Upgrade: Bump the dependencies group across 1 directory with 18 updates

[dependabot]

Bumps the dependencies group with 18 updates in the / directory:

Package	From	To
aiohttp	3.9.5	3.10.8
anyio	4.4.0	4.6.0
attrs	23.2.0	24.2.0
boto3	1.34.138	1.35.30
botocore	1.34.138	1.35.30
certifi	2024.6.2	2024.8.30
cffi	1.16.0	1.17.1
cryptography	42.0.8	43.0.1
exceptiongroup	1.2.1	1.2.2
httpx	0.27.0	0.27.2
idna	3.7	3.10
marshmallow	3.21.3	3.22.0
multidict	6.0.5	6.1.0
pyjwt	2.8.0	2.9.0
pyyaml	6.0.1	6.0.2
sentry-sdk	2.7.1	2.15.0
urllib3	1.26.19	1.26.20
yarl	1.9.4	1.13.1

Updates aiohttp from 3.9.5 to 3.10.8

Release notes

Sourced from aiohttp's releases.

3.10.8

Bug fixes

• Fixed cancellation leaking upwards on timeout -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9326.

---

3.10.7

Bug fixes

• Fixed assembling the :class:~yarl.URL for web requests when the host contains a non-default port or IPv6 address -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9309.

Miscellaneous internal changes

• Improved performance of determining if a URL is absolute -- by :user:bdraco.

  The property :attr:~yarl.URL.absolute is more performant than the method URL.is_absolute() and preferred when newer versions of yarl are used.

  Related issues and pull requests on GitHub: #9171.

• Replaced code that can now be handled by yarl -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9301.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.8 (2024-09-28)

Bug fixes

• Fixed cancellation leaking upwards on timeout -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:9326.

---

3.10.7 (2024-09-27)

Bug fixes

• Fixed assembling the :class:~yarl.URL for web requests when the host contains a non-default port or IPv6 address -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:9309.

Miscellaneous internal changes

• Improved performance of determining if a URL is absolute -- by :user:bdraco.

  The property :attr:~yarl.URL.absolute is more performant than the method URL.is_absolute() and preferred when newer versions of yarl are used.

  Related issues and pull requests on GitHub: :issue:9171.

• Replaced code that can now be handled by yarl -- by :user:bdraco.

  Related issues and pull requests on GitHub:

... (truncated)

Commits

• 8a7ce94 Release 3.10.8 (#9330)
• a308f74 [PR #9326/fe26ae2 backport][3.10] Fix TimerContext not uncancelling the curre...
• 52e0b91 Fix custom cookies example (#9321) (#9324)
• 609c6e3 Increment version to 3.10.8.dev0
• f9a9e85 Release 3.10.7 (#9320)
• 8220ced [PR #9309/e4028333 backport][3.10] Fix building the URL in BaseRequest when t...
• d32d580 [PR #9301/c240b52 backport][3.10] Replace code that can now be handled by yar...
• fd5ece6 Bump yarl to 1.13.0 (#9302) (#9304)
• d6d2bcc [PR #9294/552dea53 backport][3.10] Backport type fix from #9226 (#9299)
• e6bcfbe [PR #9171/0462ae6b backport][3.10] Switch to using yarl.URL.absolute over `...
• Additional commits viewable in compare view

Updates anyio from 4.4.0 to 4.6.0

Release notes

Sourced from anyio's releases.

4.6.0

• Dropped support for Python 3.8 (as #698 cannot be resolved without cancel message support)
• Fixed 100% CPU use on asyncio while waiting for an exiting task group to finish while said task group is within a cancelled cancel scope (#695)
• Fixed cancel scopes on asyncio not propagating CancelledError on exit when the enclosing cancel scope has been effectively cancelled (#698)
• Fixed asyncio task groups not yielding control to the event loop at exit if there were no child tasks to wait on
• Fixed inconsistent task uncancellation with asyncio cancel scopes belonging to a task group when said task group has child tasks running

4.5.0

• Improved the performance of anyio.Lock and anyio.Semaphore on asyncio (even up to 50 %)
• Added the fast_acquire parameter to anyio.Lock and anyio.Semaphore to further boost performance at the expense of safety (acquire() will not yield control back if there is no contention)
• Added support for the from_uri(), full_match(), parser methods/properties in anyio.Path, newly added in Python 3.13 (#737)
• Added support for more keyword arguments for run_process() and open_process(): startupinfo, creationflags, pass_fds, user, group, extra_groups and umask (#742)
• Improved the type annotations and support for PathLike in run_process() and open_process() to allow for path-like arguments, just like subprocess.Popen
• Changed the ResourceWarning from an unclosed memory object stream to include its address for easier identification
• Changed start_blocking_portal() to always use daemonic threads, to accommodate the "loitering event loop" use case
• Bumped the minimum version of Trio to v0.26.1
• Fixed __repr__() of MemoryObjectItemReceiver, when item is not defined (#767; PR by @​Danipulok)
• Fixed to_process.run_sync() failing to initialize if __main__.__file__ pointed to a file in a nonexistent directory (#696)
• Fixed AssertionError: feed_data after feed_eof on asyncio when a subprocess is closed early, before its output has been read (#490)
• Fixed TaskInfo.has_pending_cancellation() on asyncio not respecting shielded scopes (#771; PR by @​gschaffner)
• Fixed SocketStream.receive() returning bytearray instead of bytes when using asyncio with ProactorEventLoop (Windows) (#776)
• Fixed quitting the debugger in a pytest test session while in an active task group failing the test instead of exiting the test session (because the exit exception arrives in an exception group)
• Fixed support for Linux abstract namespaces in UNIX sockets that was broken in v4.2 (#781 <agronholm/anyio#781>_; PR by @​tapetersen)
• Fixed KeyboardInterrupt (ctrl+c) hanging the asyncio pytest runner

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

4.6.0

• Dropped support for Python 3.8 (as [#698](https://github.com/agronholm/anyio/issues/698) <https://github.com/agronholm/anyio/issues/698>_ cannot be resolved without cancel message support)
• Fixed 100% CPU use on asyncio while waiting for an exiting task group to finish while said task group is within a cancelled cancel scope ([#695](https://github.com/agronholm/anyio/issues/695) <https://github.com/agronholm/anyio/issues/695>_)
• Fixed cancel scopes on asyncio not propagating CancelledError on exit when the enclosing cancel scope has been effectively cancelled ([#698](https://github.com/agronholm/anyio/issues/698) <https://github.com/agronholm/anyio/issues/698>_)
• Fixed asyncio task groups not yielding control to the event loop at exit if there were no child tasks to wait on
• Fixed inconsistent task uncancellation with asyncio cancel scopes belonging to a task group when said task group has child tasks running

4.5.0

• Improved the performance of anyio.Lock and anyio.Semaphore on asyncio (even up to 50 %)
• Added the fast_acquire parameter to anyio.Lock and anyio.Semaphore to further boost performance at the expense of safety (acquire() will not yield control back if there is no contention)
• Added support for the from_uri(), full_match(), parser methods/properties in anyio.Path, newly added in Python 3.13 ([#737](https://github.com/agronholm/anyio/issues/737) <https://github.com/agronholm/anyio/issues/737>_)
• Added support for more keyword arguments for run_process() and open_process(): startupinfo, creationflags, pass_fds, user, group, extra_groups and umask ([#742](https://github.com/agronholm/anyio/issues/742) <https://github.com/agronholm/anyio/issues/742>_)
• Improved the type annotations and support for PathLike in run_process() and open_process() to allow for path-like arguments, just like subprocess.Popen
• Changed the ResourceWarning from an unclosed memory object stream to include its address for easier identification
• Changed start_blocking_portal() to always use daemonic threads, to accommodate the "loitering event loop" use case
• Bumped the minimum version of Trio to v0.26.1
• Fixed __repr__() of MemoryObjectItemReceiver, when item is not defined ([#767](https://github.com/agronholm/anyio/issues/767) <https://github.com/agronholm/anyio/pull/767>_; PR by @​Danipulok)
• Fixed to_process.run_sync() failing to initialize if __main__.__file__ pointed to a file in a nonexistent directory ([#696](https://github.com/agronholm/anyio/issues/696) <https://github.com/agronholm/anyio/issues/696>_)
• Fixed AssertionError: feed_data after feed_eof on asyncio when a subprocess is closed early, before its output has been read ([#490](https://github.com/agronholm/anyio/issues/490) <https://github.com/agronholm/anyio/issues/490>_)

... (truncated)

Commits

• 8cce749 Bumped up the version
• 01a37c6 Fixed TaskGroup and CancelScope exit issues on asyncio (#774)
• 7f35ce7 Bumped up the version
• 108cc83 [pre-commit.ci] pre-commit autoupdate (#788)
• d1aea98 Fixed KeyboardInterrupt hanging the asyncio test runner (#779)
• c1aff53 [pre-commit.ci] pre-commit autoupdate (#785)
• 89d8b4c Use sphinx_rtd_theme also as an extension
• 4e9f18d Enabled uvloop to be used in the test suite on Python 3.13
• 7de6441 Pin Sphinx to a compatible version with sphinx-rtd-theme
• 41647f4 Fixed feed_data after feed_eof assertion errors on asyncio (#752)
• Additional commits viewable in compare view

Updates attrs from 23.2.0 to 24.2.0

Commits

• See full diff in compare view

Updates boto3 from 1.34.138 to 1.35.30

Commits

• 243c39d Merge branch 'release-1.35.30'
• bcd964e Bumping version to 1.35.30
• 307d390 Add changelog entries from botocore
• 2883025 Merge pull request #4285 from boto/dependabot/github_actions/actions/checkout...
• 2a57a5d Bump actions/checkout from 4.1.0 to 4.2.0
• f1cff14 Merge branch 'release-1.35.29'
• 2879c42 Merge branch 'release-1.35.29' into develop
• b84190a Bumping version to 1.35.29
• 03ce91f Add changelog entries from botocore
• 8307fac Merge branch 'release-1.35.28'
• Additional commits viewable in compare view

Updates botocore from 1.34.138 to 1.35.30

Changelog

Sourced from botocore's changelog.

1.35.30

• api-change:bedrock: Add support for custom models via provisioned throughput for Bedrock Model Evaluation
• api-change:clouddirectory: Add examples for API operations in model.
• api-change:connect: Amazon Connect introduces StartOutboundChatContact API allowing customers to initiate outbound chat contacts
• api-change:pricing: Add examples for API operations in model.
• api-change:resource-groups: This update includes new APIs to support application groups and to allow users to manage resource tag-sync tasks in applications.
• api-change:supplychain: Release DataLakeDataset, DataIntegrationFlow and ResourceTagging APIs for AWS Supply Chain
• api-change:timestream-influxdb: Timestream for InfluxDB now supports port configuration and additional customer-modifiable InfluxDB v2 parameters. This release adds Port to the CreateDbInstance and UpdateDbInstance API, and additional InfluxDB v2 parameters to the CreateDbParameterGroup API.
• api-change:verifiedpermissions: Add examples for API operations in model.

1.35.29

• api-change:customer-profiles: Introduces optional RoleArn parameter for PutIntegration request and includes RoleArn in the response of PutIntegration, GetIntegration and ListIntegrations
• api-change:quicksight: Adding personalization in QuickSight data stories. Admins can enable or disable personalization through QuickSight settings.
• api-change:securityhub: Documentation updates for AWS Security Hub
• api-change:sesv2: This release adds support for engagement tracking over Https using custom domains.

1.35.28

• api-change:chatbot: Return State and StateReason fields for Chatbot Channel Configurations.
• api-change:lambda: Reverting Lambda resource-based policy and block public access APIs.
• api-change:organizations: Add support for policy operations on the CHATBOT_POLICY policy type.
• api-change:pcs: AWS PCS API documentation - Edited the description of the iamInstanceProfileArn parameter of the CreateComputeNodeGroup and UpdateComputeNodeGroup actions; edited the description of the SlurmCustomSetting data type to list the supported parameters for clusters and compute node groups.
• api-change:rds-data: Documentation update for RDS Data API to reflect support for Aurora MySQL Serverless v2 and Provisioned DB clusters.
• api-change:sagemaker: Adding TagPropagation attribute to Sagemaker API

1.35.27

• api-change:cloudtrail: Doc-only update for CloudTrail network activity events release (in preview)
• api-change:ec2: Updates to documentation for the transit gateway security group referencing feature.
• api-change:fsx: Doc-only update to address Lustre S3 hard-coded names.
• api-change:worklink: The worklink client has been removed following the deprecation of the service.

1.35.26

• api-change:bedrock: Add support for Cross Region Inference in Bedrock Model Evaluations.
• api-change:budgets: Releasing minor partitional endpoint updates
• api-change:kinesis: This release includes support to add tags when creating a stream
• api-change:pinpoint-sms-voice-v2: AWS End User Messaging SMS-Voice V2 has added support for resource policies. Use the three new APIs to create, view, edit, and delete resource policies.
• api-change:sagemaker: Adding HiddenInstanceTypes and HiddenSageMakerImageVersionAliases attribute to SageMaker API

... (truncated)

Commits

• 074456c Merge branch 'release-1.35.30'
• 7bf1f71 Bumping version to 1.35.30
• 1c10533 Update to latest models
• c81e72c Merge customizations for Resource Groups
• 68d43f3 Merge pull request #3266 from boto/dependabot/github_actions/actions/checkout...
• 0211522 Bump actions/checkout from 4.1.0 to 4.2.0
• 892c64b Merge branch 'release-1.35.29'
• 66d047b Merge branch 'release-1.35.29' into develop
• 7c6966c Bumping version to 1.35.29
• 61e47ca Update endpoints model
• Additional commits viewable in compare view

Updates certifi from 2024.6.2 to 2024.8.30

Commits

• 325c2fd 2024.08.30 (#304)
• d66bf5f Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#302)
• 2150f23 Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#301)
• fc9b771 Bump actions/setup-python from 5.1.0 to 5.1.1 (#300)
• 965b239 Bump actions/download-artifact from 4.1.7 to 4.1.8 (#297)
• c1f50cc Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#296)
• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• See full diff in compare view

Updates cffi from 1.16.0 to 1.17.1

Release notes

Sourced from cffi's releases.

v1.17.1

• Fix failing distutils.msvc9compiler imports under Windows (#118).
• ffibuilder.emit_python_code() and ffibuiler.emit_c_code() accept file-like objects (#115).
• ffiplatform calls are bypassed by ffibuilder.emit_python_code() and ffibuilder.emit_c_code() (#81).

Full Changelog: python-cffi/cffi@v1.17.0...v1.17.1

v1.17.0

• Add support for Python 3.13.
  • Free-threaded CPython builds (i.e. python3.13t and the 3.13t ABI) are not currently supported.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a <cdata 'C-function-type'>. Before version 1.17 you could only call such objects. You could write ffi.addressof(lib, "myfunc") in order to get a real <cdata> object, based on the idea that in these cases in C you'd usually write &myfunc instead of myfunc. In version 1.17, the special object lib.myfunc can now be passed in many places where CFFI expects a regular <cdata> object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.

Full Changelog: python-cffi/cffi@v1.16.0...v1.17.0

v1.17.0rc1

• Add support for Python 3.13.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.
• Build wheels for musllinux aarch64.

Commits

• 38bd6be release 1.17.1
• ba10180 update whatsnew.rst for 1.17.1 (#121)
• 61deb5f add yet another flag to recompile() to avoid calling ffiplatform (#81)
• 1c292c1 Handle distutils without distutils.msvc9compiler.MSVCCompiler class (#118)
• 182ffc4 Allow writing generated code to a file-like object. (#115)
• 74731f9 Release 1.17.0 (#108)
• 181fa00 1.17.0rc1 release (#80)
• 772528e Add 3.13 to trove classifiers (#72)
• e36042d 1.17.0b1 prep (#79)
• 39bdab2 avoid null-pointer-subtraction error (#78)
• Additional commits viewable in compare view

Updates cryptography from 42.0.8 to 43.0.1

Changelog

Sourced from cryptography's changelog.

43.0.1 - 2024-09-03

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2.
.. _v43-0-0:
43.0.0 - 2024-07-20

• BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e has been removed. Users on older version of OpenSSL will need to upgrade.
• BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8.
• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
• Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
• :func:~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still considered insecure, users should generally use a key size of 2048-bits.
• :func:~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates now emits ASN.1 that more closely follows the recommendations in :rfc:2315.
• Added new :doc:/hazmat/decrepit/index module which contains outdated and insecure cryptographic primitives. :class:~cryptography.hazmat.primitives.ciphers.algorithms.CAST5, :class:~cryptography.hazmat.primitives.ciphers.algorithms.SEED, :class:~cryptography.hazmat.primitives.ciphers.algorithms.IDEA, and :class:~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish, which were deprecated in 37.0.0, have been added to this module. They will be removed from the cipher module in 45.0.0.
• Moved :class:~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES and :class:~cryptography.hazmat.primitives.ciphers.algorithms.ARC4 into :doc:/hazmat/decrepit/index and deprecated them in the cipher module. They will be removed from the cipher module in 48.0.0.
• Added support for deterministic :class:~cryptography.hazmat.primitives.asymmetric.ec.ECDSA (:rfc:6979)
• Added support for client certificate verification to the :mod:X.509 path validation <cryptography.x509.verification> APIs in the form of :class:~cryptography.x509.verification.ClientVerifier, :class:~cryptography.x509.verification.VerifiedClient, and PolicyBuilder :meth:~cryptography.x509.verification.PolicyBuilder.build_client_verifier.
• Added Certificate :attr:~cryptography.x509.Certificate.public_key_algorithm_oid and Certificate Signing Request :attr:~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid to determine the :class:~cryptography.hazmat._oid.PublicKeyAlgorithmOID Object Identifier of the public key found inside the certificate.
• Added :attr:~cryptography.x509.InvalidityDate.invalidity_date_utc, a timezone-aware alternative to the naïve datetime attribute :attr:~cryptography.x509.InvalidityDate.invalidity_date.
• Added support for parsing empty DN string in

... (truncated)

Commits

• a773387 bump for 43.0.1 (#11533)
• 0393fef Backport setuptools version ban (#11526)
• 6687bab Bump openssl from 0.10.65 to 0.10.66 in /src/rust (#11320) (#11324)
• ebf14f2 bump for 43.0.0 and update changelog (#11311)
• 42788a0 Fix exchange with keys that had Q automatically computed (#11309)
• 2dbdfb8 don't assign unused name (#11310)
• ccc66e6 Bump openssl from 0.10.64 to 0.10.65 in /src/rust (#11308)
• 4310c87 Bump sphinxcontrib-qthelp from 1.0.7 to 1.0.8 (#11307)
• f66a9c4 Bump sphinxcontrib-htmlhelp from 2.0.5 to 2.0.6 (#11306)
• a8fcf18 Bump openssl-sys from 0.9.102 to 0.9.103 in /src/rust (#11305)
• Additional commits viewable in compare view

Updates exceptiongroup from 1.2.1 to 1.2.2

Release notes

Sourced from exceptiongroup's releases.

1.2.2

• Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry (#123)

Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

1.2.2

• Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry ([#123](https://github.com/agronholm/exceptiongroup/issues/123) <https://github.com/agronholm/exceptiongroup/issues/123>_)

1.2.1

• Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
• Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
• Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

• Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
• Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
• Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

1.1.3

• catch() now raises a TypeError if passed an async exception handler instead of just giving a RuntimeWarning about the coroutine never being awaited. (#66, PR by John Litborn)
• Fixed plain raise statement in an exception handler callback to work like a raise in an except* block
• Fixed new exception group not being chained to the original exception when raising an exception group from exceptions raised in handler callbacks
• Fixed type annotations of the derive(), subgroup() and split() methods to match the ones in typeshed

1.1.2

• Changed handling of exceptions in exception group handler callbacks to not wrap a single exception in an exception group, as per CPython issue 103590 <https://github.com/python/cpython/issues/103590>_

1.1.1

• Worked around

... (truncated)

Commits

• 2399d54 Added the release version
• bec9651 Removed problematic assert that caused compatibility issues
• f3f0ff6 Updated Ruff configuration
• bb43ee0 Fixed formatting tests failing on Python 3.13
• eb8fbbc [pre-commit.ci] pre-commit autoupdate (#129)
• 6ff8300 [pre-commit.ci] pre-commit autoupdate (#128)
• 761933f [pre-commit.ci] pre-commit autoupdate (#127)
• 1b43294 [pre-commit.ci] pre-commit autoupdate (#125)
• dd87018 [pre-commit.ci] pre-commit autoupdate (#124)
• 54d8b8d [pre-commit.ci] pre-commit autoupdate (#121)
• Additional commits viewable in compare view

Updates httpx from 0.27.0 to 0.27.2

Release notes

Sourced from httpx's releases.

Version 0.27.2

0.27.2 (27th August, 2024)

Fixed

• Reintroduced supposedly-private URLTypes shortcut. (#2673)

Version 0.27.1

0.27.1 (27th August, 2024)

Added

• Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

• Improved error messaging for InvalidURL exceptions. (#3250)
• Fix app type signature in ASGITransport. (#3109)

Changelog

Sourced from httpx's changelog.

0.27.2 (27th August, 2024)

Fixed

• Reintroduced supposedly-private URLTypes shortcut. (#2673)

0.27.1 (27th August, 2024)

Added

• Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

• Improved error messaging for InvalidURL exceptions. (#3250)
• Fix app type signature in ASGITransport. (#3109)

Commits

• 609df7e Reintroduce URLTypes. (#3288)
• 1d6b663 Update CHANGELOG for 0.27.1 release date. (#3285)
• 1bf1ba5 Version 0.27.1 (#3275)
• 7c0cda1 Improve InvalidURL error message. (#3250)
• beb501f Bump the python-packages group across 1 directory with 8 updates (#3247)
• 359f77d Clean up URL signature. (#3245)
• b351a44 Update requirements.txt (#3246)
• db9072f Add URL parsing tests from WHATWG (#3188)
• 92e9dfb Update asgi.py docstring (#3210)
• e186ecc Bump the python-packages group with 8 updates (#3213)
• Additional commits viewable in compare view

Updates idna from 3.7 to 3.10

Release notes

Sourced from idna's releases.

v3.10

No release notes provided.

v3.9

No release notes provided.

v3.8

What's Changed

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Full Changelog: kjd/idna@v3.7...v3.8

Changelog

Sourced from idna's changelog.

3.10 (2024-09-15) +++++++++++++++++

• Reverted to Unicode 15.1.0 data. Unicode 16 has some significant changes to UTS46 processing that will require more work to properly implement.

3.9 (2024-09-13) ++++++++++++++++

• Update to Unicode 16.0.0
• Deprecate setup.cfg in favour of pyproject.toml
• Use ruff for code formatting

Thanks to Waket Zheng for contributions to this release.

3.8 (2024-08-23) ++++++++++++++++

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Commits

• 729225d Release v3.10
• 3eef168 Merge pull request #194 from kjd/revert-unicode-16
• ceca619 Revert Unicode 16.0.0 data updates
• c43ac75 Merge pull request #191 from kjd/release-3.9
• 1b8800a Release v3.9
• a1fd168 Merge pull request #190 from kjd/unicode-16
• 7732c61 Merge branch 'master' into unicode-16
• 4ed183d Refactor membership test
• 762216b Format with ruff
• 580ece9 Implement changes to UTS46 algorithm
• Additional commits viewable in compare view

Updates marshmallow from 3.21.3 to 3.22.0

Changelog

Sourced from marshmallow's changelog.

3.22.0 (2024-08-20)

---

Features:

• Add many Meta option to Schema so it expects a collection by default (:issue:2270). Thanks :user:himalczyk for reporting and :user:deckar01 for the PR.
• Refactor hooks (:pr:2279). Thanks :user:deckar01 for the PR.

Commits

• fbad345 Bump version and update changelog
• 78cbc09 Merge pull request #2271 from deckar01/2270-meta-many
• 7609530 Merge pull request #2279 from deckar01/simplify-hooks
• bbbd7af Reduce pre-commit.ci updates to monthly (#2300)
• 1d21132 [pre-commit.ci] pre-commit autoupdate
• 8ceb4b3 [pre-commit.ci] pre-commit autoupdate (#2298)
• ac13e0d Add sponsors to docs
• 7ebdc7b Fix logo image for pypi rendering
• 7c2f1ca Add Route4Me as sponsor
• 01f8432 Bump alabaster from 0.7.16 to 1.0.0 (#2292)
• Additional commits viewable in compare view

Updates multidict from 6.0.5 to 6.1.0

Release notes

Sourced from multidict's releases.

6.1.0

Bug fixes

• Covered the unreachable code path in multidict._multidict_base._abc_itemsview_register() with typing -- by :user:skinnyBat.

  Related issues and pull requests on GitHub: #928.

Features

• Added support for Python 3.13 -- by :user:bdraco.

  Related issues and pull requests on GitHub: #1002.

Removals and backward incompatible breaking changes

• Removed Python 3.7 support -- by :user:bdraco.

  Related issues and pull requests on GitHub: #997.

Contributor-facing changes

• Added tests to have full code coverage of the multidict._multidict_base._viewbaseset_richcmp() function -- by :user:skinnyBat.

  Related issues and pull requests on GitHub: #928.

... (truncated)

Changelog

Sourced from multidict's changelog.

6.1.0 (2024-09-09)

Bug fixes

• Covered the unreachable code path in multidict._multidict_base._abc_itemsview_register() with typing -- by :user:skinnyBat.

  Related issues and pull requests on GitHub: :issue:928.

Features

• Added support for Python 3.13 -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:1002.

Removals and backward incompatible breaking changes

• Removed Python 3.7 support -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:997.

Contributor-facing changes

• Added tests to have full code coverage of the multidict._multidict_base._viewbaseset_richcmp() function -- by :user:skinnyBat.

  Related issues and pull requests on GitHub:

... (truncated)

Commits

• 4140e63 Release 6.1.0
• f3876fd Python 3.13 support (#1002)
• 62ab55e Bump test-summary/action from 2.3 to 2.4 (#983)
• 039c298 [pre-commit.ci] pre-commit autoupdate (#964)
• a27f057 Bump black from 24.4.0 to 24.8.0 (#1001)
• ac10253 Bump pytest-cov from 4.1.0 to 5.0.0 (#963)
• 794c6b2 Bump pre-commit from 3.7.0 to 3.8.0 (#1000)
• 234d448 Bump dependabot/fetch-metadata from 2.0.0 to 2.2.0 (#985)
• 056c7de Bump sigstore/gh-action-sigstore-python from 2.1.1 to 3.0.0 (#986)
• f176071 Bump pypa/cibuildwheel from 2.17.0 to 2.20.0 (#993)
• Additional commits viewable in compare view

Updates pyjwt from 2.8.0 to 2.9.0

Release notes

Sourced from pyjwt's releases.

2.9.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#905
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#909
• Add support for Python 3.12 by @​hugovk in jpadilla/pyjwt#910
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#911
• Fix an unnecessary str concat by @​sirosen in jpadilla/pyjwt#904
• Update jwt-api to accept either a string or list of strings for issuer validation by @​mattpollak in jpadilla/pyjwt#913
• Bump actions/checkout from 3 to 4 by @​dependabot in jpadilla/pyjwt#916
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-c...

  Description has been truncated