Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the poetry group across 1 directory with 8 updates #50

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the poetry group across 1 directory with 8 updates #50

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 30, 2025

Bumps the poetry group with 8 updates in the / directory:

Package From To
authlib 1.3.2 1.4.1
cryptography 43.0.3 44.0.0
fastapi 0.115.5 0.115.8
httpx 0.27.2 0.28.1
pre-commit 4.0.1 4.1.0
pydantic 2.9.2 2.10.6
ruff 0.7.4 0.9.3
uvicorn 0.32.0 0.34.0

Updates authlib from 1.3.2 to 1.4.1

Release notes

Sourced from authlib's releases.

Version 1.4.1

  • Improve garbage collection on OAuth clients. #698
  • Fix client parameters for httpx. #694

Version 1.4.0

Bugfixes

  • Fix id_token decoding when kid is null. #659
  • Support for Python 3.13. #682
  • Force login if the prompt parameter value is login. #637
  • Support for httpx 0.28. #695

Breaking changes

  • Stop support for Python 3.8. #682
Changelog

Sourced from authlib's changelog.

Version 1.4.1

Released on Jan 28, 2025

  • Improve garbage collection on OAuth clients. :issue:698
  • Fix client parameters for httpx. :issue:694

Version 1.4.0

Released on Dec 20, 2024

  • Fix id_token decoding when kid is null. :pr:659
  • Support for Python 3.13. :pr:682
  • Force login if the prompt parameter value is login. :pr:637
  • Support for httpx 0.28, :pr:695

Breaking changes:

  • Stop support for Python 3.8. :pr:682
Commits
  • 0e8f480 chore: release 1.4.1
  • c46e939 fix(client): improve garbage collection for oauth clients
  • 9188e21 fix(httpx): remove compact code for httpx
  • c7e2d9f fix(httpx): update test cases for httpx
  • ce1405d fix: improve garbage collection via #698
  • 532cce6 fix: update httpx client kwargs #694
  • fe12a57 chore: update readme
  • eb34edf chore: release 1.4.0
  • bc55003 Merge pull request #695 from MeggyCal/master
  • 1d10ff3 Support httpx 0.28
  • Additional commits viewable in compare view

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27


* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.

.. _v43-0-3:

Commits

Updates fastapi from 0.115.5 to 0.115.8

Release notes

Sourced from fastapi's releases.

0.115.8

Fixes

  • 🐛 Fix OAuth2PasswordRequestForm and OAuth2PasswordRequestFormStrict fixed grant_type "password" RegEx. PR #9783 by @​skarfie123.

Refactors

Docs

Translations

  • 🌐 Add Japanese translation for docs/ja/docs/environment-variables.md. PR #13226 by @​k94-ishi.
  • 🌐 Add Russian translation for docs/ru/docs/advanced/async-tests.md. PR #13227 by @​Rishat-F.
  • 🌐 Update Russian translation for docs/ru/docs/tutorial/dependencies/dependencies-in-path-operation-decorators.md. PR #13252 by @​Rishat-F.
  • 🌐 Add Russian translation for docs/ru/docs/tutorial/bigger-applications.md. PR #13154 by @​alv2017.

Internal

  • ⬆️ Add support for Python 3.13. PR #13274 by @​tiangolo.
  • ⬆️ Upgrade AnyIO max version for tests, new range: >=3.2.1,<5.0.0. PR #13273 by @​tiangolo.
  • 🔧 Update Sponsors badges. PR #13271 by @​tiangolo.
  • ♻️ Fix notify_translations.py empty env var handling for PR label events vs workflow_dispatch. PR #13272 by @​tiangolo.
  • ♻️ Refactor and move scripts/notify_translations.py, no need for a custom GitHub Action. PR #13270 by @​tiangolo.
  • 🔨 Update FastAPI People Experts script, refactor and optimize data fetching to handle rate limits. PR #13267 by @​tiangolo.
  • ⬆ Bump pypa/gh-action-pypi-publish from 1.12.3 to 1.12.4. PR #13251 by @​dependabot[bot].

0.115.7

Upgrades

Refactors

... (truncated)

Commits
  • 7128971 🔖 Release version 0.115.8
  • 55f8a44 📝 Update release notes
  • 83ab6ac 📝 Change the word "unwrap" to "unpack" in `docs/en/docs/tutorial/extra-models...
  • 3d02a92 📝 Update release notes
  • 1b00f8a ✅ Simplify tests for body_multiple_params (#13237)
  • d97647f 📝 Update release notes
  • 9667ce8 📝 Update Request Body's tutorial002 to deal with tax=0 case (#13230)
  • 0541693 📝 Update release notes
  • 041b2e1 📝 Update release notes
  • 30b270b ♻️ Move duplicated code portion to a static method in the APIKeyBase super ...
  • Additional commits viewable in compare view

Updates httpx from 0.27.2 to 0.28.1

Release notes

Sourced from httpx's releases.

Version 0.28.1

0.28.1 (6th December, 2024)

  • Fix SSL case where verify=False together with client side certificates.

Version 0.28.0

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

  • The verify argument as a string argument is now deprecated and will raise warnings.
  • The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

  • The deprecated proxies argument has now been removed.
  • The deprecated app argument has now been removed.
  • JSON request bodies use a compact representation. (#3363)
  • Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
  • Ensure certifi and httpcore are only imported if required. (#3377)
  • Treat socks5h as a valid proxy scheme. (#3178)
  • Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
  • Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)
Changelog

Sourced from httpx's changelog.

0.28.1 (6th December, 2024)

  • Fix SSL case where verify=False together with client side certificates.

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

  • The verify argument as a string argument is now deprecated and will raise warnings.
  • The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

  • The deprecated proxies argument has now been removed.
  • The deprecated app argument has now been removed.
  • JSON request bodies use a compact representation. (#3363)
  • Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
  • Ensure certifi and httpcore are only imported if required. (#3377)
  • Treat socks5h as a valid proxy scheme. (#3178)
  • Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
  • Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)
Commits

Updates pre-commit from 4.0.1 to 4.1.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.1.0

Features

Fixes

Changelog

Sourced from pre-commit's changelog.

4.1.0 - 2025-01-20

Features

Fixes

Commits
  • b152e92 v4.1.0
  • c3125a4 Merge pull request #3389 from lorenzwalthert/dev-always-unset-renv
  • c2c061c fix: ensure env patch is applied for vanilla emulation
  • cd429db Merge pull request #3382 from pre-commit/pre-commit-ci-update-config
  • 9b9f8e2 [pre-commit.ci] pre-commit autoupdate
  • 86300a4 Merge pull request #3376 from pre-commit/r-gone
  • 77edad8 install r on ubuntu runners
  • 18b3939 Merge pull request #3375 from pre-commit/dotnet-tests-ubuntu-latest
  • 31cb945 Merge pull request #3374 from pre-commit/docker-image-tests-ubuntu-22-not-pre...
  • 28c3d81 update .net tests to use .net 8
  • Additional commits viewable in compare view

Updates pydantic from 2.9.2 to 2.10.6

Release notes

Sourced from pydantic's releases.

v2.10.6 2025-01-23

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.10.5...v2.10.6

v2.10.5 2024-12-18

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.10.4...v2.10.5

v2.10.4 2024-12-18

What's Changed

Packaging

Fixes

New Contributors

Full Changelog: pydantic/pydantic@v2.10.3...v2.10.4

v2.10.3 2024-12-03

What's Changed

Fixes

  • Set fields when defer_build is set on Pydantic dataclasses by @​Viicos in #10984
  • Do not resolve the JSON Schema reference for dict core schema keys by @​Viicos in #10989
  • Use the globals of the function when evaluating the return type for PlainSerializer and WrapSerializer functions by @​Viicos in #11008

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.10.6 (2025-01-23)

GitHub release

What's Changed

Fixes

v2.10.5 (2025-01-08)

GitHub release

What's Changed

Fixes

v2.10.4 (2024-12-18)

GitHub release

What's Changed

Packaging

Fixes

New Contributors

v2.10.3 (2024-12-03)

... (truncated)

Commits

Updates ruff from 0.7.4 to 0.9.3

Release notes

Sourced from ruff's releases.

0.9.3

Release Notes

Preview features

  • [airflow] Argument fail_stop in DAG has been renamed as fail_fast (AIR302) (#15633)
  • [airflow] Extend AIR303 with more symbols (#15611)
  • [flake8-bandit] Report all references to suspicious functions (S3) (#15541)
  • [flake8-pytest-style] Do not emit diagnostics for empty for loops (PT012, PT031) (#15542)
  • [flake8-simplify] Avoid double negations (SIM103) (#15562)
  • [pyflakes] Fix infinite loop with unused local import in __init__.py (F401) (#15517)
  • [pylint] Do not report methods with only one EM101-compatible raise (PLR6301) (#15507)
  • [pylint] Implement redefined-slots-in-subclass (W0244) (#9640)
  • [pyupgrade] Add rules to use PEP 695 generics in classes and functions (UP046, UP047) (#15565, #15659)
  • [refurb] Implement for-loop-writes (FURB122) (#10630)
  • [ruff] Implement needless-else clause (RUF047) (#15051)
  • [ruff] Implement starmap-zip (RUF058) (#15483)

Rule changes

  • [flake8-bugbear] Do not raise error if keyword argument is present and target-python version is less or equals than 3.9 (B903) (#15549)
  • [flake8-comprehensions] strip parentheses around generators in unnecessary-generator-set (C401) (#15553)
  • [flake8-pytest-style] Rewrite references to .exception (PT027) (#15680)
  • [flake8-simplify] Mark fixes as unsafe (SIM201, SIM202) (#15626)
  • [flake8-type-checking] Fix some safe fixes being labeled unsafe (TC006,TC008) (#15638)
  • [isort] Omit trailing whitespace in unsorted-imports (I001) (#15518)
  • [pydoclint] Allow ignoring one line docstrings for DOC rules (#13302)
  • [pyflakes] Apply redefinition fixes by source code order (F811) (#15575)
  • [pyflakes] Avoid removing too many imports in redefined-while-unused (F811) (#15585)
  • [pyflakes] Group redefinition fixes by source statement (F811) (#15574)
  • [pylint] Include name of base class in message for redefined-slots-in-subclass (W0244) (#15559)
  • [ruff] Update fix for RUF055 to use var == value (#15605)

Formatter

  • Fix bracket spacing for single-element tuples in f-string expressions (#15537)
  • Fix unstable f-string formatting for expressions containing a trailing comma (#15545)

Performance

  • Avoid quadratic membership check in import fixes (#15576)

Server

  • Allow unsafe-fixes settings for code actions (#15666)

Bug fixes

  • [flake8-bandit] Add missing single-line/dotall regex flag (S608) (#15654)
  • [flake8-import-conventions] Fix infinite loop between ICN001 and I002 (ICN001) (#15480)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.3

Preview features

  • [airflow] Argument fail_stop in DAG has been renamed as fail_fast (AIR302) (#15633)
  • [airflow] Extend AIR303 with more symbols (#15611)
  • [flake8-bandit] Report all references to suspicious functions (S3) (#15541)
  • [flake8-pytest-style] Do not emit diagnostics for empty for loops (PT012, PT031) (#15542)
  • [flake8-simplify] Avoid double negations (SIM103) (#15562)
  • [pyflakes] Fix infinite loop with unused local import in __init__.py (F401) (#15517)
  • [pylint] Do not report methods with only one EM101-compatible raise (PLR6301) (#15507)
  • [pylint] Implement redefined-slots-in-subclass (W0244) (#9640)
  • [pyupgrade] Add rules to use PEP 695 generics in classes and functions (UP046, UP047) (#15565, #15659)
  • [refurb] Implement for-loop-writes (FURB122) (#10630)
  • [ruff] Implement needless-else clause (RUF047) (#15051)
  • [ruff] Implement starmap-zip (RUF058) (#15483)

Rule changes

  • [flake8-bugbear] Do not raise error if keyword argument is present and target-python version is less or equals than 3.9 (B903) (#15549)
  • [flake8-comprehensions] strip parentheses around generators in unnecessary-generator-set (C401) (#15553)
  • [flake8-pytest-style] Rewrite references to .exception (PT027) (#15680)
  • [flake8-simplify] Mark fixes as unsafe (SIM201, SIM202) (#15626)
  • [flake8-type-checking] Fix some safe fixes being labeled unsafe (TC006,TC008) (#15638)
  • [isort] Omit trailing whitespace in unsorted-imports (I001) (#15518)
  • [pydoclint] Allow ignoring one line docstrings for DOC rules (#13302)
  • [pyflakes] Apply redefinition fixes by source code order (F811) (#15575)
  • [pyflakes] Avoid removing too many imports in redefined-while-unused (F811) (#15585)
  • [pyflakes] Group redefinition fixes by source statement (F811) (#15574)
  • [pylint] Include name of base class in message for redefined-slots-in-subclass (W0244) (#15559)
  • [ruff] Update fix for RUF055 to use var == value (#15605)

Formatter

  • Fix bracket spacing for single-element tuples in f-string expressions (#15537)
  • Fix unstable f-string formatting for expressions containing a trailing comma (#15545)

Performance

  • Avoid quadratic membership check in import fixes (#15576)

Server

  • Allow unsafe-fixes settings for code actions (#15666)

Bug fixes

  • [flake8-bandit] Add missing single-line/dotall regex flag (S608) (#15654)
  • [flake8-import-conventions] Fix infinite loop between ICN001 and I002 (ICN001) (#15480)
  • [flake8-simplify] Do not emit diagnostics for expressions inside string type annotations (SIM222, SIM223) (#15405)

... (truncated)

Commits
  • 9058937 Fix grep for version number in docker build (#15699)
  • b5ffb40 Bump version to 0.9.3 (#15698)
  • cffd186 Preserve raw string prefix and escapes (#15694)
  • 569060f [flake8-pytest-style] Rewrite references to .exception (PT027) (#15680)
  • 15394a8 [red-knot] MDTests: Do not depend on precise public-symbol type inference (#1...
  • fc2ebea [red-knot] Make infer.rs unit tests independent of public symbol inference ...
  • 43160b4 Tidy knot CLI tests (#15685)
  • 0173738 [red-knot] Port comprehension tests to Markdown (#15688)
  • 05ea77b Create Unknown rule diagnostics with a source range (#15648)
  • 1e790d3 [red-knot] Port 'deferred annotations' unit tests to Markdown (#15686)
  • Additional commits viewable in compare view

Updates uvicorn from 0.32.0 to 0.34.0

Release notes

Sourced from uvicorn's releases.

Version 0.34.0

What's Changed

Full Changelog: encode/uvicorn@0.33.0...0.34.0

Version 0.33.0

What's Changed

New Contributors

Full Changelog: encode/uvicorn@0.32.1...0.33.0

Version 0.32.1

What's Changed

Full Changelog: encode/uvicorn@0.32.0...0.32.1

Changelog

Sourced from uvicorn's changelog.

0.34.0 (December 15, 2024)

Added

  • Add content-length to 500 response in wsproto implementation (#2542)

Removed

  • Drop support for Python 3.8 (#2543)

0.33.0 (December 14, 2024)

Removed

  • Remove WatchGod support for --reload (#2536)

0.32.1 (November 20, 2024)

Fixed

  • Drop ASGI spec version to 2.3 on HTTP scope (#2513)
  • Enable httptools lenient data on httptools >= 0.6.3 (#2488)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency'...

Description has been truncated

@dependabot
build(deps): bump the poetry group across 1 directory with 8 updates
e16c970 
Bumps the poetry group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [authlib](https://github.com/lepture/authlib) | `1.3.2` | `1.4.1` |
| [cryptography](https://github.com/pyca/cryptography) | `43.0.3` | `44.0.0` |
| [fastapi](https://github.com/fastapi/fastapi) | `0.115.5` | `0.115.8` |
| [httpx](https://github.com/encode/httpx) | `0.27.2` | `0.28.1` |
| [pre-commit](https://github.com/pre-commit/pre-commit) | `4.0.1` | `4.1.0` |
| [pydantic](https://github.com/pydantic/pydantic) | `2.9.2` | `2.10.6` |
| [ruff](https://github.com/astral-sh/ruff) | `0.7.4` | `0.9.3` |
| [uvicorn](https://github.com/encode/uvicorn) | `0.32.0` | `0.34.0` |



Updates `authlib` from 1.3.2 to 1.4.1
- [Release notes](https://github.com/lepture/authlib/releases)
- [Changelog](https://github.com/lepture/authlib/blob/master/docs/changelog.rst)
- [Commits](lepture/authlib@v1.3.2...v1.4.1)

Updates `cryptography` from 43.0.3 to 44.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@43.0.3...44.0.0)

Updates `fastapi` from 0.115.5 to 0.115.8
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.115.5...0.115.8)

Updates `httpx` from 0.27.2 to 0.28.1
- [Release notes](https://github.com/encode/httpx/releases)
- [Changelog](https://github.com/encode/httpx/blob/master/CHANGELOG.md)
- [Commits](encode/httpx@0.27.2...0.28.1)

Updates `pre-commit` from 4.0.1 to 4.1.0
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.0.1...v4.1.0)

Updates `pydantic` from 2.9.2 to 2.10.6
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.9.2...v2.10.6)

Updates `ruff` from 0.7.4 to 0.9.3
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.7.4...0.9.3)

Updates `uvicorn` from 0.32.0 to 0.34.0
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/docs/release-notes.md)
- [Commits](encode/uvicorn@0.32.0...0.34.0)

---
updated-dependencies:
- dependency-name: authlib
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: poetry
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: poetry
- dependency-name: fastapi
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: poetry
- dependency-name: httpx
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: poetry
- dependency-name: pre-commit
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: poetry
- dependency-name: pydantic
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: poetry
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: poetry
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: poetry
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 30, 2025
@dependabot dependabot bot mentioned this pull request Jan 30, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants