⬆️ chore(deps): Bump the all group with 25 updates

[dependabot]

Bumps the all group with 25 updates:

Package	From	To
anyio	3.7.1	4.3.0
beanie	1.23.6	1.25.0
certifi	2023.11.17	2024.2.2
dnspython	2.4.2	2.6.1
exceptiongroup	1.2.0	1.2.1
fastapi	0.105.0	0.110.3
httpcore	1.0.2	1.0.5
httpx	0.26.0	0.27.0
idna	3.6	3.7
llvmlite	0.41.1	0.42.0
motor	3.3.2	3.4.0
numba	0.58.1	0.59.1
numpy	1.26.2	1.26.4
packaging	23.2	24.0
pluggy	1.3.0	1.5.0
pydantic	2.5.3	2.7.1
pydantic-core	2.14.6	2.18.2
pymongo	4.6.1	4.7.1
pytest	7.4.3	8.2.0
pytz	2023.3.post1	2024.1
scipy	1.11.4	1.13.0
sniffio	1.3.0	1.3.1
starlette	0.27.0	0.37.2
typing-extensions	4.9.0	4.11.0
uvicorn	0.25.0	0.29.0

Updates anyio from 3.7.1 to 4.3.0

Release notes

Sourced from anyio's releases.

4.3.0

• Added support for the Python 3.12 walk_up keyword argument in anyio.Path.relative_to() (PR by Colin Taylor)

• Fixed passing total_tokens to anyio.CapacityLimiter() as a keyword argument not working on the trio backend (#515)

• Fixed Process.aclose() not performing the minimum level of necessary cleanup when cancelled. Previously:

  • Cancellation of Process.aclose() could leak an orphan process
  • Cancellation of run_process() could very briefly leak an orphan process.
  • Cancellation of Process.aclose() or run_process() on Trio could leave standard streams unclosed

  (PR by Ganden Schaffner)

• Fixed Process.stdin.aclose(), Process.stdout.aclose(), and Process.stderr.aclose() not including a checkpoint on asyncio (PR by Ganden Schaffner)

• Fixed documentation on how to provide your own typed attributes

4.2.0

• Add support for byte-based paths in connect_unix, create_unix_listeners, create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by Lura Skye)

• Enabled the Event and CapacityLimiter classes to be instantiated outside an event loop thread

• Broadly improved/fixed the type annotations. Among other things, many functions and methods that take variadic positional arguments now make use of PEP 646 TypeVarTuple to allow the positional arguments to be validated by static type checkers. These changes affected numerous methods and functions, including:

  • anyio.run()
  • TaskGroup.start_soon()
  • anyio.from_thread.run()
  • anyio.from_thread.run_sync()
  • anyio.to_thread.run_sync()
  • anyio.to_process.run_sync()
  • BlockingPortal.call()
  • BlockingPortal.start_task_soon()
  • BlockingPortal.start_task()

  (also resolves #560)

• Fixed various type annotations of anyio.Path to match Typeshed:

  • anyio.Path.__lt__()
  • anyio.Path.__le__()
  • anyio.Path.__gt__()
  • anyio.Path.__ge__()
  • anyio.Path.__truediv__()
  • anyio.Path.__rtruediv__()
  • anyio.Path.hardlink_to()
  • anyio.Path.samefile()
  • anyio.Path.symlink_to()
  • anyio.Path.with_segments()

  (PR by Ganden Schaffner)

... (truncated)

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

UNRELEASED

• Added the BlockingPortalProvider class to aid with constructing synchronous counterparts to asynchronous interfaces that would otherwise require multiple blocking portals
• Fixed erroneous RuntimeError: called 'started' twice on the same task status when cancelling a task in a TaskGroup created with the start() method before the first checkpoint is reached after calling task_status.started() ([#706](https://github.com/agronholm/anyio/issues/706) <https://github.com/agronholm/anyio/issues/706>_; PR by Dominik Schwabe)
• Fixed cancellation delivery on asyncio incrementing the wrong cancel scope's cancellation counter when cascading a cancel operation to a child scope, thus failing to uncancel the host task ([#716](https://github.com/agronholm/anyio/issues/716) <https://github.com/agronholm/anyio/issues/716>_)
• Fixed erroneous TypedAttributeLookupError if a typed attribute getter raises KeyError
• Fixed the asyncio backend not respecting the PYTHONASYNCIODEBUG environment variable when setting the debug flag in anyio.run()
• Fixed SocketStream.receive() not detecting EOF on asyncio if there is also data in the read buffer ([#701](https://github.com/agronholm/anyio/issues/701) <https://github.com/agronholm/anyio/issues/701>_)
• Emit a ResourceWarning for MemoryObjectReceiveStream and MemoryObjectSendStream that were garbage collected without being closed (PR by Andrey Kazantcev)

4.3.0

• Added support for the Python 3.12 walk_up keyword argument in anyio.Path.relative_to() (PR by Colin Taylor)

• Fixed passing total_tokens to anyio.CapacityLimiter() as a keyword argument not working on the trio backend ([#515](https://github.com/agronholm/anyio/issues/515) <https://github.com/agronholm/anyio/issues/515>_)

• Fixed Process.aclose() not performing the minimum level of necessary cleanup when cancelled. Previously:

  • Cancellation of Process.aclose() could leak an orphan process
  • Cancellation of run_process() could very briefly leak an orphan process.
  • Cancellation of Process.aclose() or run_process() on Trio could leave standard streams unclosed

  (PR by Ganden Schaffner)

• Fixed Process.stdin.aclose(), Process.stdout.aclose(), and Process.stderr.aclose() not including a checkpoint on asyncio (PR by Ganden Schaffner)

• Fixed documentation on how to provide your own typed attributes

4.2.0

... (truncated)

Commits

• 437a7e3 Bumped up the version
• 1ce32e5 Updated the upload/download artifact actions
• d39c837 [pre-commit.ci] pre-commit autoupdate (#690)
• ba48ea8 Added the network marker to some tests that need DNS (#687)
• 5426f7b Remove conditionals and workarounds for Python interpreter versions 3.7 and o...
• 7565f31 [pre-commit.ci] pre-commit autoupdate (#684)
• 137de70 Fixed documentation on providing custom typed attributes (#683)
• 8b8806c Fixed typo (#681)
• 1e60219 Fixed run_process() and open_process().__aexit__ leaking an orphan proces...
• 3f14df8 [pre-commit.ci] pre-commit autoupdate (#676)
• Additional commits viewable in compare view

Updates beanie from 1.23.6 to 1.25.0

Release notes

Sourced from beanie's releases.

1.25.0

Encode Date Objects

• Author - George Sakkis
• PR roman-right/beanie#816

Fix: Findinterface Type-Hints Break On View Models

• Author - Guy Tsitsiashvili
• PR roman-right/beanie#819

Fix: Count With Text Queries And Links

• Author - Benjamin Earle
• PR roman-right/beanie#826

Update Migration Command To Enable/Disable Transactions

• Author - Mahmoud Mabrouk
• PR roman-right/beanie#828

Sync Method

• Author - Roman Right
• PR roman-right/beanie#831

Limit Nesting Level Of Linked Documents

WARNING: This is a breaking change. Please, read the docs before updating.

• Author - Roman Right
• PR roman-right/beanie#834

1.24.0

Exclude revision_id From The get_changes Method

• Author - Roman Right
• PR roman-right/beanie#759

Add Support For Custom Bucket Fields In Time Series

• Author - Lucas Hardt
• PR roman-right/beanie#760

Add Bson Maxkey And Minkey

• Author - Noah Witt
• PR roman-right/beanie#768

Update Model During Save Validation

• Author - Roman Right
• PR roman-right/beanie#776

Fix init_beanie document_models Type Hint

• Author - Capi Etheriel
• PR roman-right/beanie#784

Fix Encoding Keys In Mapping Branch Of Encoder

... (truncated)

Changelog

Sourced from beanie's changelog.

1.25.0 - 2024-01-24

Encode Date Objects

• Author - George Sakkis
• PR roman-right/beanie#816

Fix: Findinterface Type-Hints Break On View Models

• Author - Guy Tsitsiashvili
• PR roman-right/beanie#819

Fix: Count With Text Queries And Links

• Author - Benjamin Earle
• PR roman-right/beanie#826

Update Migration Command To Enable/Disable Transactions

• Author - Mahmoud Mabrouk
• PR roman-right/beanie#828

Sync Method

• Author - Roman Right
• PR roman-right/beanie#831

Limit Nesting Level Of Linked Documents

WARNING: This is a breaking change. Please, read the docs before updating.

• Author - Roman Right
• PR roman-right/beanie#834

[1.24.0] - 2023-12-24

Exclude revision_id From The get_changes Method

• Author - Roman Right
• PR roman-right/beanie#759

Add Support For Custom Bucket Fields In Time Series

• Author - Lucas Hardt
• PR roman-right/beanie#760

Add Bson Maxkey And Minkey

• Author - Noah Witt
• PR roman-right/beanie#768

Update Model During Save Validation

• Author - Roman Right
• PR roman-right/beanie#776

Fix init_beanie document_models Type Hint

... (truncated)

Commits

• 72b35f9 Version/1.25.0 (#844)
• 3258326 Limit Nesting Level of Linked Documents (#834)
• 7c49b91 Sync Method (#831)
• ced7168 ko-fi buttons (#843)
• 99312f6 Create FUNDING.yml (#842)
• 8fa4068 Update migration command to enable/disable transactions (#828)
• 63542eb Fix: FindInterface type-hints break on View models (#819)
• 9056fbb fix: count with text queries and links (#826)
• e876e1a Encode date objects (#816)
• f2e1439 version | 1.24.0 (#815)
• Additional commits viewable in compare view

Updates certifi from 2023.11.17 to 2024.2.2

Commits

• 45eb611 2024.02.02 (#266)
• 83f4f04 fix leaking certificate issue (#265)
• bbf2208 Bump actions/upload-artifact from 4.2.0 to 4.3.0 (#264)
• 9e837a5 Bump actions/upload-artifact from 4.1.0 to 4.2.0 (#262)
• 05d071b Bump actions/upload-artifact from 4.0.0 to 4.1.0 (#261)
• 2a3088a Bump actions/download-artifact from 4.1.0 to 4.1.1 (#260)
• d4ca66e Bump actions/upload-artifact from 3.1.3 to 4.0.0 (#258)
• 5d15663 Bump actions/download-artifact from 3.0.2 to 4.1.0 (#257)
• d66ef9d Bump actions/setup-python from 4.7.1 to 5.0.0 (#256)
• 8f0d412 Bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11 (#255)
• Additional commits viewable in compare view

Updates dnspython from 2.4.2 to 2.6.1

Release notes

Sourced from dnspython's releases.

dnspython 2.6.1

See What's New for details.

This is a bug fix release for 2.6.0 where the "TuDoor" fix erroneously suppressed legitimate Truncated exceptions. This caused the stub resolver to timeout instead of failing over to TCP when a legitimate truncated response was received over UDP.

This release addresses the potential DoS issue discussed in the "TuDoor" paper (CVE-2023-29483). The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query. In this situation, dnspython might switch to querying another resolver or give up entirely, possibly denying service for that resolution. This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.

Thank you to all the contributors to this release, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.

dnspython 2.6.0

See What's New for details.

This release addresses the potential DoS issue discussed in the "TuDoor" paper (CVE-2023-29483). The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query. In this situation, dnspython might switch to querying another resolver or give up entirely, possibly denying service for that resolution. This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.

Thank you to all the contributors to this release, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.

dnspython 2.5.0

See the What's New page for a summary of this release.

Thanks to all the contributors, and, as usual, thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.

Changelog

Sourced from dnspython's changelog.

2.6.1

• The Tudoor fix ate legitimate Truncated exceptions, preventing the resolver from failing over to TCP and causing the query to timeout #1053.

2.6.0

• As mentioned in the "TuDoor" paper and the associated CVE-2023-29483, the dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query.

  This release addresses the issue by adopting the recommended mitigation, which is ignoring the bad packets and continuing to listen for a legitimate response until the timeout for the query has expired.

• Added support for the NSID EDNS option.

• Dnspython now looks for version metadata for optional packages and will not use them if they are too old. This prevents possible exceptions when a feature like DoH is not desired in dnspython, but an old httpx is installed along with dnspython for some other purpose.

• The DoHNameserver class now allows GET to be used instead of the default POST, and also passes source and source_port correctly to the underlying query methods.

2.5.0

• Dnspython now uses hatchling for builds.

• Asynchronous destinationless sockets now work on Windows.

• Cython is no longer supported due to various typing issues.

• Dnspython now explicitly canonicalizes IPv4 and IPv6 addresses. Previously it was possible for non-canonical IPv6 forms to be stored in a AAAA address, which would work correctly but possibly cause problmes if the address were used as a key in a dictionary.

• The number of messages in a section can be retrieved with section_count().

• Truncation preferences for messages can be specified.

• The length of a message can be automatically prepended when rendering.

... (truncated)

Commits

• 0a742b9 update CI
• 0ea5ad0 The Tudoor fix should not eat valid Truncated exceptions #1053 (#1054)
• f12d398 2.6.1 version prep
• cecb853 Further improve CVE fix coverage to 100% for sync and async.
• 7952e31 test IgnoreErrors
• e093299 For the Tudoor fix, we also need the UDP nameserver to ignore_unexpected.
• 3af9f78 2.6.0 versioning
• ca63d95 Require cryptography >=41 instead of 42.
• 902cbf3 Create CODE_OF_CONDUCT.md
• ed9795f github contributing and pull request template
• Additional commits viewable in compare view

Updates exceptiongroup from 1.2.0 to 1.2.1

Release notes

Sourced from exceptiongroup's releases.

1.2.1

• Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
• Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
• Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

1.2.1

• Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
• Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
• Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

• Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
• Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
• Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

1.1.3

• catch() now raises a TypeError if passed an async exception handler instead of just giving a RuntimeWarning about the coroutine never being awaited. (#66, PR by John Litborn)
• Fixed plain raise statement in an exception handler callback to work like a raise in an except* block
• Fixed new exception group not being chained to the original exception when raising an exception group from exceptions raised in handler callbacks
• Fixed type annotations of the derive(), subgroup() and split() methods to match the ones in typeshed

1.1.2

• Changed handling of exceptions in exception group handler callbacks to not wrap a single exception in an exception group, as per CPython issue 103590 <https://github.com/python/cpython/issues/103590>_

1.1.1

• Worked around CPython issue [#98778](https://github.com/agronholm/exceptiongroup/issues/98778) <https://github.com/python/cpython/issues/98778>_, urllib.error.HTTPError(..., fp=None) raises KeyError on unknown attribute access, on affected Python versions. (PR by Zac Hatfield-Dodds)

1.1.0

... (truncated)

Commits

• b91b7a3 Added the release version
• 521f02f Fixed type errors, added type tests (#118)
• 4639b1e Fixed test failure on Python 3.12.3
• 684b79a Have tox install the package in editable mode
• 9ebe9f5 Updated GitHub actions
• e57b07f [pre-commit.ci] pre-commit autoupdate (#115)
• 8d2f627 [pre-commit.ci] pre-commit autoupdate (#113)
• ee53e9f BaseExceptionGroup.derive should not copy notes (#112)
• 2f23259 Corrected the type annotation for the exception handler callback (#109)
• 0c89199 [pre-commit.ci] pre-commit autoupdate (#110)
• Additional commits viewable in compare view

Updates fastapi from 0.105.0 to 0.110.3

Release notes

Sourced from fastapi's releases.

0.110.3

Latest Changes

Docs

• 📝 Update references to Python version, FastAPI supports all the current versions, no need to make the version explicit. PR #11496 by @​tiangolo.
• ✏️ Fix typo in fastapi/security/api_key.py. PR #11481 by @​ch33zer.
• ✏️ Fix typo in security/http.py. PR #11455 by @​omarmoo5.

Translations

• 🌐 Add Traditional Chinese translation for docs/zh-hant/benchmarks.md. PR #11484 by @​KNChiu.
• 🌐 Update Chinese translation for docs/zh/docs/fastapi-people.md. PR #11476 by @​billzhong.
• 🌐 Add Chinese translation for docs/zh/docs/how-to/index.md and docs/zh/docs/how-to/general.md. PR #11443 by @​billzhong.
• 🌐 Add Spanish translation for cookie-params docs/es/docs/tutorial/cookie-params.md. PR #11410 by @​fabianfalon.

Internal

• ⬆ Bump mkdocstrings[python] from 0.23.0 to 0.24.3. PR #11469 by @​dependabot[bot].
• 🔨 Update internal scripts and remove unused ones. PR #11499 by @​tiangolo.
• 🔧 Migrate from Hatch to PDM for the internal build. PR #11498 by @​tiangolo.
• ⬆️ Upgrade MkDocs Material and re-enable cards. PR #11466 by @​tiangolo.
• ⬆ Bump pillow from 10.2.0 to 10.3.0. PR #11403 by @​dependabot[bot].
• 🔧 Ungroup dependabot updates. PR #11465 by @​tiangolo.

0.110.2

Fixes

• 🐛 Fix support for query parameters with list types, handle JSON encoding Pydantic UndefinedType. PR #9929 by @​arjwilliams.

Refactors

• ♻️ Simplify Pydantic configs in OpenAPI models in fastapi/openapi/models.py. PR #10886 by @​JoeTanto2.
• ✨ Add support for Pydantic's 2.7 new deprecated Field parameter, remove URL from validation errors response. PR #11461 by @​tiangolo.

Docs

• 📝 Fix types in examples under docs_src/extra_data_types. PR #10535 by @​nilslindemann.
• 📝 Update references to UJSON. PR #11464 by @​tiangolo.
• 📝 Tweak docs and translations links, typos, format. PR #11389 by @​nilslindemann.
• 📝 Fix typo in docs/es/docs/async.md. PR #11400 by @​fabianfalon.
• 📝 Update OpenAPI client generation docs to use @hey-api/openapi-ts. PR #11339 by @​jordanshatford.

Translations

• 🌐 Update Chinese translation for docs/zh/docs/index.html. PR #11430 by @​waketzheng.
• 🌐 Add Russian translation for docs/ru/docs/tutorial/dependencies/dependencies-in-path-operation-decorators.md. PR #11411 by @​anton2yakovlev.
• 🌐 Add Portuguese translations for learn/index.md resources/index.md help/index.md about/index.md. PR #10807 by @​nazarepiedady.
• 🌐 Update Russian translations for deployments docs. PR #11271 by @​Lufa1u.
• 🌐 Add Bengali translations for docs/bn/docs/python-types.md. PR #11376 by @​imtiaz101325.

... (truncated)

Commits

• 32be95d 🔖 Release version 0.110.3
• 92b67b1 📝 Update release notes
• e0a9692 📝 Update release notes
• 62f8229 📝 Update release notes
• f49da74 🔨 Update internal scripts and remove unused ones (#11499)
• 13ce009 📝 Update release notes
• 41fcbc7 🔧 Migrate from Hatch to PDM for the internal build (#11498)
• bec2ec7 📝 Update release notes
• 7b55bf3 📝 Update references to Python version, FastAPI supports all the current versi...
• 285ac01 📝 Update release notes
• Additional commits viewable in compare view

Updates httpcore from 1.0.2 to 1.0.5

Release notes

Sourced from httpcore's releases.

Version 1.0.5

1.0.5 (March 27th, 2024)

• Handle EndOfStream for anyio backend. (encode/httpcore#899)
• Allow trio 0.25.* series in package dependancies. (encode/httpcore#903)

Version 1.0.4

1.0.4 (February 21st, 2024)

• Add target request extension. (#888)
• Fix support for connection Upgrade and CONNECT when some data in the stream has been read. (#882)

Version 1.0.3

1.0.3 (February 13th, 2024)

• Fix support for async cancellations. (#880)
• Fix trace extension when used with socks proxy. (#849)
• Fix SSL context for connections using the "wss" scheme (#869)

Changelog

Sourced from httpcore's changelog.

1.0.5 (March 27th, 2024)

• Handle EndOfStream exception for anyio backend. (#899)
• Allow trio 0.25.* series in package dependancies. (#903)

1.0.4 (February 21st, 2024)

• Add target request extension. (#888)
• Fix support for connection Upgrade and CONNECT when some data in the stream has been read. (#882)

1.0.3 (February 13th, 2024)

• Fix support for async cancellations. (#880)
• Fix trace extension when used with socks proxy. (#849)
• Fix SSL context for connections using the "wss" scheme (#869)

Commits

• 1851ac3 Version 1.0.5 (#904)
• 4565838 Update trio dependency... (#903)
• fbbd909 Handle EndOfStream for anyio backend (#899)
• 10481ce Fixed typo in Request class docstring. (#898)
• 7b39e6a Bump the python-packages group with 6 updates (#896)
• 5c9be94 bump to v0.3.0 && format (#895)
• 5518172 Move unasync.py to scripts (#891)
• 14bda52 Version 1.0.4 (#892)
• 80d21ee Add target request extension (#888)
• accae7b Fix support for connection Upgrade and CONNECT when some data in the stream h...
• Additional commits viewable in compare view

Updates httpx from 0.26.0 to 0.27.0

Release notes

Sourced from httpx's releases.

Version 0.27.0

0.27.0 (21st February, 2024)

Deprecated

• The app=... shortcut has been deprecated. Use the explicit style of transport=httpx.WSGITransport() or transport=httpx.ASGITransport() instead.

Fixed

• Respect the http1 argument while configuring proxy transports. (#3023)
• Fix RFC 2069 mode digest authentication. (#3045)

Changelog

Sourced from httpx's changelog.

0.27.0 (21st February, 2024)

Deprecated

• The app=... shortcut has been deprecated. Use the explicit style of transport=httpx.WSGITransport() or transport=httpx.ASGITransport() instead.

Fixed

• Respect the http1 argument while configuring proxy transports. (#3023)
• Fix RFC 2069 mode digest authentication. (#3045)

Commits

• 326b943 Version 0.27.0 (#3095)
• 3faa4a8 Improve 'Custom transports' docs (#3081)
• c51af4b Extensions docs (#3080)
• cabd1c0 Deprecate app=... in favor of explicit WSGITransport/ASGITransport. (#3...
• 6f46152 Bump the python-packages group with 6 updates (#3077)
• 37a2901 Mention NO_PROXY environment variable on Advanced Usage page (#3066)
• 371b6e9 Use __future__.annotations (#3068)
• 4f6edf3 test parse_header_links via public api (#3061)
• c7cd6aa test obfuscate_sensitive_headers via public api (#3063)
• 15f9253 Drop outdated section (#3057)
• Additional commits viewable in compare view

Updates idna from 3.6 to 3.7

Release notes

Sourced from idna's releases.

v3.7

What's Changed

• Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

Changelog

Sourced from idna's changelog.

3.7 (2024-04-11) ++++++++++++++++

• Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Commits

• 1d365e1 Release v3.7
• c1b3154 Merge pull request #172 from kjd/optimize-contextj
• 0394ec7 Merge branch 'master' into optimize-contextj
• cd58a23 Merge pull request #152 from elliotwutingfeng/dev
• 5beb28b More efficient resolution of joiner contexts
• 1b12148 Update ossf/scorecard-action to v2.3.1
• d516b87 Update Github actions/checkout to v4
• c095c75 Merge branch 'master' into dev
• 60a0a4c Fix typo in GitHub Actions workflow key
• 5918a0e Merge branch 'master' into dev
• Additional commits viewable in compare view

Updates llvmlite from 0.41.1 to 0.42.0

Commits

• b2a26aa Merge pull request #1029 from stuartarchibald/wip/change_log_0_42_0_final
• 2c3dae0 Update CHANGE_LOG for 0.42.0 final.
• c0c7726 Initialize 0.42 branch
• f22420a Merge pull request #1021 from gmarkall/release-notes-042
• 83a8829 Update CHANGE_LOG
• ab073f5 Add release notes for 0.42.0rc1
• 4292eea Merge pull request #978 from tbennun/type-query-4
• 80bb55b Add test for is_function_vararg on non-function type
• fe53feb Merge remote-tracking branch 'origin/main' into pr/978
• e70590f Merge pull request #1019 from diptorupd/add_convergent_attribute
• Additional commits viewable in compare view

Updates motor from 3.3.2 to 3.4.0

Release notes

Sourced from motor's releases.

Motor 3.4.0

Community post: https://www.mongodb.com/community/forums/t/motor-3-4-0-release/272987

Changelog

Sourced from motor's changelog.

Motor 3.4.0

• Type hint bug fixes and improvements. Added typings to classes in motor_tornado and motor_asyncio.

Commits

• 19eeb29 BUMP 3.4.0
• 72e8655 MOTOR-1286 Update Changelog for 3.4.0 (#273)
• 0f1a6cd [Motor-1175] Document Network Compression (#271)
• 7bcea04 MOTOR-1279 Improve Motor Typing (#269)
• f4832d9 MOTOR-1284 Fix Cryptography Install on PyPy3.8 (#270)
• 2d35987 [MOTOR-1269] Exclude Synchro test TestUnifiedInterruptInUsePoolClear (#268)
• 1414d0f MOTOR-1282 Stop using filemd5 in docs example for db.command (#267)
• 9d00dd2 MOTOR-1277 Limit when pull request-specific tasks are run (#266)
• 228e76a MOTOR-1271 Use GitHub App to Auto Assign Reviewer (#265)
• e8a6d6d MOTOR-1257 key_id can be passed as UUID with pymongo>=4.7 (#264)
• Additional commits viewable in compare view

Updates numba from 0.58.1 to 0.59.1

Release notes

Sourced from numba's releases.

Numba 0.59.1

Numba patch release.

Numba 0.59.0

Major Numba release supporting Python 3.12

Commits

• 9ce83ef Merge pull request #9480 from sklam/misc/rel0.59.1_patches
• 58b4954 Update docs/source/user/installing.rst
• b39bdf2 Reduce thread use to avoid stuck in TBB on machines with high thread count.
• 3411945 Bump release date
• db03908 Skip test_issue9490_non_det_ssa_problem for PPC
• d39f16b Update changelog
• a0eb243 Merge pull request #9491 from sklam/fix/iss9490
• e503a5d Remove release notes for 0.59.1
• 80211ed Add 0.59.1 release note
• aae4820 Remove notes from 0.59.0
• Additional commits viewable in compare view

Updates numpy from 1.26.2 to 1.26.4

Release notes

Sourced from numpy's releases.

v1.26.4

NumPy 1.26.4 Release Notes

NumPy 1.26.4 is a maintenance release that fixes bugs and regressions discovered after the 1.26.3 release. The Python versions supported by this release are 3.9-3.12. This is the last planned release in the 1.26.x series.

Contributors

A total of 13 people contributed to this release. People with a "+" by their names contributed a...

Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.