Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scheduled weekly dependency update for week 04 #806

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Scheduled weekly dependency update for week 04 #806

wants to merge 5 commits into from

Conversation

pyup-bot
Copy link
Collaborator

Update certifi from 2022.9.24 to 2023.11.17.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update jinja2 from 3.1.2 to 3.1.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update pygments from 2.13.0 to 2.17.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update requests from 2.28.1 to 2.31.0.

Changelog

2.31.0

-------------------

**Security**
- Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of `Proxy-Authorization` headers to destination servers when
following HTTPS redirects.

When proxies are defined with user info (https://user:passproxy:8080), Requests
will construct a `Proxy-Authorization` header that is attached to the request to
authenticate with the proxy.

In cases where Requests receives a redirect response, it previously reattached
the `Proxy-Authorization` header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are *strongly* encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.

Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.

Full details can be read in our [Github Security Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q)
and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681).

2.30.0

-------------------

**Dependencies**
- ⚠️ Added support for urllib3 2.0. ⚠️

This may contain minor breaking changes so we advise careful testing and
reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html
prior to upgrading.

Users who wish to stay on urllib3 1.x can pin to `urllib3<2`.

2.29.0

-------------------

**Improvements**

- Requests now defers chunked requests to the urllib3 implementation to improve
standardization. (6226)
- Requests relaxes header component requirements to support bytes/str subclasses. (6356)

2.28.2

-------------------

**Dependencies**

- Requests now supports charset\_normalizer 3.x. (6261)

**Bugfixes**

- Updated MissingSchema exception to suggest https scheme rather than http. (6188)
Links

Update urllib3 from 1.26.11 to 2.1.0.

Changelog

2.1.0

==================

Read the `v2 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>`__ for help upgrading to the latest version of urllib3.

Removals
--------

- Removed support for the deprecated urllib3[secure] extra. (`2680 <https://github.com/urllib3/urllib3/issues/2680>`__)
- Removed support for the deprecated SecureTransport TLS implementation. (`2681 <https://github.com/urllib3/urllib3/issues/2681>`__)
- Removed support for the end-of-life Python 3.7. (`3143 <https://github.com/urllib3/urllib3/issues/3143>`__)


Bugfixes
--------

- Allowed loading CA certificates from memory for proxies. (`3065 <https://github.com/urllib3/urllib3/issues/3065>`__)
- Fixed decoding Gzip-encoded responses which specified ``x-gzip`` content-encoding. (`3174 <https://github.com/urllib3/urllib3/issues/3174>`__)

2.0.7

==================

* Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

2.0.6

==================

* Added the ``Cookie`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``.

2.0.5

==================

- Allowed pyOpenSSL third-party module without any deprecation warning. (`3126 <https://github.com/urllib3/urllib3/issues/3126>`__)
- Fixed default ``blocksize`` of ``HTTPConnection`` classes to match high-level classes. Previously was 8KiB, now 16KiB. (`3066 <https://github.com/urllib3/urllib3/issues/3066>`__)

2.0.4

==================

- Added support for union operators to ``HTTPHeaderDict`` (`2254 <https://github.com/urllib3/urllib3/issues/2254>`__)
- Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`3078 <https://github.com/urllib3/urllib3/issues/3078>`__)
- Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client (`2757 <https://github.com/urllib3/urllib3/issues/2757>`__)
- Relied on the standard library for checking hostnames in supported PyPy releases (`3087 <https://github.com/urllib3/urllib3/issues/3087>`__)

2.0.3

==================

- Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. (`3020 <https://github.com/urllib3/urllib3/issues/3020>`__)
- Deprecated URLs which don't have an explicit scheme (`2950 <https://github.com/urllib3/urllib3/pull/2950>`_)
- Fixed response decoding with Zstandard when compressed data is made of several frames. (`3008 <https://github.com/urllib3/urllib3/issues/3008>`__)
- Fixed ``assert_hostname=False`` to correctly skip hostname check. (`3051 <https://github.com/urllib3/urllib3/issues/3051>`__)

2.0.2

==================

- Fixed ``HTTPResponse.stream()`` to continue yielding bytes if buffered decompressed data
was still available to be read even if the underlying socket is closed. This prevents
a compressed response from being truncated. (`3009 <https://github.com/urllib3/urllib3/issues/3009>`__)

2.0.1

==================

- Fixed a socket leak when fingerprint or hostname verifications fail. (`2991 <https://github.com/urllib3/urllib3/issues/2991>`__)
- Fixed an error when ``HTTPResponse.read(0)`` was the first ``read`` call or when the internal response body buffer was otherwise empty. (`2998 <https://github.com/urllib3/urllib3/issues/2998>`__)

2.0.0

==================

Read the `v2.0 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>`__ for help upgrading to the latest version of urllib3.

Removed
-------

* Removed support for Python 2.7, 3.5, and 3.6 (`883 <https://github.com/urllib3/urllib3/issues/883>`__, `#2336 <https://github.com/urllib3/urllib3/issues/2336>`__).
* Removed fallback on certificate ``commonName`` in ``match_hostname()`` function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only ``subjectAltName``
is used to verify the hostname by default. To enable verifying the hostname against
``commonName`` use ``SSLContext.hostname_checks_common_name = True`` (`2113 <https://github.com/urllib3/urllib3/issues/2113>`__).
* Removed support for Python with an ``ssl`` module compiled with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support.
When an incompatible OpenSSL version is detected an ``ImportError`` is raised (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure (`2082 <https://github.com/urllib3/urllib3/issues/2082>`__).
* Removed ``urllib3.contrib.appengine.AppEngineManager`` and support for Google App Engine Standard Environment (`2044 <https://github.com/urllib3/urllib3/issues/2044>`__).
* Removed deprecated ``Retry`` options ``method_whitelist``, ``DEFAULT_REDIRECT_HEADERS_BLACKLIST`` (`2086 <https://github.com/urllib3/urllib3/issues/2086>`__).
* Removed ``urllib3.HTTPResponse.from_httplib`` (`2648 <https://github.com/urllib3/urllib3/issues/2648>`__).
* Removed default value of ``None`` for the ``request_context`` parameter of ``urllib3.PoolManager.connection_from_pool_key``. This change should have no effect on users as the default value of ``None`` was an invalid option and was never used (`1897 <https://github.com/urllib3/urllib3/issues/1897>`__).
* Removed the ``urllib3.request`` module. ``urllib3.request.RequestMethods`` has been made a private API.
This change was made to ensure that ``from urllib3 import request`` imported the top-level ``request()``
function instead of the ``urllib3.request`` module (`2269 <https://github.com/urllib3/urllib3/issues/2269>`__).
* Removed support for SSLv3.0 from the ``urllib3.contrib.pyopenssl`` even when support is available from the compiled OpenSSL library (`2233 <https://github.com/urllib3/urllib3/issues/2233>`__).
* Removed the deprecated ``urllib3.contrib.ntlmpool`` module (`2339 <https://github.com/urllib3/urllib3/issues/2339>`__).
* Removed ``DEFAULT_CIPHERS``, ``HAS_SNI``, ``USE_DEFAULT_SSLCONTEXT_CIPHERS``, from the private module ``urllib3.util.ssl_`` (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed ``urllib3.exceptions.SNIMissingWarning`` (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed the ``_prepare_conn`` method from ``HTTPConnectionPool``. Previously this was only used to call ``HTTPSConnection.set_cert()`` by ``HTTPSConnectionPool`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Removed ``tls_in_tls_required`` property from ``HTTPSConnection``. This is now determined from the ``scheme`` parameter in ``HTTPConnection.set_tunnel()`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Removed the ``strict`` parameter/attribute from ``HTTPConnection``, ``HTTPSConnection``, ``HTTPConnectionPool``, ``HTTPSConnectionPool``, and ``HTTPResponse`` (`2064 <https://github.com/urllib3/urllib3/issues/2064>`__).

Deprecated
----------

* Deprecated ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` which will be removed in urllib3 v2.1.0. Instead use ``HTTPResponse.headers`` and ``HTTPResponse.headers.get(name, default)``. (`1543 <https://github.com/urllib3/urllib3/issues/1543>`__, `#2814 <https://github.com/urllib3/urllib3/issues/2814>`__).
* Deprecated ``urllib3.contrib.pyopenssl`` module which will be removed in urllib3 v2.1.0 (`2691 <https://github.com/urllib3/urllib3/issues/2691>`__).
* Deprecated ``urllib3.contrib.securetransport`` module which will be removed in urllib3 v2.1.0 (`2692 <https://github.com/urllib3/urllib3/issues/2692>`__).
* Deprecated ``ssl_version`` option in favor of ``ssl_minimum_version``. ``ssl_version`` will be removed in urllib3 v2.1.0 (`2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Deprecated the ``strict`` parameter of ``PoolManager.connection_from_context()`` as it's not longer needed in Python 3.x. It will be removed in urllib3 v2.1.0 (`2267 <https://github.com/urllib3/urllib3/issues/2267>`__)
* Deprecated the ``NewConnectionError.pool`` attribute which will be removed in urllib3 v2.1.0 (`2271 <https://github.com/urllib3/urllib3/issues/2271>`__).
* Deprecated ``format_header_param_html5`` and ``format_header_param`` in favor of ``format_multipart_header_param`` (`2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Deprecated ``RequestField.header_formatter`` parameter which will be removed in urllib3 v2.1.0 (`2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Deprecated ``HTTPSConnection.set_cert()`` method. Instead pass parameters to the ``HTTPSConnection`` constructor (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Deprecated ``HTTPConnection.request_chunked()`` method which will be removed in urllib3 v2.1.0. Instead pass ``chunked=True`` to ``HTTPConnection.request()`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).

Added
-----

* Added top-level ``urllib3.request`` function which uses a preconfigured module-global ``PoolManager`` instance (`2150 <https://github.com/urllib3/urllib3/issues/2150>`__).
* Added the ``json`` parameter to ``urllib3.request()``, ``PoolManager.request()``, and ``ConnectionPool.request()`` methods to send JSON bodies in requests. Using this parameter will set the header ``Content-Type: application/json`` if ``Content-Type`` isn't already defined.
Added support for parsing JSON response bodies with ``HTTPResponse.json()`` method (`2243 <https://github.com/urllib3/urllib3/issues/2243>`__).
* Added type hints to the ``urllib3`` module (`1897 <https://github.com/urllib3/urllib3/issues/1897>`__).
* Added ``ssl_minimum_version`` and ``ssl_maximum_version`` options which set
``SSLContext.minimum_version`` and ``SSLContext.maximum_version`` (`2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Added support for Zstandard (RFC 8878) when ``zstandard`` 1.18.0 or later is installed.
Added the ``zstd`` extra which installs the ``zstandard`` package (`1992 <https://github.com/urllib3/urllib3/issues/1992>`__).
* Added ``urllib3.response.BaseHTTPResponse`` class. All future response classes will be subclasses of ``BaseHTTPResponse`` (`2083 <https://github.com/urllib3/urllib3/issues/2083>`__).
* Added ``FullPoolError`` which is raised when ``PoolManager(block=True)`` and a connection is returned to a full pool (`2197 <https://github.com/urllib3/urllib3/issues/2197>`__).
* Added ``HTTPHeaderDict`` to the top-level ``urllib3`` namespace (`2216 <https://github.com/urllib3/urllib3/issues/2216>`__).
* Added support for configuring header merging behavior with HTTPHeaderDict
When using a ``HTTPHeaderDict`` to provide headers for a request, by default duplicate
header values will be repeated. But if ``combine=True`` is passed into a call to
``HTTPHeaderDict.add``, then the added header value will be merged in with an existing
value into a comma-separated list (``X-My-Header: foo, bar``) (`2242 <https://github.com/urllib3/urllib3/issues/2242>`__).
* Added ``NameResolutionError`` exception when a DNS error occurs (`2305 <https://github.com/urllib3/urllib3/issues/2305>`__).
* Added ``proxy_assert_hostname`` and ``proxy_assert_fingerprint`` kwargs to ``ProxyManager`` (`2409 <https://github.com/urllib3/urllib3/issues/2409>`__).
* Added a configurable ``backoff_max`` parameter to the ``Retry`` class.
If a custom ``backoff_max`` is provided to the ``Retry`` class, it
will replace the ``Retry.DEFAULT_BACKOFF_MAX`` (`2494 <https://github.com/urllib3/urllib3/issues/2494>`__).
* Added the ``authority`` property to the Url class as per RFC 3986 3.2. This property should be used in place of ``netloc`` for users who want to include the userinfo (auth) component of the URI (`2520 <https://github.com/urllib3/urllib3/issues/2520>`__).
* Added the ``scheme`` parameter to ``HTTPConnection.set_tunnel`` to configure the scheme of the origin being tunnelled to (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Added the ``is_closed``, ``is_connected`` and ``has_connected_to_proxy`` properties to ``HTTPConnection`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Added optional ``backoff_jitter`` parameter to ``Retry``. (`2952 <https://github.com/urllib3/urllib3/issues/2952>`__)

Changed
-------

* Changed ``urllib3.response.HTTPResponse.read`` to respect the semantics of ``io.BufferedIOBase`` regardless of compression. Specifically, this method:

* Only returns an empty bytes object to indicate EOF (that is, the response has been fully consumed).
* Never returns more bytes than requested.
* Can issue any number of system calls: zero, one or multiple.

If you want each ``urllib3.response.HTTPResponse.read`` call to issue a single system call, you need to disable decompression by setting ``decode_content=False`` (`2128 <https://github.com/urllib3/urllib3/issues/2128>`__).
* Changed ``urllib3.HTTPConnection.getresponse`` to return an instance of ``urllib3.HTTPResponse`` instead of ``http.client.HTTPResponse`` (`2648 <https://github.com/urllib3/urllib3/issues/2648>`__).
* Changed ``ssl_version`` to instead set the corresponding ``SSLContext.minimum_version``
and ``SSLContext.maximum_version`` values.  Regardless of ``ssl_version`` passed
``SSLContext`` objects are now constructed using ``ssl.PROTOCOL_TLS_CLIENT`` (`2110 <https://github.com/urllib3/urllib3/issues/2110>`__).
* Changed default ``SSLContext.minimum_version`` to be ``TLSVersion.TLSv1_2`` in line with Python 3.10 (`2373 <https://github.com/urllib3/urllib3/issues/2373>`__).
* Changed ``ProxyError`` to wrap any connection error (timeout, TLS, DNS) that occurs when connecting to the proxy (`2482 <https://github.com/urllib3/urllib3/pull/2482>`__).
* Changed ``urllib3.util.create_urllib3_context`` to not override the system cipher suites with
a default value. The new default will be cipher suites configured by the operating system (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Changed ``multipart/form-data`` header parameter formatting matches the WHATWG HTML Standard as of 2021-06-10. Control characters in filenames are no longer percent encoded (`2257 <https://github.com/urllib3/urllib3/issues/2257>`__).
* Changed the error raised when connecting via HTTPS when the ``ssl`` module isn't available from ``SSLError`` to ``ImportError`` (`2589 <https://github.com/urllib3/urllib3/issues/2589>`__).
* Changed ``HTTPConnection.request()`` to always use lowercase chunk boundaries when sending requests with ``Transfer-Encoding: chunked`` (`2515 <https://github.com/urllib3/urllib3/issues/2515>`__).
* Changed ``enforce_content_length`` default to True, preventing silent data loss when reading streamed responses (`2514 <https://github.com/urllib3/urllib3/issues/2514>`__).
* Changed internal implementation of ``HTTPHeaderDict`` to use ``dict`` instead of ``collections.OrderedDict`` for better performance (`2080 <https://github.com/urllib3/urllib3/issues/2080>`__).
* Changed the ``urllib3.contrib.pyopenssl`` module to wrap ``OpenSSL.SSL.Error`` with ``ssl.SSLError`` in ``PyOpenSSLContext.load_cert_chain`` (`2628 <https://github.com/urllib3/urllib3/issues/2628>`__).
* Changed usage of the deprecated ``socket.error`` to ``OSError`` (`2120 <https://github.com/urllib3/urllib3/issues/2120>`__).
* Changed all parameters in the ``HTTPConnection`` and ``HTTPSConnection`` constructors to be keyword-only except ``host`` and ``port`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed ``HTTPConnection.getresponse()`` to set the socket timeout from ``HTTPConnection.timeout`` value before reading
data from the socket. This previously was done manually by the ``HTTPConnectionPool`` calling ``HTTPConnection.sock.settimeout(...)`` (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed the ``_proxy_host`` property to ``_tunnel_host`` in ``HTTPConnectionPool`` to more closely match how the property is used (value in ``HTTPConnection.set_tunnel()``) (`1985 <https://github.com/urllib3/urllib3/issues/1985>`__).
* Changed name of ``Retry.BACK0FF_MAX`` to be ``Retry.DEFAULT_BACKOFF_MAX``.
* Changed TLS handshakes to use ``SSLContext.check_hostname`` when possible (`2452 <https://github.com/urllib3/urllib3/pull/2452>`__).
* Changed ``server_hostname`` to behave like other parameters only used by ``HTTPSConnectionPool`` (`2537 <https://github.com/urllib3/urllib3/pull/2537>`__).
* Changed the default ``blocksize`` to 16KB to match OpenSSL's default read amounts (`2348 <https://github.com/urllib3/urllib3/pull/2348>`__).
* Changed ``HTTPResponse.read()`` to raise an error when calling with ``decode_content=False`` after using ``decode_content=True`` to prevent data loss (`2800 <https://github.com/urllib3/urllib3/issues/2800>`__).

Fixed
-----

* Fixed thread-safety issue where accessing a ``PoolManager`` with many distinct origins would cause connection pools to be closed while requests are in progress (`1252 <https://github.com/urllib3/urllib3/issues/1252>`__).
* Fixed an issue where an ``HTTPConnection`` instance would erroneously reuse the socket read timeout value from reading the previous response instead of a newly configured connect timeout.
Instead now if ``HTTPConnection.timeout`` is updated before sending the next request the new timeout value will be used (`2645 <https://github.com/urllib3/urllib3/issues/2645>`__).
* Fixed ``socket.error.errno`` when raised from pyOpenSSL's ``OpenSSL.SSL.SysCallError`` (`2118 <https://github.com/urllib3/urllib3/issues/2118>`__).
* Fixed the default value of ``HTTPSConnection.socket_options`` to match ``HTTPConnection`` (`2213 <https://github.com/urllib3/urllib3/issues/2213>`__).
* Fixed a bug where ``headers`` would be modified by the ``remove_headers_on_redirect`` feature (`2272 <https://github.com/urllib3/urllib3/issues/2272>`__).
* Fixed a reference cycle bug in ``urllib3.util.connection.create_connection()`` (`2277 <https://github.com/urllib3/urllib3/issues/2277>`__).
* Fixed a socket leak if ``HTTPConnection.connect()`` fails (`2571 <https://github.com/urllib3/urllib3/pull/2571>`__).
* Fixed ``urllib3.contrib.pyopenssl.WrappedSocket`` and ``urllib3.contrib.securetransport.WrappedSocket`` close methods (`2970 <https://github.com/urllib3/urllib3/issues/2970>`__)

1.26.18

====================

* Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

1.26.17

====================

* Added the ``Cookie`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``. (`3139 <https://github.com/urllib3/urllib3/pull/3139>`_)

1.26.16

====================

* Fixed thread-safety issue where accessing a ``PoolManager`` with many distinct origins
would cause connection pools to be closed while requests are in progress (`2954 <https://github.com/urllib3/urllib3/pull/2954>`_)

1.26.15

====================

* Fix socket timeout value when ``HTTPConnection`` is reused (`2645 <https://github.com/urllib3/urllib3/issues/2645>`__)
* Remove "!" character from the unreserved characters in IPv6 Zone ID parsing
(`2899 <https://github.com/urllib3/urllib3/issues/2899>`__)
* Fix IDNA handling of '\x80' byte (`2901 <https://github.com/urllib3/urllib3/issues/2901>`__)

1.26.14

====================

* Fixed parsing of port 0 (zero) returning None, instead of 0. (`2850 <https://github.com/urllib3/urllib3/issues/2850>`__)
* Removed deprecated getheaders() calls in contrib module. Fixed the type hint of ``PoolKey.key_retries`` by adding ``bool`` to the union. (`2865 <https://github.com/urllib3/urllib3/issues/2865>`__)

1.26.13

====================

* Deprecated the ``HTTPResponse.getheaders()`` and ``HTTPResponse.getheader()`` methods.
* Fixed an issue where parsing a URL with leading zeroes in the port would be rejected
even when the port number after removing the zeroes was valid.
* Fixed a deprecation warning when using cryptography v39.0.0.
* Removed the ``<4`` in the ``Requires-Python`` packaging metadata field.

1.26.12

====================

* Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module.
Both will be removed in v2.x. See this `GitHub issue <https://github.com/urllib3/urllib3/issues/2680>`_
for justification and info on how to migrate.
Links

sourcery-ai[bot]
sourcery-ai bot reviewed Jan 28, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Type: Enhancement

PR Summary: The pull request updates several key Python dependencies to their latest versions. This includes updates to certifi, jinja2, pygments, requests, and urllib3. The updates are part of a scheduled weekly maintenance to keep the project dependencies current and secure.

Decision: Comment

📝 Type: 'Enhancement' - not supported yet.
  • Sourcery currently only approves 'Typo fix' PRs.
✅ Issue addressed: this change correctly addresses the issue or implements the desired feature.
No details provided.
📝 Complexity: the changes are too large or complex for Sourcery to approve.
  • Unsupported files: the diff contains files that Sourcery does not currently support during reviews.

General suggestions:

  • Ensure that the updated dependencies do not introduce any breaking changes that could affect the existing functionality.
  • Verify that the updates do not conflict with the project's requirements or introduce compatibility issues with other dependencies.
  • Consider adding a brief description of the major changes for each updated dependency, especially for those without a changelog, to help reviewers understand the context of the updates.

Thanks for using Sourcery. We offer it for free for open source projects and would be very grateful if you could help us grow. If you like it, would you consider sharing Sourcery on your favourite social media? ✨

Share Sourcery

Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.

@what-the-diff What The Diff
Copy link

what-the-diff bot commented Jan 28, 2024

PR Summary

  • Updated certifi version
    The version of the security certificate module, certifi, has been updated to 2023.11.17. This will ensure that the software continues to properly validate security certificates.

  • Updated jinja2 version
    The jinja2 version has been bumped up to 3.1.3. This improves the software's template engine, which helps in producing text files such as HTML or XML documents.

  • Updated pygments version
    The pygments, a syntax highlighting tool, version was updated to 2.17.2. This change enhances code readability and visual presentation in the software.

  • Updated requests version
    The requests library version has been updated to 2.31.0. This library is used for making HTTP requests. The upgrade can enhance performance and security of internet communications.

  • Updated urllib3 version
    The version of urllib3, a module used for handling HTTP connections, was upgraded to 2.1.0. This update will help maintain the software's ability to make secure and efficient network requests.

@codecov Codecov
Copy link

codecov bot commented Jan 28, 2024
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (ad09368) 33.67% compared to head (2425bd4) 33.67%.

❗ Current head 2425bd4 differs from pull request most recent head 6389e17. Consider uploading reports for the commit 6389e17 to get more accurate results

Additional details and impacted files 
@@           Coverage Diff           @@
##           master     #806   +/-   ##
=======================================
  Coverage   33.67%   33.67%           
=======================================
  Files           5        5           
  Lines         677      677           
=======================================
  Hits          228      228           
  Misses        449      449
Flag Coverage Δ
unittests 33.67% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@pyup-bot