 updates in the / directory:

Package	From	To
cryptography	`43.0.3`	`44.0.0`
fastapi[all]	`0.115.5`	`0.115.6`
pyjwt	`2.10.0`	`2.10.1`
pylint	`3.3.1`	`3.3.2`
pytest	`8.3.3`	`8.3.4`
faker	`33.0.0`	`33.1.0`

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9. * Deprecated Python 3.7 support. Python 3.7 is no longer supported by the Python core team. Support for Python 3.7 will be removed in a future ``cryptography`` release. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0. * macOS wheels are now built against the macOS 10.13 SDK. Users on older versions of macOS should upgrade, or they will need to build ``cryptography`` themselves. * Enforce the :rfc:`5280` requirement that extended key usage extensions must not be empty. * Added support for timestamp extraction to the :class:`~cryptography.fernet.MultiFernet` class. * Relax the Authority Key Identifier requirements on root CA certificates during X.509 verification to allow fields permitted by :rfc:`5280` but forbidden by the CA/Browser BRs. * Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id` when using OpenSSL 3.2.0+. * Added support for the :class:`~cryptography.x509.Admissions` certificate extension. * Added basic support for PKCS7 decryption (including S/MIME 3.2) via :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`, :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.

.. _v43-0-3:

Commits

f299a48 remove deprecated call (#12052)
439eb05 Bump version for 44.0.0 (#12051)
2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
e201c87 fixed metadata in changelog (#12044)
c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
d6cac75 Add support for decrypting S/MIME messages (#11555)
b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
Additional commits viewable in compare view

Updates fastapi[all] from 0.115.5 to 0.115.6

Release notes

Sourced from fastapi[all]'s releases.

0.115.6

Fixes

🐛 Preserve traceback when an exception is raised in sync dependency with yield. PR #5823 by @sombek.

Refactors

♻️ Update tests and internals for compatibility with Pydantic >=2.10. PR #12971 by @tamird.

Docs

📝 Update includes format in docs with an automated script. PR #12950 by @tiangolo.

📝 Update includes for docs/de/docs/advanced/using-request-directly.md. PR #12685 by @alissadb.

📝 Update includes for docs/de/docs/how-to/conditional-openapi.md. PR #12689 by @alissadb.

Translations

🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md. PR #12990 by @ILoveSorasakiHina.

🌐 Add Traditional Chinese translation for docs/zh-hant/docs/tutorial/query-param-models.md. PR #12932 by @Vincy1230.

🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md. PR #12992 by @Limsunoh.

🌐 Add Korean translation for docs/ko/docs/advanced/websockets.md. PR #12991 by @kwang1215.

🌐 Add Portuguese translation for docs/pt/docs/tutorial/response-model.md. PR #12933 by @AndreBBM.

🌐 Add Korean translation for docs/ko/docs/advanced/middlewares.md. PR #12753 by @nahyunkeem.

🌐 Add Korean translation for docs/ko/docs/advanced/openapi-webhooks.md. PR #12752 by @saeye.

🌐 Add Chinese translation for docs/zh/docs/tutorial/query-param-models.md. PR #12931 by @Vincy1230.

🌐 Add Russian translation for docs/ru/docs/tutorial/query-param-models.md. PR #12445 by @gitgernit.

🌐 Add Korean translation for docs/ko/docs/tutorial/query-param-models.md. PR #12940 by @jts8257.

🔥 Remove obsolete tutorial translation to Chinese for docs/zh/docs/tutorial/sql-databases.md, it references files that are no longer on the repo. PR #12949 by @tiangolo.

Internal

⬆ [pre-commit.ci] pre-commit autoupdate. PR #12954 by @pre-commit-ci[bot].

Commits

bb8c2a6 🔖 Release version 0.115.6
905ec1e 📝 Update release notes
4f81575 🐛 Preserve traceback when exception is raised in sync dependency with yield...
8255edf 📝 Update release notes
53c8784 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md (#12990)
2971352 📝 Update release notes
8376228 🌐 Add Traditional Chinese translation for `docs/zh-hant/docs/tutorial/query-p...
6c7873c 📝 Update release notes
d75b81c 🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md ...
206037c 📝 Update release notes
Additional commits viewable in compare view

Updates pyjwt from 2.10.0 to 2.10.1

Release notes

Sourced from pyjwt's releases.

2.10.1

Fixed

Prevent partial matching of iss claim. Thanks @fabianbadoi! (See: GHSA-75c5-xw7c-p5pm)

Full Changelog: jpadilla/pyjwt@2.10.0...2.10.1

Changelog

Sourced from pyjwt's changelog.

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

Fixed
- Prevent partial matching of `iss` claim by @fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__

Commits

3ebbb22 fix lint
37748dc update changelog
33022c2 Merge commit from fork
See full diff in compare view

Updates pylint from 3.3.1 to 3.3.2

Commits

a5a1bc3 Bump pylint to 3.3.2, update changelog (#10088)
621ecf6 Fix potential-index-error false positive when iterable contains starred ele...
5597aae Fix source root not recognized (#10036) (#10083)
ea8ed7e Bump astroid to 3.3.5 (#10004) (#10005)
ec4ca64 Fix release note typo (#9969) (#9971)
See full diff in compare view

Updates pytest from 8.3.3 to 8.3.4

Release notes

Sourced from pytest's releases.

8.3.4

pytest 8.3.4 (2024-12-01)

Bug fixes

#12592: Fixed KeyError{.interpreted-text role="class"} crash when using --import-mode=importlib in a directory layout where a directory contains a child directory with the same name.

#12818: Assertion rewriting now preserves the source ranges of the original instructions, making it play well with tools that deal with the AST, like executing.

#12849: ANSI escape codes for colored output now handled correctly in pytest.fail{.interpreted-text role="func"} with [pytrace=False]{.title-ref}.

#9353: pytest.approx{.interpreted-text role="func"} now uses strict equality when given booleans.

Improved documentation

#10558: Fix ambiguous docstring of pytest.Config.getoption{.interpreted-text role="func"}.

#10829: Improve documentation on the current handling of the --basetemp option and its lack of retention functionality (temporary directory location and retention{.interpreted-text role="ref"}).

#12866: Improved cross-references concerning the recwarn{.interpreted-text role="fixture"} fixture.

#12966: Clarify filterwarnings{.interpreted-text role="ref"} docs on filter precedence/order when using multiple @pytest.mark.filterwarnings <pytest.mark.filterwarnings ref>{.interpreted-text role="ref"} marks.

Contributor-facing changes

#12497: Fixed two failing pdb-related tests on Python 3.13.

Commits

53f8b4e Update pypa/gh-action-pypi-publish to v1.12.2
98dff36 Prepare release version 8.3.4
1b474e2 approx: use exact comparison for bool (#13013)
b541721 docs: Fix wrong statement about sys.modules with importlib import mode (#1298...
16cb87b pytest.fail: fix ANSI escape codes for colored output (#12959) (#12990)
be6bc81 Issue #12966 Clarify filterwarnings docs on precedence when using multiple ma...
7aeb72b Improve docs on basetemp and retention (#12912) (#12928)
c875841 Merge pull request #12917 from pytest-dev/patchback/backports/8.3.x/ded1f44e5...
6502816 Merge pull request #12913 from jakkdl/dontfailonbadpath
52135b0 Merge pull request #12885 from The-Compiler/pdb-py311 (#12887)
Additional commits viewable in compare view

Updates faker from 33.0.0 to 33.1.0

Release notes

Sourced from faker's releases.

Release v33.1.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v33.1.0 - 2024-11-27

Add support for Python 3.13. Thanks @edgarrmondragon.

Commits

8a249d0 Bump version: 33.0.0 → 33.1.0
edf6cbb 📝 Update CHANGELOG.md
3faa4f9 Declare support for Python 3.13 (#2071)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the pip group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [cryptography](https://github.com/pyca/cryptography) | `43.0.3` | `44.0.0` | | [fastapi[all]](https://github.com/fastapi/fastapi) | `0.115.5` | `0.115.6` | | [pyjwt](https://github.com/jpadilla/pyjwt) | `2.10.0` | `2.10.1` | | [pylint](https://github.com/pylint-dev/pylint) | `3.3.1` | `3.3.2` | | [pytest](https://github.com/pytest-dev/pytest) | `8.3.3` | `8.3.4` | | [faker](https://github.com/joke2k/faker) | `33.0.0` | `33.1.0` | Updates `cryptography` from 43.0.3 to 44.0.0 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@43.0.3...44.0.0) Updates `fastapi[all]` from 0.115.5 to 0.115.6 - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.115.5...0.115.6) Updates `pyjwt` from 2.10.0 to 2.10.1 - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](jpadilla/pyjwt@2.10.0...2.10.1) Updates `pylint` from 3.3.1 to 3.3.2 - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](pylint-dev/pylint@v3.3.1...v3.3.2) Updates `pytest` from 8.3.3 to 8.3.4 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@8.3.3...8.3.4) Updates `faker` from 33.0.0 to 33.1.0 - [Release notes](https://github.com/joke2k/faker/releases) - [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md) - [Commits](joke2k/faker@v33.0.0...v33.1.0) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major dependency-group: pip - dependency-name: fastapi[all] dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip - dependency-name: faker dependency-type: direct:production update-type: version-update:semver-minor dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the pip group across 1 directory with 6 updates #440

Bump the pip group across 1 directory with 6 updates #440

dependabot bot commented on behalf of github Dec 9, 2024

Bump the pip group across 1 directory with 6 updates #440

Are you sure you want to change the base?

Bump the pip group across 1 directory with 6 updates #440

Conversation

dependabot bot commented on behalf of github Dec 9, 2024

0.115.6

Fixes

Refactors

Docs

Translations

Internal

2.10.1

Fixed

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

8.3.4

pytest 8.3.4 (2024-12-01)

Bug fixes

Improved documentation

Contributor-facing changes

Release v33.1.0

v33.1.0 - 2024-11-27

`v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>`__