Bump the all group across 1 directory with 6 updates #150

dependabot · 2024-12-02T03:51:40Z

Bumps the all group with 6 updates in the /localcert directory:

Package	From	To
coverage	`7.6.4`	`7.6.8`
cryptography	`43.0.3`	`44.0.0`
django	`5.1.2`	`5.1.3`
django-allauth	`65.1.0`	`65.3.0`
pyjwt	`2.9.0`	`2.10.1`
sqlparse	`0.5.1`	`0.5.2`

Updates coverage from 7.6.4 to 7.6.8

Changelog

Sourced from coverage's changelog.

Version 7.6.8 — 2024-11-23

Fix: the LCOV report code assumed that a branch line that took no branches meant that the entire line was unexecuted. This isn't true in a few cases: the line might always raise an exception, or might have been optimized away. Fixes issue 1896_.

Fix: similarly, the HTML report will now explain that a line that jumps to none of its expected destinations must have always raised an exception. Previously, it would say something nonsensical like, "line 4 didn't jump to line 5 because line 4 was never true, and it didn't jump to line 7 because line 4 was always true." This was also shown in issue 1896_.

.. _issue 1896: nedbat/coveragepy#1896

.. _changes_7-6-7:

Version 7.6.7 — 2024-11-15

Fix: ugh, the other assert from 7.6.5 can also be encountered in the wild, so it's been restored to a conditional. Sorry for the churn.

.. _changes_7-6-6:

Version 7.6.6 — 2024-11-15

One of the new asserts from 7.6.5 caused problems in real projects, as reported in issue 1891_. The assert has been removed.

.. _issue 1891: nedbat/coveragepy#1891

.. _changes_7-6-5:

Version 7.6.5 — 2024-11-14

Fix: fine-tuned the exact Python version (3.12.6) when exiting from with statements changed how they traced. This affected whether people saw the fix for issue 1880_.

Fix: isolate our code more from mocking in the os module that in rare cases can cause bizarre behavior <pytest-cov-666_>_.

Refactor: some code unreachable code paths in parser.py were changed to

... (truncated)

Commits

6134266 docs: sample HTML for 7.6.8
041f963 docs: prep for 7.6.8
7fe48b6 build: don't search generated report files
f219144 docs: start changelog entries with capital letters
d1a916a fix: a line that branches nowhere must always raise an exception
2ace7a2 fix: don't assume 'no branches' means 'not executed' #1896
3ed5915 style: all of ci should use underscores
0db86f2 build: automate updating readthedocs
2a89551 chore: make upgrade (not sure why files became absolute)
ba9c157 chore: make doc_upgrade
Additional commits viewable in compare view

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9. * Deprecated Python 3.7 support. Python 3.7 is no longer supported by the Python core team. Support for Python 3.7 will be removed in a future ``cryptography`` release. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0. * macOS wheels are now built against the macOS 10.13 SDK. Users on older versions of macOS should upgrade, or they will need to build ``cryptography`` themselves. * Enforce the :rfc:`5280` requirement that extended key usage extensions must not be empty. * Added support for timestamp extraction to the :class:`~cryptography.fernet.MultiFernet` class. * Relax the Authority Key Identifier requirements on root CA certificates during X.509 verification to allow fields permitted by :rfc:`5280` but forbidden by the CA/Browser BRs. * Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id` when using OpenSSL 3.2.0+. * Added support for the :class:`~cryptography.x509.Admissions` certificate extension. * Added basic support for PKCS7 decryption (including S/MIME 3.2) via :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`, :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.

.. _v43-0-3:

Commits

f299a48 remove deprecated call (#12052)
439eb05 Bump version for 44.0.0 (#12051)
2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
e201c87 fixed metadata in changelog (#12044)
c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
d6cac75 Add support for decrypting S/MIME messages (#11555)
b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
Additional commits viewable in compare view

Updates django from 5.1.2 to 5.1.3

Commits

69bf08e [5.1.x] Bumped version for 5.1.3 release.
e3984ca [5.1.x] Added release date for 5.1.3.
4ae3581 [5.1.x] Made minor edits to form fields docs.
9fa2d23 [5.1.x] Fixed #35876 -- Displayed non-ASCII fieldset names when rendering Mod...
5045dab [5.1.x] Added missing lang attributes to html elements in docs.
ffc67aa [5.1.x] Fixed #35864 -- Documented EmailMessage.connection is ignored when us...
4915fea [5.1.x] Fixed #35873 -- Corrected Form.as_table() call in form docs.
b57a839 [5.1.x] Refs #35844 -- Expanded compatibility for expected error messages in ...
c5ddc85 [5.1.x] Corrected note on importing fields in model field reference docs.
0a1091f [5.1.x] Removed unneeded OS reference on running the test suite in contributi...
Additional commits viewable in compare view

Updates django-allauth from 65.1.0 to 65.3.0

Commits

See full diff in compare view

Updates pyjwt from 2.9.0 to 2.10.1

Release notes

Sourced from pyjwt's releases.

2.10.1

Fixed

Prevent partial matching of iss claim. Thanks @fabianbadoi! (See: GHSA-75c5-xw7c-p5pm)

Full Changelog: jpadilla/pyjwt@2.10.0...2.10.1

2.10.0

What's Changed

chore: use sequence for typing rather than list by @imnotjames in jpadilla/pyjwt#970

Add support for Python 3.13 by @hugovk in jpadilla/pyjwt#972

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#971

Add an RTD config file to resolve RTD build failures by @kurtmckee in jpadilla/pyjwt#977

docs: Update iat exception docs by @pachewise in jpadilla/pyjwt#974

Remove algorithm requirement for JWT API by @luhn in jpadilla/pyjwt#975

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#978

Create SECURITY.md by @auvipy in jpadilla/pyjwt#973

docs fix: decode_complete scope and algorithms by @RbnRncn in jpadilla/pyjwt#982

fix doctest for docs/usage.rst by @pachewise in jpadilla/pyjwt#986

fix test_utils.py not to xfail by @pachewise in jpadilla/pyjwt#987

Correct jwt.decode audience param doc expression by @peter279k in jpadilla/pyjwt#994

Add PS256 encoding and decoding usage by @peter279k in jpadilla/pyjwt#992

Add API docs for PyJWK by @luhn in jpadilla/pyjwt#980

Refactor project configuration files from setup.cfg to pyproject.toml PEP-518 by @cleder in jpadilla/pyjwt#995

Add JWK support to JWT encode by @luhn in jpadilla/pyjwt#979

Update pre-commit hooks to lint pyproject.toml by @cleder in jpadilla/pyjwt#1002

Add EdDSA algorithm encoding/decoding usage by @peter279k in jpadilla/pyjwt#993

Ruff linter and formatter changes by @gagandeepp in jpadilla/pyjwt#1001

Validate sub and jti claims for the token by @Divan009 in jpadilla/pyjwt#1005

Add ES256 usage by @Gautam-Hegde in jpadilla/pyjwt#1003

Encode EC keys with a fixed bit length by @way-dave in jpadilla/pyjwt#990

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#1000

Drop support for Python 3.8 by @kkirsche in jpadilla/pyjwt#1007

Prepare 2.10.0 release by @benvdh in jpadilla/pyjwt#1011

Bump codecov/codecov-action from 4 to 5 by @dependabot in jpadilla/pyjwt#1014

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in jpadilla/pyjwt#1006

New Contributors

@imnotjames made their first contribution in jpadilla/pyjwt#970

@kurtmckee made their first contribution in jpadilla/pyjwt#977

@pachewise made their first contribution in jpadilla/pyjwt#974

@RbnRncn made their first contribution in jpadilla/pyjwt#982

@peter279k made their first contribution in jpadilla/pyjwt#994

@cleder made their first contribution in jpadilla/pyjwt#995

@gagandeepp made their first contribution in jpadilla/pyjwt#1001

@Divan009 made their first contribution in jpadilla/pyjwt#1005

@Gautam-Hegde made their first contribution in jpadilla/pyjwt#1003

@way-dave made their first contribution in jpadilla/pyjwt#990

Full Changelog: jpadilla/pyjwt@2.9.0...2.10.0

Changelog

Sourced from pyjwt's changelog.

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

Fixed
- Prevent partial matching of `iss` claim by @fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__
v2.10.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0&gt;__
Changed
Remove algorithm requirement from JWT API, instead relying on JWS API for enforcement, by @luhn in [#975](https://github.com/jpadilla/pyjwt/issues/975) <https://github.com/jpadilla/pyjwt/pull/975>__

Use Sequence for parameter types rather than List where applicable by @imnotjames in [#970](https://github.com/jpadilla/pyjwt/issues/970) <https://github.com/jpadilla/pyjwt/pull/970>__

Add JWK support to JWT encode by @luhn in [#979](https://github.com/jpadilla/pyjwt/issues/979) <https://github.com/jpadilla/pyjwt/pull/979>__

Encoding and decoding payloads using the none algorithm by @jpadilla in #c2629f6 <https://github.com/jpadilla/pyjwt/commit/c2629f66c593459e02616048443231ccbe18be16>

Before:

.. code-block:: pycon

import jwt jwt.encode({"payload": "abc"}, key=None, algorithm=None)

After:

.. code-block:: pycon

import jwt jwt.encode({"payload": "abc"}, key=None, algorithm="none")

Added validation for 'sub' (subject) and 'jti' (JWT ID) claims in tokens by @Divan009 in [#1005](https://github.com/jpadilla/pyjwt/issues/1005) <https://github.com/jpadilla/pyjwt/pull/1005>__

Refactor project configuration files from setup.cfg to pyproject.toml by @cleder in [#995](https://github.com/jpadilla/pyjwt/issues/995) <https://github.com/jpadilla/pyjwt/pull/995>__

Ruff linter and formatter changes by @gagandeepp in [#1001](https://github.com/jpadilla/pyjwt/issues/1001) <https://github.com/jpadilla/pyjwt/pull/1001>__

Drop support for Python 3.8 (EOL) by @kkirsche in [#1007](https://github.com/jpadilla/pyjwt/issues/1007) <https://github.com/jpadilla/pyjwt/pull/1007>__

Fixed
- Encode EC keys with a fixed bit length by @etianen in `[#990](https://github.com/jpadilla/pyjwt/issues/990) <https://github.com/jpadilla/pyjwt/pull/990>`__
- Add an RTD config file to resolve Read the Docs build failures by @kurtmckee in `[#977](https://github.com/jpadilla/pyjwt/issues/977) <https://github.com/jpadilla/pyjwt/pull/977>`__
- Docs: Update ``iat`` exception docs by @pachewise in `[#974](https://github.com/jpadilla/pyjwt/issues/974) <https://github.com/jpadilla/pyjwt/pull/974>`__
- Docs: Fix ``decode_complete`` scope and algorithms by @RbnRncn in `[#982](https://github.com/jpadilla/pyjwt/issues/982) <https://github.com/jpadilla/pyjwt/pull/982>`__
- Fix doctest for ``docs/usage.rst`` by @pachewise in `[#986](https://github.com/jpadilla/pyjwt/issues/986) <https://github.com/jpadilla/pyjwt/pull/986>`__
</tr></table> 

... (truncated)

Commits

3ebbb22 fix lint
37748dc update changelog
33022c2 Merge commit from fork
783f324 [pre-commit.ci] pre-commit autoupdate (#1006)
0116fc6 Bump codecov/codecov-action from 4 to 5 (#1014)
b032353 feat: surface jwt.decode_complete(...)
a759c45 Prepare 2.10.0 release (#1011)
b6b8bce Drop support for Python 3.8 (#1007)
189c256 Update index.rst
1900857 Update index.rst
Additional commits viewable in compare view

Updates sqlparse from 0.5.1 to 0.5.2

Changelog

Sourced from sqlparse's changelog.

Release 0.5.2 (Nov 14, 2024)

Bug Fixes

EXTENSION is now recognized as a keyword (issue785).

SQL hints are not removed when removing comments (issue262, by skryzh).

Commits

7084df8 Add support for Python 3.13.
5f37dd6 Bump version to 0.5.2.
7c70674 Update authors and changelog.
48bd14e [feature] returning .gitignore to previous version
2f9c7ec [feature] deleting envs from .gitignore, creating test for SQL-Hints
8eb778c [fix] issue262 adding comment and tests
af6df6c [fix] fixing SQL-Hint deleting when clearing script from comments
a2c7e64 Update column_defs_lowlevel.py
e48000a Add EXTENSION as keyword (fixes #785).
5785736 Use hatch for upload as well.
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 6 updates in the /localcert directory: | Package | From | To | | --- | --- | --- | | [coverage](https://github.com/nedbat/coveragepy) | `7.6.4` | `7.6.8` | | [cryptography](https://github.com/pyca/cryptography) | `43.0.3` | `44.0.0` | | [django](https://github.com/django/django) | `5.1.2` | `5.1.3` | | [django-allauth](https://github.com/sponsors/pennersr) | `65.1.0` | `65.3.0` | | [pyjwt](https://github.com/jpadilla/pyjwt) | `2.9.0` | `2.10.1` | | [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.5.1` | `0.5.2` | Updates `coverage` from 7.6.4 to 7.6.8 - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.6.4...7.6.8) Updates `cryptography` from 43.0.3 to 44.0.0 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@43.0.3...44.0.0) Updates `django` from 5.1.2 to 5.1.3 - [Commits](django/django@5.1.2...5.1.3) Updates `django-allauth` from 65.1.0 to 65.3.0 - [Commits](https://github.com/sponsors/pennersr/commits) Updates `pyjwt` from 2.9.0 to 2.10.1 - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](jpadilla/pyjwt@2.9.0...2.10.1) Updates `sqlparse` from 0.5.1 to 0.5.2 - [Release notes](https://github.com/andialbrecht/sqlparse/releases) - [Changelog](https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG) - [Commits](andialbrecht/sqlparse@0.5.1...0.5.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch dependency-group: all - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: django dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: django-allauth dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: pyjwt dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: sqlparse dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-12-09T03:06:34Z

Superseded by #152.

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 2, 2024

dependabot bot closed this Dec 9, 2024

dependabot bot deleted the dependabot/pip/localcert/all-20907599f3 branch December 9, 2024 03:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all group across 1 directory with 6 updates #150

Bump the all group across 1 directory with 6 updates #150

dependabot bot commented on behalf of github Dec 2, 2024 •

edited

Loading

`v2.10.0 <https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0>`__

dependabot bot commented on behalf of github Dec 9, 2024

Bump the all group across 1 directory with 6 updates #150

Bump the all group across 1 directory with 6 updates #150

Conversation

dependabot bot commented on behalf of github Dec 2, 2024 • edited Loading

Version 7.6.8 — 2024-11-23

Version 7.6.7 — 2024-11-15

Version 7.6.6 — 2024-11-15

Version 7.6.5 — 2024-11-14

2.10.1

Fixed

2.10.0

What's Changed

New Contributors

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

v2.10.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0&gt;__

Release 0.5.2 (Nov 14, 2024)

dependabot bot commented on behalf of github Dec 9, 2024

dependabot bot commented on behalf of github Dec 2, 2024 •

edited

Loading

`v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>`__

`v2.10.0 <https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0>`__