Upgrade: Bump the dependencies group with 25 updates

[dependabot]

Bumps the dependencies group with 25 updates:

Package	From	To
aiohttp	3.8.5	3.9.1
anyio	3.7.1	4.2.0
async-timeout	4.0.2	4.0.3
attrs	23.1.0	23.2.0
boto3	1.28.12	1.34.12
botocore	1.31.12	1.34.12
certifi	2023.7.22	2023.11.17
cffi	1.15.1	1.16.0
charset-normalizer	3.2.0	3.3.2
click	8.1.6	8.1.7
cryptography	41.0.2	41.0.7
exceptiongroup	1.1.2	1.2.0
frozenlist	1.4.0	1.4.1
gitdb	4.0.10	4.0.11
gitpython	3.1.32	3.1.40
httpcore	0.17.3	1.0.2
httpx	0.24.1	0.26.0
idna	3.4	3.6
packaging	23.1	23.2
s3transfer	0.6.1	0.10.0
sentry-sdk	1.28.1	1.39.1
smmap	5.0.0	5.0.1
urllib3	1.26.16	2.1.0
yarl	1.9.2	1.9.4
tuspy	1.0.1	1.0.3

Updates aiohttp from 3.8.5 to 3.9.1

Release notes

Sourced from aiohttp's releases.

3.9.1

Bugfixes

• Fixed importing aiohttp under PyPy on Windows.

  (#7848)

• Fixed async concurrency safety in websocket compressor.

  (#7865)

• Fixed ClientResponse.close() releasing the connection instead of closing.

  (#7869)

• Fixed a regression where connection may get closed during upgrade. -- by :user:Dreamsorcerer

  (#7879)

• Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:Dreamsorcerer

  (#7895)

---

3.9.0

Features

• Introduced AppKey for static typing support of Application storage. See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config

  (#5864)

• Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. The period can be adjusted with the shutdown_timeout parameter. -- by :user:Dreamsorcerer. See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown

  (#7188)

• Added handler_cancellation <https://docs.aiohttp.org/en/stable/web_advanced.html#web-handler-cancellation>_ parameter to cancel web handler on client disconnection. -- by :user:mosquito This (optionally) reintroduces a feature removed in a previous release. Recommended for those looking for an extra level of protection against denial-of-service attacks.

  (#7056)

• Added support for setting response header parameters max_line_size and max_field_size.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.9.1 (2023-11-26)

Bugfixes

• Fixed importing aiohttp under PyPy on Windows.

  [#7848](https://github.com/aio-libs/aiohttp/issues/7848) <https://github.com/aio-libs/aiohttp/issues/7848>_

• Fixed async concurrency safety in websocket compressor.

  [#7865](https://github.com/aio-libs/aiohttp/issues/7865) <https://github.com/aio-libs/aiohttp/issues/7865>_

• Fixed ClientResponse.close() releasing the connection instead of closing.

  [#7869](https://github.com/aio-libs/aiohttp/issues/7869) <https://github.com/aio-libs/aiohttp/issues/7869>_

• Fixed a regression where connection may get closed during upgrade. -- by :user:Dreamsorcerer

  [#7879](https://github.com/aio-libs/aiohttp/issues/7879) <https://github.com/aio-libs/aiohttp/issues/7879>_

• Fixed messages being reported as upgraded without an Upgrade header in Python parser. -- by :user:Dreamsorcerer

  [#7895](https://github.com/aio-libs/aiohttp/issues/7895) <https://github.com/aio-libs/aiohttp/issues/7895>_

---

3.9.0 (2023-11-18)

Features

• Introduced AppKey for static typing support of Application storage. See https://docs.aiohttp.org/en/stable/web_advanced.html#application-s-config

  [#5864](https://github.com/aio-libs/aiohttp/issues/5864) <https://github.com/aio-libs/aiohttp/issues/5864>_

• Added a graceful shutdown period which allows pending tasks to complete before the application's cleanup is called. The period can be adjusted with the shutdown_timeout parameter. -- by :user:Dreamsorcerer. See https://docs.aiohttp.org/en/latest/web_advanced.html#graceful-shutdown

  [#7188](https://github.com/aio-libs/aiohttp/issues/7188) <https://github.com/aio-libs/aiohttp/issues/7188>_

• Added handler_cancellation <https://docs.aiohttp.org/en/stable/web_advanced.html#web-handler-cancellation>_ parameter to cancel web handler on client disconnection. -- by :user:mosquito This (optionally) reintroduces a feature removed in a previous release.

... (truncated)

Commits

• 6333c02 Release v3.9.1 (#7911)
• 9dbd273 [PR #7673/aa7d1a8f backport][3.9] Document release process (#7909)
• dd175b6 Fix regression with connection upgrade (#7879) (#7908)
• 946523d Fix flaky websocket test (#7902) (#7904)
• ddc2a26 [PR #7896/9a7cfe77 backport][3.9] Fix some flaky tests (#7900)
• 2ae4d6f Message is not upgraded if Upgrade header is missing (#7895) (#7898)
• bb11101 Restore async concurrency safety to websocket compressor (#7865) (#7889)
• 6dd0122 Update dependabot.yml (#7888)
• 41a9f1f Bump mypy from 1.7.0 to 1.7.1 (#7882)
• a049701 Fix usage of proxy.py in test_proxy_functional (#7773) (#7876)
• Additional commits viewable in compare view

Updates anyio from 3.7.1 to 4.2.0

Release notes

Sourced from anyio's releases.

4.2.0

• Add support for byte-based paths in connect_unix, create_unix_listeners, create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by Lura Skye)

• Enabled the Event and CapacityLimiter classes to be instantiated outside an event loop thread

• Broadly improved/fixed the type annotations. Among other things, many functions and methods that take variadic positional arguments now make use of PEP 646 TypeVarTuple to allow the positional arguments to be validated by static type checkers. These changes affected numerous methods and functions, including:

  • anyio.run()
  • TaskGroup.start_soon()
  • anyio.from_thread.run()
  • anyio.from_thread.run_sync()
  • anyio.to_thread.run_sync()
  • anyio.to_process.run_sync()
  • BlockingPortal.call()
  • BlockingPortal.start_task_soon()
  • BlockingPortal.start_task()

  (also resolves #560)

• Fixed various type annotations of anyio.Path to match Typeshed:

  • anyio.Path.__lt__()
  • anyio.Path.__le__()
  • anyio.Path.__gt__()
  • anyio.Path.__ge__()
  • anyio.Path.__truediv__()
  • anyio.Path.__rtruediv__()
  • anyio.Path.hardlink_to()
  • anyio.Path.samefile()
  • anyio.Path.symlink_to()
  • anyio.Path.with_segments()

  (PR by Ganden Schaffner)

• Fixed adjusting the total number of tokens in a CapacityLimiter on asyncio failing to wake up tasks waiting to acquire the limiter in certain edge cases (fixed with help from Egor Blagov)

• Fixed loop_factory and use_uvloop options not being used on the asyncio backend (#643)

• Fixed cancellation propagating on asyncio from a task group to child tasks if the task hosting the task group is in a shielded cancel scope (#642)

4.1.0

• Adapted to API changes made in Trio v0.23:
  • Call trio.to_thread.run_sync() using the abandon_on_cancel keyword argument instead of cancellable
  • Removed a checkpoint when exiting a task group
  • Renamed the cancellable argument in anyio.to_thread.run_sync() to abandon_on_cancel (and deprecated the old parameter name)
  • Bumped minimum version of Trio to v0.23
• Added support for voluntary thread cancellation via anyio.from_thread.check_cancelled()
• Bumped minimum version of trio to v0.23
• Exposed the ResourceGuard class in the public API (#627)
• Fixed RuntimeError: Runner is closed when running higher-scoped async generator fixtures in some cases (#619)

... (truncated)

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

UNRELEASED

• Added support for the Python 3.12 walk_up keyword argument in anyio.Path.relative_to() (PR by Colin Taylor)

4.2.0

• Add support for byte-based paths in connect_unix, create_unix_listeners, create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by Lura Skye)

• Enabled the Event and CapacityLimiter classes to be instantiated outside an event loop thread

• Broadly improved/fixed the type annotations. Among other things, many functions and methods that take variadic positional arguments now make use of PEP 646 TypeVarTuple to allow the positional arguments to be validated by static type checkers. These changes affected numerous methods and functions, including:

  • anyio.run()
  • TaskGroup.start_soon()
  • anyio.from_thread.run()
  • anyio.from_thread.run_sync()
  • anyio.to_thread.run_sync()
  • anyio.to_process.run_sync()
  • BlockingPortal.call()
  • BlockingPortal.start_task_soon()
  • BlockingPortal.start_task()

  (also resolves [#560](https://github.com/agronholm/anyio/issues/560) <https://github.com/agronholm/anyio/issues/560>_)

• Fixed various type annotations of anyio.Path to match Typeshed:

  • anyio.Path.__lt__()
  • anyio.Path.__le__()
  • anyio.Path.__gt__()
  • anyio.Path.__ge__()
  • anyio.Path.__truediv__()
  • anyio.Path.__rtruediv__()
  • anyio.Path.hardlink_to()
  • anyio.Path.samefile()
  • anyio.Path.symlink_to()
  • anyio.Path.with_segments()

  (PR by Ganden Schaffner)

• Fixed adjusting the total number of tokens in a CapacityLimiter on asyncio failing to wake up tasks waiting to acquire the limiter in certain edge cases (fixed with help from Egor Blagov)

... (truncated)

Commits

• f757314 Bumped up the version
• fe31dd5 Added Litestar to the downstream test suite
• b7be190 Updated GitHub actions
• 45b9ece Rearranged the changelog
• 0b66994 Fix more Path typing that doesn't match Typeshed (#653)
• e5fadb3 Added mention of anyio.from_thread.run_sync() to the changelog
• 89795b9 Used TypeVarTuple and ParamSpec in several places (#652)
• 3a4ec47 Removed the pyright version pin
• 28516e2 Enabled Event and CapacityLimiter to be instantiated outside an event loop (#...
• 44ca5ea Fixed cancellation propagation when task group host is in a shielded scope (#...
• Additional commits viewable in compare view

Updates async-timeout from 4.0.2 to 4.0.3

Release notes

Sourced from async-timeout's releases.

4.0.3

• Fixed compatibility with asyncio.timeout() on Python 3.11+.
• Added support for Python 3.11.
• Dropped support for Python 3.6.

Changelog

Sourced from async-timeout's changelog.

4.0.3 (2023-08-10)

• Fixed compatibility with asyncio.timeout() on Python 3.11+.
• Added support for Python 3.11.
• Dropped support for Python 3.6.

Commits

• a489744 Release 4.0.3 (#364)
• 5e3a4f0 Bump docutils from 0.19 to 0.20.1 (#369)
• 6a5964b Bump pytest-cov from 4.0.0 to 4.1.0 (#365)
• fcbeb65 Bump mypy from 1.2.0 to 1.4.1 (#368)
• 5eeffae Bump pytest from 7.3.1 to 7.4.0 (#366)
• 8ec8cc0 Bump pytest-asyncio from 0.21.0 to 0.21.1 (#367)
• 7290654 Bump pytest-asyncio from 0.20.3 to 0.21.0 (#354)
• 9f07afa Mention import at least once in the readme (#361)
• e1c8827 Bump pytest from 7.2.1 to 7.3.1 (#360)
• 211a9bf Bump mypy from 0.991 to 1.2.0 (#358)
• Additional commits viewable in compare view

Updates attrs from 23.1.0 to 23.2.0

Commits

• See full diff in compare view

Updates boto3 from 1.28.12 to 1.34.12

Changelog

Sourced from boto3's changelog.

1.34.12

• api-change:connect: [botocore] Amazon Connect, Contact Lens Evaluation API increase evaluation notes max length to 3072.
• api-change:mediaconvert: [botocore] This release includes video engine updates including HEVC improvements, support for ingesting VP9 encoded video in MP4 containers, and support for user-specified 3D LUTs.

1.34.11

• api-change:apprunner: [botocore] AWS App Runner adds Python 3.11 and Node.js 18 runtimes.
• api-change:location: [botocore] This release introduces a new parameter to bypasses an API key's expiry conditions and delete the key.
• api-change:quicksight: [botocore] Add LinkEntityArn support for different partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks API; Add support for New Reader Experience Topics

1.34.10

• api-change:codestar-connections: [botocore] New integration with the GitLab self-managed provider type.
• api-change:kinesis-video-archived-media: [botocore] NoDataRetentionException thrown when GetImages requested for a Stream that does not retain data (that is, has a DataRetentionInHours of 0).
• api-change:sagemaker: [botocore] Amazon SageMaker Studio now supports Docker access from within app container

1.34.9

• api-change:emr: [botocore] Update emr client to latest version

1.34.8

• api-change:iam: [botocore] Documentation updates for AWS Identity and Access Management (IAM).
• api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version

1.34.7

• api-change:bedrock-agent: [botocore] Adding Claude 2.1 support to Bedrock Agents
• api-change:glue: [botocore] This release adds additional configurations for Query Session Context on the following APIs: GetUnfilteredTableMetadata, GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata.
• api-change:lakeformation: [botocore] This release adds additional configurations on GetTemporaryGlueTableCredentials for Query Session Context.
• api-change:mediaconnect: [botocore] This release adds the DescribeSourceMetadata API. This API can be used to view the stream information of the flow's source.
• api-change:networkmonitor: [botocore] CloudWatch Network Monitor is a new service within CloudWatch that will help network administrators and operators continuously monitor network performance metrics such as round-trip-time and packet loss between their AWS-hosted applications and their on-premises locations.
• api-change:omics: [botocore] Provides minor corrections and an updated description of APIs.
• api-change:secretsmanager: [botocore] Update endpoint rules and examples.
• api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version

1.34.6

... (truncated)

Commits

• 391e6f0 Merge branch 'release-1.34.12'
• 407aaf0 Bumping version to 1.34.12
• 740c8bf Add changelog entries from botocore
• 270df83 Merge branch 'release-1.34.11'
• 186bcbe Merge branch 'release-1.34.11' into develop
• 136ae45 Bumping version to 1.34.11
• 4c94545 Add changelog entries from botocore
• 5cd33d7 Merge branch 'release-1.34.10'
• 1179f94 Merge branch 'release-1.34.10' into develop
• af123ec Bumping version to 1.34.10
• Additional commits viewable in compare view

Updates botocore from 1.31.12 to 1.34.12

Changelog

Sourced from botocore's changelog.

1.34.12

• api-change:connect: Amazon Connect, Contact Lens Evaluation API increase evaluation notes max length to 3072.
• api-change:mediaconvert: This release includes video engine updates including HEVC improvements, support for ingesting VP9 encoded video in MP4 containers, and support for user-specified 3D LUTs.

1.34.11

• api-change:apprunner: AWS App Runner adds Python 3.11 and Node.js 18 runtimes.
• api-change:location: This release introduces a new parameter to bypasses an API key's expiry conditions and delete the key.
• api-change:quicksight: Add LinkEntityArn support for different partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks API; Add support for New Reader Experience Topics

1.34.10

• api-change:codestar-connections: New integration with the GitLab self-managed provider type.
• api-change:kinesis-video-archived-media: NoDataRetentionException thrown when GetImages requested for a Stream that does not retain data (that is, has a DataRetentionInHours of 0).
• api-change:sagemaker: Amazon SageMaker Studio now supports Docker access from within app container

1.34.9

• api-change:emr: Update emr client to latest version

1.34.8

• api-change:iam: Documentation updates for AWS Identity and Access Management (IAM).
• api-change:endpoint-rules: Update endpoint-rules client to latest version

1.34.7

• api-change:bedrock-agent: Adding Claude 2.1 support to Bedrock Agents
• api-change:glue: This release adds additional configurations for Query Session Context on the following APIs: GetUnfilteredTableMetadata, GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata.
• api-change:lakeformation: This release adds additional configurations on GetTemporaryGlueTableCredentials for Query Session Context.
• api-change:mediaconnect: This release adds the DescribeSourceMetadata API. This API can be used to view the stream information of the flow's source.
• api-change:networkmonitor: CloudWatch Network Monitor is a new service within CloudWatch that will help network administrators and operators continuously monitor network performance metrics such as round-trip-time and packet loss between their AWS-hosted applications and their on-premises locations.
• api-change:omics: Provides minor corrections and an updated description of APIs.
• api-change:secretsmanager: Update endpoint rules and examples.
• api-change:endpoint-rules: Update endpoint-rules client to latest version

1.34.6

... (truncated)

Commits

• e1a625a Merge branch 'release-1.34.12'
• 017edf7 Bumping version to 1.34.12
• bc3299e Update to latest partitions and endpoints
• 61d1647 Update to latest models
• 0225316 Merge branch 'release-1.34.11'
• 046058d Merge branch 'release-1.34.11' into develop
• 9283946 Bumping version to 1.34.11
• 5f1c4bb Update to latest models
• a90e35e Merge branch 'release-1.34.10'
• 2d70883 Merge branch 'release-1.34.10' into develop
• Additional commits viewable in compare view

Updates certifi from 2023.7.22 to 2023.11.17

Commits

• 515962b Merge pull request #252 from certifi/create-pull-request/patch
• 28b2a0d 2023.11.17
• 7ccda9f Bump actions/checkout from 4.1.0 to 4.1.1 (#251)
• 5e4bb9e Bump actions/setup-python from 4.7.0 to 4.7.1 (#248)
• 610354f Bump actions/checkout from 4.0.0 to 4.1.0 (#247)
• 2d98c76 Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#246)
• 7f0e639 ci: add minimal permissions to workflows bump.yml and release.yml (#245)
• 600713d Bump actions/checkout from 3.6.0 to 4.0.0 (#244)
• 0435b2a Bump actions/checkout from 3.5.3 to 3.6.0 (#242)
• 25ea83a Fix bash
• Additional commits viewable in compare view

Updates cffi from 1.15.1 to 1.16.0

Release notes

Sourced from cffi's releases.

v1.16.0

• Add support for Python 3.12. With the removal of distutils from Python 3.12, projects using CFFI features that depend on distutils at runtime must add a dependency on setuptools to function under Python 3.12+. CFFI does not declare a runtime setuptools requirement to avoid an unnecessary dependency for projects that do not require it.
• Drop support for end-of-life Python versions (2.7, 3.6, 3.7).
• Add support for PEP517 builds; setuptools is now a required build dependency.
• Declare python_requires metadata for Python 3.8+. This allows unsupported Pythons to continue using previously released sdists and wheels.
• Move project source under src/; a more standard layout that also enables CI to more easily catch packaging errors.

v1.16.0rc2

• Fix packaging issue in v1.16.0rc1.
• Rearrange project sources (src/ layout) so packaging tests can properly detect similar issues in the future.

Full Changelog: python-cffi/cffi@v1.16.0rc1...v1.16.0rc2

v1.16.0rc1

• Add support for Python 3.12. With the removal of distutils from Python 3.12, projects using CFFI features that depend on distutils at runtime must add a dependency on setuptools to function under Python 3.12+. CFFI does not declare a runtime setuptools requirement to avoid an unnecessary dependency for projects that do not require it.
• Drop support for end-of-life Python versions (2.7, 3.6, 3.7).
• Move project home to python-cffi/cffi on GitHub.
• Add support for PEP517 builds; setuptools is now a required build dependency.
• Declare python_requires metadata for Python 3.8+. This allows unsupported Pythons to continue using previously released sdists and wheels.
• Add missing calls to PyObject_GC_UnTrack to avoid ResourceWarning 15c4b71d5e3f2295c0e4773e99b23ac751e02534

Commits

• ba44abd release 1.16.0 (#17)
• c0ad8d9 Add a tool to update release version numbers (#15)
• e20c65d Release 1.16.0rc2 (#13)
• e98d1bb upgrade setup-qemu-action (#8) (#9)
• 158bc5b add a summary job check for easier automated gating (#6) (#7)
• c062f2c enable weekly 1pm Monday scheduled CI run on release-1.16 (#5)
• e847033 make self-hosted aarch64 mac jobs conditional-ish
• 57ff08e remove obsolete test
• ff11e92 release 1.16.0rc1
• 0dc7805 prepare for 1.16.0rc1
• Additional commits viewable in compare view

Updates charset-normalizer from 3.2.0 to 3.3.2

Release notes

Sourced from charset-normalizer's releases.

Version 3.3.2

3.3.2 (2023-10-31)

Fixed

• Unintentional memory usage regression when using large payloads that match several encodings (#376)
• Regression on some detection cases showcased in the documentation (#371)

Added

• Noise (md) probe that identifies malformed Arabic representation due to the presence of letters in isolated form (credit to my wife, thanks!)

Version 3.3.1

3.3.1 (2023-10-22)

Changed

• Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
• Improved the general detection reliability based on reports from the community

Release 3.3.0

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encodings that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

• (internal) Redundant utils.is_ascii function and unused function is_private_use_only
• (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

• (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
• Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

• Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)

Changelog

Sourced from charset-normalizer's changelog.

3.3.2 (2023-10-31)

Fixed

• Unintentional memory usage regression when using large payload that match several encoding (#376)
• Regression on some detection case showcased in the documentation (#371)

Added

• Noise (md) probe that identify malformed arabic representation due to the presence of letters in isolated form (credit to my wife)

3.3.1 (2023-10-22)

Changed

• Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
• Improved the general detection reliability based on reports from the community

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encoding that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

• (internal) Redundant utils.is_ascii function and unused function is_private_use_only
• (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

• (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
• Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

• Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)

Commits

• 79dce48 🐛 Regression on some detection case showcased in the documentation (#371)...
• a4b9b01 Bump github/codeql-action from 2.22.4 to 2.22.5 (#375)
• dcc01cc Bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#374)
• 9cd402c Bump pytest from 7.4.2 to 7.4.3 (#373)
• e274dcc 🐛 Fix unintentional memory usage regression when using large payload that...
• 07f3041 ⬆️ Bump github/codeql-action from 2.22.3 to 2.22.4 (#370)
• 5208644 🔖 Release 3.3.1 (#367)
• 66966f1 ❇️ Improve the detection around some cases (#366)
• 49653a6 ⬆️ Bump actions/setup-python from 4.7.0 to 4.7.1 (#359)
• f6a66ed ⬆️ Bump pypa/cibuildwheel from 2.16.0 to 2.16.2 (#361)
• Additional commits viewable in compare view

Updates click from 8.1.6 to 8.1.7

Release notes

Sourced from click's releases.

8.1.7

This is a fix release for the 8.1.x feature branch.

• Changes: https://click.palletsprojects.com/en/8.1.x/changes/#version-8-1-7
• Milestone: https://github.com/pallets/click/milestone/22?closed=1

Changelog

Sourced from click's changelog.

Version 8.1.7

Released 2023-08-17

• Fix issue with regex flags in shell completion. :issue:2581
• Bash version detection issues a warning instead of an error. :issue:2574
• Fix issue with completion script for Fish shell. :issue:2567

Commits

• 874ca2b release version 8.1.7
• 6e1f6d3 completion(fish): add back ; as line endings in fish script (#2570)
• a955c77 update fish enabling script
• 3c1529e add back semicolons in fish script
• a260ca6 Replace bash shell completion version error with warning (#2576)
• d9db70c bash version support shows warning instead of error
• 22b9b1c Fix incorrect passing of flags to re.sub (#2581)
• d69d210 fix flake8 finding
• af2da1e Fix incorrect passing of flags to re.sub
• bb6a872 start version 8.1.7
• Additional commits viewable in compare view

Updates cryptography from 41.0.2 to 41.0.7

Changelog

Sourced from cryptography's changelog.

41.0.7 - 2023-11-27

* Fixed compilation when using LibreSSL 3.8.2.
.. _v41-0-6:
41.0.6 - 2023-11-27

• Fixed a null-pointer-dereference and segfault that could occur when loading certificates from a PKCS#7 bundle. Credit to pkuzco for reporting the issue. CVE-2023-49083

.. _v41-0-5:

41.0.5 - 2023-10-24

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4.
* Added a function to support an upcoming ``pyOpenSSL`` release.
.. _v41-0-4:
41.0.4 - 2023-09-19

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3.

.. _v41-0-3:

41.0.3 - 2023-08-01

* Fixed performance regression loading DH public keys.
* Fixed a memory leak when using
  :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.2.
.. _v41-0-2:

Commits

• 4054596 Backport LibreSSL 3.8.2 support for a 41.0.7 release (#9931)
• f09c261 41.0.6 release (#9927)
• 5012bed bump for 41.0.5 release (#9766)
• 563b119 Added binding needed for pyOpenSSL (#9739) (#9740)
• fc11bce bump for 41.0.4 (#9629)
• b22271c bump for 41.0.3 (#9330)
• 774a4a1 Only check DH key validity when loading a private key. (#9071) (#9319)
• bfa4d95 changelog for 41.0.3 (#9320)
• 0da7165 backport fix the memory leak in fixedpool (#9272) (#9309)
• See full diff in compare view

Updates exceptiongroup from 1.1.2 to 1.2.0

Release notes

Sourced from exceptiongroup's releases.

1.2.0

• Added special monkeypatching if Apport has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
• Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
• Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

1.2.0

• Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
• Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
• Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

1.1.3

• catch() now raises a TypeError if passed an async exception handler instead of just giving a RuntimeWarning about the coroutine never being awaited. (#66, PR by John Litborn)
• Fixed plain raise statement in an exception handler callback to work like a raise in an except* block
• Fixed new exception group not being chained to the original exception when raising an exception group from exceptions raised in handler callbacks
• Fixed type annotations of the derive(), subgroup() and split() methods to match the ones in typeshed

1.1.2

• Changed handling of exceptions in exception group handler callbacks to not wrap a single exception in an exception group, as per CPython issue 103590 <https://github.com/python/cpython/issues/103590>_

1.1.1

• Worked around CPython issue [#98778](https://github.com/agronholm/exceptiongroup/issues/98778) <https://github.com/python/cpython/issues/98778>_, urllib.error.HTTPError(..., fp=None) raises KeyError on unknown attribute access, on affected Python versions. (PR by Zac Hatfield-Dodds)

1.1.0

• Backported upstream fix for gh-99553 (custom subclasses of BaseExceptionGroup that also inherit from Exception should not be able to wrap base exceptions)
• Moved all initialization code to __new__() (thus matching Python 3.11 behavior)

1.0.4

• Fixed regression introduced in v1.0.3 where the code computing the suggestions would

... (truncated)

Commits

• 4e2df21 Added the release version
• f7c00cf Backported contextlib.suppress from Python 3.12.1 (#95)
• 1ede26f Enabled pyupgrade ruff rules
• 767e62b Eliminated pyupgrade and black in favor of ruff/ruff-format
• d025269 Fixed bare raise in a handler not raising an exception group
• 4357e11 Updated the checkout action to the latest version
• e299167 [pre-commit.ci] pre-commit autoupdate (#94)
• 4e4e879 [pre-commit.ci] pre-commit autoupdate (#92)
• 27a2963 [pre-commit.ci] pre-commit autoupdate (#90)
• fae9d9a Monkeypatch Apport excepthook (#88)
• Additional commits viewable in compare view

Updates frozenlist from 1.4.0 to 1.4.1

Release notes

Sourced from frozenlist's releases.

1.4.1

Packaging updates and notes for downstreams

• Declared Python 3.12 and PyPy 3.8-3.10 supported officially in the distribution package metadata.

  Related issues and pull requests on GitHub: #553.

• Replaced the packaging is replaced from an old-fashioned :file:setup.py to an in-tree :pep:517 build backend -- by :user:webknjaz.

  Whenever the end-users or downstream packagers need to build frozenlist from source (a Git checkout or an sdist), they may pass a config_settings flag pure-python. If this flag is not set, a C-extension will be built and included into the distribution.

  Here is how this can be done with pip:

  .. code-block:: console

  $ python3 -m pip install . --config-settings=pure-python=
  

  This will also work with -e | --editable.

  The same can be achieved via pypa/build:

  .. code-block:: console

  $ python3 -m build --config-setting=pure-python=
  

  Adding -w | --wheel can force pypa/build produce a wheel from source directly, as opposed to building an sdist and then building from it.

  Related issues and pull requests on GitHub: #560.

Contributor-facing changes

• It is now possible to request line tracing in Cython builds using the with-cython-tracing :pep:517 config setting -- :user:webknjaz.

  This can be used in CI and development environment to measure coverage on Cython modules, but is not normally useful to the end-users or

... (truncated)

Changelog

Sourced from frozenlist's changelog.

1.4.1 (2023-12-15)

Packaging updates and notes for downstreams

• Declared Python 3.12 and PyPy 3.8-3.10 supported officially in the distribution package metadata.

  Related issues and pull requests on GitHub: :issue:553.

• Replaced the packaging is replaced from an old-fashioned :file:setup.py to an in-tree :pep:517 build backend -- by :user:webknjaz.

  Whenever the end-users or downstream packagers need to build frozenlist from source (a Git checkout or an sdist), they may pass a config_settings flag pure-python. If this flag is not set, a C-extension will be built and included into the distribution.

  Here is how this can be done with pip:

  .. code-block...

  Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.