Scheduled weekly dependency update for week 30

[pyup-bot]

Update attrs from 18.1.0 to 19.1.0.

Changelog

19.1.0

-------------------

Backward-incompatible Changes
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- Fixed a bug where deserialized objects with ``cache_hash=True`` could have incorrect hash code values.
This change breaks classes with ``cache_hash=True`` when a custom ``__setstate__`` is present.
An exception will be thrown when applying the ``attrs`` annotation to such a class.
This limitation is tracked in issue `494 <https://github.com/python-attrs/attrs/issues/494>`_.
`482 <https://github.com/python-attrs/attrs/issues/482>`_


Changes
^^^^^^^

- Add ``is_callable``, ``deep_iterable``, and ``deep_mapping`` validators.

* ``is_callable``: validates that a value is callable
* ``deep_iterable``: Allows recursion down into an iterable,
 applying another validator to every member in the iterable
 as well as applying an optional validator to the iterable itself.
* ``deep_mapping``: Allows recursion down into the items in a mapping object,
 applying a key validator and a value validator to the key and value in every item.
 Also applies an optional validator to the mapping object itself.

You can find them in the ``attr.validators`` package.
`425 <https://github.com/python-attrs/attrs/issues/425>`_
- Fixed stub files to prevent errors raised by mypy's ``disallow_any_generics = True`` option.
`443 <https://github.com/python-attrs/attrs/issues/443>`_
- Attributes with ``init=False`` now can follow after ``kw_only=True`` attributes.
`450 <https://github.com/python-attrs/attrs/issues/450>`_
- ``attrs`` now has first class support for defining exception classes.

If you define a class using ``attr.s(auto_exc=True)`` and subclass an exception, the class will behave like a well-behaved exception class including an appropriate ``__str__`` method, and all attributes additionally available in an ``args`` attribute.
`500 <https://github.com/python-attrs/attrs/issues/500>`_
- Clarified documentation for hashing to warn that hashable objects should be deeply immutable (in their usage, even if this is not enforced).
`503 <https://github.com/python-attrs/attrs/issues/503>`_


----

18.2.0

-------------------

Deprecations
^^^^^^^^^^^^

- Comparing subclasses using ``<``, ``>``, ``<=``, and ``>=`` is now deprecated.
The docs always claimed that instances are only compared if the types are identical, so this is a first step to conform to the docs.

Equality operators (``==`` and ``!=``) were always strict in this regard.
`394 <https://github.com/python-attrs/attrs/issues/394>`_


Changes
^^^^^^^

- ``attrs`` now ships its own `PEP 484 <https://www.python.org/dev/peps/pep-0484/>`_ type hints.
Together with `mypy <http://mypy-lang.org>`_'s ``attrs`` plugin, you've got all you need for writing statically typed code in both Python 2 and 3!

At that occasion, we've also added `narrative docs <https://www.attrs.org/en/stable/types.html>`_ about type annotations in ``attrs``.
`238 <https://github.com/python-attrs/attrs/issues/238>`_
- Added *kw_only* arguments to ``attr.ib`` and ``attr.s``, and a corresponding *kw_only* attribute to ``attr.Attribute``.
This change makes it possible to have a generated ``__init__`` with keyword-only arguments on Python 3, relaxing the required ordering of default and non-default valued attributes.
`281 <https://github.com/python-attrs/attrs/issues/281>`_,
`411 <https://github.com/python-attrs/attrs/issues/411>`_
- The test suite now runs with ``hypothesis.HealthCheck.too_slow`` disabled to prevent CI breakage on slower computers.
`364 <https://github.com/python-attrs/attrs/issues/364>`_,
`396 <https://github.com/python-attrs/attrs/issues/396>`_
- ``attr.validators.in_()`` now raises a ``ValueError`` with a useful message even if the options are a string and the value is not a string.
`383 <https://github.com/python-attrs/attrs/issues/383>`_
- ``attr.asdict()`` now properly handles deeply nested lists and dictionaries.
`395 <https://github.com/python-attrs/attrs/issues/395>`_
- Added ``attr.converters.default_if_none()`` that allows to replace ``None`` values in attributes.
For example ``attr.ib(converter=default_if_none(""))`` replaces ``None`` by empty strings.
`400 <https://github.com/python-attrs/attrs/issues/400>`_,
`414 <https://github.com/python-attrs/attrs/issues/414>`_
- Fixed a reference leak where the original class would remain live after being replaced when ``slots=True`` is set.
`407 <https://github.com/python-attrs/attrs/issues/407>`_
- Slotted classes can now be made weakly referenceable by passing ``attr.s(weakref_slot=True)``.
`420 <https://github.com/python-attrs/attrs/issues/420>`_
- Added *cache_hash* option to ``attr.s`` which causes the hash code to be computed once and stored on the object.
`425 <https://github.com/python-attrs/attrs/issues/425>`_
- Attributes can be named ``property`` and ``itemgetter`` now.
`430 <https://github.com/python-attrs/attrs/issues/430>`_
- It is now possible to override a base class' class variable using only class annotations.
`431 <https://github.com/python-attrs/attrs/issues/431>`_


----

Links

• PyPI: https://pypi.org/project/attrs
• Changelog: https://pyup.io/changelogs/attrs/
• Homepage: https://www.attrs.org/

Update cffi from 1.11.5 to 1.12.3.

Changelog

1.12.3

=======

* Fix for nested struct types that end in a var-sized array (405).

* Add support for using ``U`` and ``L`` characters at the end of integer
constants in ``ffi.cdef()`` (thanks Guillaume).

* More 3.8 fixes.

1.12.2

=======

* Added temporary workaround to compile on CPython 3.8.0a2.

1.12.1

=======

* CPython 3 on Windows: we again no longer compile with ``Py_LIMITED_API``
by default because such modules *still* cannot be used with virtualenv.
The problem is that it doesn't work in CPython <= 3.4, and for
technical reason we can't enable this flag automatically based on the
version of Python.

Like before, `Issue 350`_ mentions a workaround if you still want
the ``Py_LIMITED_API`` flag and *either* you are not concerned about
virtualenv *or* you are sure your module will not be used on CPython
<= 3.4: pass ``define_macros=[("Py_LIMITED_API", None)]`` to the
``ffibuilder.set_source()`` call.

1.12

=====

* `Direct support for pkg-config`__.

* ``ffi.from_buffer()`` takes a new optional *first* argument that gives
the array type of the result.  It also takes an optional keyword argument
``require_writable`` to refuse read-only Python buffers.

* ``ffi.new()``, ``ffi.gc()`` or ``ffi.from_buffer()`` cdata objects
can now be released at known times, either by using the ``with``
keyword or by calling the new ``ffi.release()``.

* Windows, CPython 3.x: cffi modules are linked with ``python3.dll``
again.  This makes them independant on the exact CPython version,
like they are on other platforms.  **It requires virtualenv 16.0.0.**

* Accept an expression like ``ffi.new("int[4]", p)`` if ``p`` is itself
another cdata ``int[4]``.

* CPython 2.x: ``ffi.dlopen()`` failed with non-ascii file names on Posix

* CPython: if a thread is started from C and then runs Python code (with
callbacks or with the embedding solution), then previous versions of
cffi would contain possible crashes and/or memory leaks.  Hopefully,
this has been fixed (see `issue 362`_).

* Support for ``ffi.cdef(..., pack=N)`` where N is a power of two.
Means to emulate ``pragma pack(N)`` on MSVC.  Also, the default on
Windows is now ``pack=8``, like on MSVC.  This might make a difference
in corner cases, although I can't think of one in the context of CFFI.
The old way ``ffi.cdef(..., packed=True)`` remains and is equivalent
to ``pack=1`` (saying e.g. that fields like ``int`` should be aligned
to 1 byte instead of 4).

.. __: cdef.htmlpkgconfig
.. _`issue 362`: https://bitbucket.org/cffi/cffi/issues/362/


Older Versions
==============

Links

• PyPI: https://pypi.org/project/cffi
• Changelog: https://pyup.io/changelogs/cffi/
• Docs: http://cffi.readthedocs.org

Update cryptography from 2.3.1 to 2.7.

Changelog

2.7

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1``
wheels. Continuing to produce them was a maintenance burden.
* **BACKWARDS INCOMPATIBLE:** Removed the
``cryptography.hazmat.primitives.mac.MACContext`` interface. The ``CMAC`` and
``HMAC`` APIs have not changed, but they are no longer registered as
``MACContext`` instances.
* Removed support for running our tests with ``setup.py test``. Users
interested in running our tests can continue to follow the directions in our
:doc:`development documentation</development/getting-started>`.
* Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305`
when using OpenSSL 1.1.1 or newer.
* Support serialization with ``Encoding.OpenSSH`` and ``PublicFormat.OpenSSH``
in
:meth:`Ed25519PublicKey.public_bytes
<cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes>`
.
* Correctly allow passing a ``SubjectKeyIdentifier`` to
:meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`
and deprecate passing an ``Extension`` object. The documentation always
required ``SubjectKeyIdentifier`` but the implementation previously
required an ``Extension``.

.. _v2-6-1:

2.6.1

~~~~~~~~~~~~~~~~~~

* Resolved an error in our build infrastructure that broke our Python3 wheels
for macOS and Linux.

.. _v2-6:

2.6

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Removed
``cryptography.hazmat.primitives.asymmetric.utils.encode_rfc6979_signature``
and
``cryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature``,
which had been deprecated for nearly 4 years. Use
:func:`~cryptography.hazmat.primitives.asymmetric.utils.encode_dss_signature`
and
:func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature`
instead.
* **BACKWARDS INCOMPATIBLE**: Removed ``cryptography.x509.Certificate.serial``,
which had been deprecated for nearly 3 years. Use
:attr:`~cryptography.x509.Certificate.serial_number` instead.
* Updated Windows, macOS, and ``manylinux1`` wheels to be compiled with
OpenSSL 1.1.1b.
* Added support for :doc:`/hazmat/primitives/asymmetric/ed448` when using
OpenSSL 1.1.1b or newer.
* Added support for :doc:`/hazmat/primitives/asymmetric/ed25519` when using
OpenSSL 1.1.1b or newer.
* :func:`~cryptography.hazmat.primitives.serialization.load_ssh_public_key` can
now load ``ed25519`` public keys.
* Add support for easily mapping an object identifier to its elliptic curve
class via
:func:`~cryptography.hazmat.primitives.asymmetric.ec.get_curve_for_oid`.
* Add support for OpenSSL when compiled with the ``no-engine``
(``OPENSSL_NO_ENGINE``) flag.

.. _v2-5:

2.5

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** :term:`U-label` strings were deprecated in
version 2.1, but this version removes the default ``idna`` dependency as
well. If you still need this deprecated path please install cryptography
with the ``idna`` extra: ``pip install cryptography[idna]``.
* **BACKWARDS INCOMPATIBLE:** The minimum supported PyPy version is now 5.4.
* Numerous classes and functions have been updated to allow :term:`bytes-like`
types for keying material and passwords, including symmetric algorithms, AEAD
ciphers, KDFs, loading asymmetric keys, and one time password classes.
* Updated Windows, macOS, and ``manylinux1`` wheels to be compiled with
OpenSSL 1.1.1a.
* Added support for :class:`~cryptography.hazmat.primitives.hashes.SHA512_224`
and :class:`~cryptography.hazmat.primitives.hashes.SHA512_256` when using
OpenSSL 1.1.1.
* Added support for :class:`~cryptography.hazmat.primitives.hashes.SHA3_224`,
:class:`~cryptography.hazmat.primitives.hashes.SHA3_256`,
:class:`~cryptography.hazmat.primitives.hashes.SHA3_384`, and
:class:`~cryptography.hazmat.primitives.hashes.SHA3_512` when using OpenSSL
1.1.1.
* Added support for :doc:`/hazmat/primitives/asymmetric/x448` when using
OpenSSL 1.1.1.
* Added support for :class:`~cryptography.hazmat.primitives.hashes.SHAKE128`
and :class:`~cryptography.hazmat.primitives.hashes.SHAKE256` when using
OpenSSL 1.1.1.
* Added initial support for parsing PKCS12 files with
:func:`~cryptography.hazmat.primitives.serialization.pkcs12.load_key_and_certificates`.
* Added support for :class:`~cryptography.x509.IssuingDistributionPoint`.
* Added ``rfc4514_string()`` method to
:meth:`x509.Name <cryptography.x509.Name.rfc4514_string>`,
:meth:`x509.RelativeDistinguishedName
<cryptography.x509.RelativeDistinguishedName.rfc4514_string>`, and
:meth:`x509.NameAttribute <cryptography.x509.NameAttribute.rfc4514_string>`
to format the name or component an :rfc:`4514` Distinguished Name string.
* Added
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point`,
which immediately checks if the point is on the curve and supports compressed
points. Deprecated the previous method
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers.from_encoded_point`.
* Added :attr:`~cryptography.x509.ocsp.OCSPResponse.signature_hash_algorithm`
to ``OCSPResponse``.
* Updated :doc:`/hazmat/primitives/asymmetric/x25519` support to allow
additional serialization methods. Calling
:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PublicKey.public_bytes`
with no arguments has been deprecated.
* Added support for encoding compressed and uncompressed points via
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.public_bytes`. Deprecated the previous method
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers.encode_point`.


.. _v2-4-2:

2.4.2

~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and ``manylinux1`` wheels to be compiled with
OpenSSL 1.1.0j.

.. _v2-4-1:

2.4.1

~~~~~~~~~~~~~~~~~~

* Fixed a build breakage in our ``manylinux1`` wheels.

.. _v2-4:

2.4

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.4.x.
* Deprecated OpenSSL 1.0.1 support. OpenSSL 1.0.1 is no longer supported by
the OpenSSL project. At this time there is no time table for dropping
support, however we strongly encourage all users to upgrade or install
``cryptography`` from a wheel.
* Added initial :doc:`OCSP </x509/ocsp>` support.
* Added support for :class:`~cryptography.x509.PrecertPoison`.

.. _v2-3-1:

Links

• PyPI: https://pypi.org/project/cryptography
• Changelog: https://pyup.io/changelogs/cryptography/
• Repo: https://github.com/pyca/cryptography

Update hyperlink from 18.0.0 to 19.0.0.

Changelog

19.0.0

*(April 7, 2019)*

A queryparameter-centric release, with two small enhancements:

* "equals sign" characters in uery parameter values are no longer
escaped. (see
[39](https://github.com/python-hyper/hyperlink/pull/39))
* `URL.remove()` now accepts *value* and *limit* parameters, allowing
for removal of specific name-value pairs, as well as limiting the
number of removals. (see [71](https://github.com/python-hyper/hyperlink/pull/71))

Links

• PyPI: https://pypi.org/project/hyperlink
• Changelog: https://pyup.io/changelogs/hyperlink/
• Repo: https://github.com/python-hyper/hyperlink

Update idna from 2.7 to 2.8.

Changelog

2.8

++++++++++++++++

- Update to Unicode 11.0.0.
- Provide more specific exceptions for some malformed labels.

Links

• PyPI: https://pypi.org/project/idna
• Changelog: https://pyup.io/changelogs/idna/
• Repo: https://github.com/kjd/idna

Update ipaddress from 1.0.21 to 1.0.22.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/ipaddress
• Repo: https://github.com/phihag/ipaddress

Update lxml from 4.2.4 to 4.4.0.

Changelog

4.4.0

==================

Features added
--------------

* ``Element.clear()`` accepts a new keyword argument ``keep_tail=True`` to
clear everything but the tail text.  This is helpful in some document-style
use cases.

* When creating attributes or namespaces from a dict in Python 3.6+, lxml now
preserves the original insertion order of that dict, instead of always sorting
the items by name.  A similar change was made for ElementTree in CPython 3.8.
See https://bugs.python.org/issue34160

* Integer elements in ``lxml.objectify`` implement the ``__index__()`` special method.

* GH269: Read-only elements in XSLT were missing the ``nsmap`` property.
Original patch by Jan Pazdziora.

* ElementInclude can now restrict the maximum inclusion depth via a ``max_depth``
argument to prevent content explosion.  It is limited to 6 by default.

* The ``target`` object of the XMLParser can have ``start_ns()`` and ``end_ns()``
callback methods to listen to namespace declarations.

* The ``TreeBuilder`` has new arguments ``comment_factory`` and ``pi_factory`` to
pass factories for creating comments and processing instructions, as well as
flag arguments ``insert_comments`` and ``insert_pis`` to discard them from the
tree when set to false.

* A `C14N 2.0 <https://www.w3.org/TR/xml-c14n2/>`_ implementation was added as
``etree.canonicalize()``, a corresponding ``C14NWriterTarget`` class, and
a ``c14n2`` serialisation method.

Bugs fixed
----------

* When writing to file paths that contain the URL escape character '%', the file
path could wrongly be mangled by URL unescaping and thus write to a different
file or directory.  Code that writes to file paths that are provided by untrusted
sources, but that must work with previous versions of lxml, should best either
reject paths that contain '%' characters, or otherwise make sure that the path
does not contain maliciously injected '%XX' URL hex escapes for paths like '../'.

* Assigning to Element child slices with negative step could insert the slice at
the wrong position, starting too far on the left.

* Assigning to Element child slices with overly large step size could take very
long, regardless of the length of the actual slice.

* Assigning to Element child slices of the wrong size could sometimes fail to
raise a ValueError (like a list assignment would) and instead assign outside
of the original slice bounds or leave parts of it unreplaced.

* The ``comment`` and ``pi`` events in ``iterwalk()`` were never triggered, and
instead, comments and processing instructions in the tree were reported as
``start`` elements.  Also, when walking an ElementTree (as opposed to its root
element), comments and PIs outside of the root element are now reported.

* LP1827833: The RelaxNG compact syntax support was broken with recent versions
of ``rnc2rng``.

* LP1758553: The HTML elements ``source`` and ``track`` were added to the list
of empty tags in ``lxml.html.defs``.

* Registering a prefix other than "xml" for the XML namespace is now rejected.

* Failing to write XSLT output to a file could raise a misleading exception.
It now raises ``IOError``.

Other changes
-------------

* Support for Python 3.4 was removed.

* When using ``Element.find*()`` with prefix-namespace mappings, the empty string
is now accepted to define a default namespace, in addition to the previously
supported ``None`` prefix.  Empty strings are more convenient since they keep
all prefix keys in a namespace dict strings, which simplifies sorting etc.

* The ``ElementTree.write_c14n()`` method has been deprecated in favour of the
long preferred ``ElementTree.write(f, method="c14n")``.  It will be removed
in a future release.

4.3.5

==================

* Rebuilt with Cython 0.29.13 to support Python 3.8.

4.3.4

==================

* Rebuilt with Cython 0.29.10 to support Python 3.8.

4.3.3

==================

Bugs fixed
----------

* Fix leak of output buffer and unclosed files in ``_XSLTResultTree.write_output()``.

4.3.2

==================

Bugs fixed
----------

* Crash in 4.3.1 when appending a child subtree with certain text nodes.

Other changes
-------------

* Built with Cython 0.29.6.

4.3.1

==================

Bugs fixed
----------

* LP1814522: Crash when appending a child subtree that contains unsubstituted
entity references.

Other changes
-------------

* Built with Cython 0.29.5.

4.3.0

==================

Features added
--------------

* The module ``lxml.sax`` is compiled using Cython in order to speed it up.

* GH267: ``lxml.sax.ElementTreeProducer`` now preserves the namespace prefixes.
If two prefixes point to the same URI, the first prefix in alphabetical order
is used.  Patch by Lennart Regebro.

* Updated ISO-Schematron implementation to 2013 version (now MIT licensed)
and the corresponding schema to the 2016 version (with optional "properties").

Other changes
-------------

* GH270, GH271: Support for Python 2.6 and 3.3 was removed.
Patch by hugovk.

* The minimum dependency versions were raised to libxml2 2.9.2 and libxslt 1.1.27,
which were released in 2014 and 2012 respectively.

* Built with Cython 0.29.2.

4.2.6

==================

Bugs fixed
----------

* LP1799755: Fix a DeprecationWarning in Py3.7+.

* Import warnings in Python 3.6+ were resolved.

4.2.5

==================

Bugs fixed
----------

* Javascript URLs that used URL escaping were not removed by the HTML cleaner.
Security problem found by Omar Eissa.  (CVE-2018-19787)

Links

• PyPI: https://pypi.org/project/lxml
• Changelog: https://pyup.io/changelogs/lxml/
• Homepage: http://lxml.de/

Update olefile from 0.45.1 to 0.46.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/olefile
• Changelog: https://pyup.io/changelogs/olefile/
• Repo: https://github.com/decalage2/olefile/tarball/master
• Homepage: https://www.decalage.info/python/olefileio

Update pillow from 5.2.0 to 6.1.0.

Changelog

6.1.0

------------------

- Deprecate Image.__del__ 3929
[jdufresne]

- Tiff: Add support for JPEG quality 3886
[olt]

- Respect the PKG_CONFIG environment variable when building 3928
[chewi]

- Use explicit memcpy() to avoid unaligned memory accesses 3225
[DerDakon]

- Improve encoding of TIFF tags 3861
[olt]

- Update Py_UNICODE to Py_UCS4 3780
[nulano]

- Consider I;16 pixel size when drawing 3899
[radarhere]

- Add TIFFTAG_SAMPLEFORMAT to blocklist 3926
[cgohlke, radarhere]

- Create GIF deltas from background colour of GIF frames if disposal mode is 2 3708
[sircinnamon, radarhere]

- Added ImageSequence all_frames 3778
[radarhere]

- Use unsigned int to store TIFF IFD offsets 3923
[cgohlke]

- Include CPPFLAGS when searching for libraries 3819
[jefferyto]

- Updated TIFF tile descriptors to match current decoding functionality 3795
[dmnisson]

- Added an `image.entropy()` method (second revision) 3608
[fish2000]

- Pass the correct types to PyArg_ParseTuple 3880
[QuLogic]

- Fixed crash when loading non-font bytes 3912
[radarhere]

- Fix SPARC memory alignment issues in Pack/Unpack functions 3858
[kulikjak]

- Added CMYK;16B and CMYK;16N unpackers 3913
[radarhere]

- Fixed bugs in calculating text size 3864
[radarhere]

- Add __main__.py to output basic format and support information 3870
[jdufresne]

- Added variation font support 3802
[radarhere]

- Do not down-convert if image is LA when showing with PNG format 3869
[radarhere]

- Improve handling of PSD frames 3759
[radarhere]

- Improved ICO and ICNS loading 3897
[radarhere]

- Changed Preview application path so that it is no longer static 3896
[radarhere]

- Corrected ttb text positioning 3856
[radarhere]

- Handle unexpected ICO image sizes 3836
[radarhere]

- Fixed bits value for RGB;16N unpackers 3837
[kkopachev]

- Travis CI: Add Fedora 30, remove Fedora 28 3821
[hugovk]

- Added reading of CMYK;16L TIFF images 3817
[radarhere]

- Fixed dimensions of 1-bit PDFs 3827
[radarhere]

- Fixed opening mmap image through Path on Windows 3825
[radarhere]

- Fixed ImageDraw arc gaps 3824
[radarhere]

- Expand GIF to include frames with extents outside the image size 3822
[radarhere]

- Fixed ImageTk getimage 3814
[radarhere]

- Fixed bug in decoding large images 3791
[radarhere]

- Fixed reading APP13 marker without Photoshop data 3771
[radarhere]

- Added option to include layered windows in ImageGrab.grab on Windows 3808
[radarhere]

- Detect libimagequant when installed by pacman on MingW 3812
[radarhere]

- Fixed raqm layout bug 3787
[radarhere]

- Fixed loading font with non-Unicode path on Windows 3785
[radarhere]

- Travis CI: Upgrade PyPy from 6.0.0 to 7.1.1 3783
[hugovk, johnthagen]

- Depends: Updated openjpeg to 2.3.1 3794, raqm to 0.7.0 3877, libimagequant to 2.12.3 3889
[radarhere]

- Fix numpy bool bug 3790
[radarhere]

6.0.0

------------------

- Python 2.7 support will be removed in Pillow 7.0.0 3682
[hugovk]

- Add EXIF class 3625
[radarhere]

- Add ImageOps exif_transpose method 3687
[radarhere]

- Added warnings to deprecated CMSProfile attributes 3615
[hugovk]

- Documented reading TIFF multiframe images 3720
[akuchling]

- Improved speed of opening an MPO file 3658
[Glandos]

- Update palette in quantize 3721
[radarhere]

- Improvements to TIFF is_animated and n_frames 3714
[radarhere]

- Fixed incompatible pointer type warnings 3754
[radarhere]

- Improvements to PA and LA conversion and palette operations 3728
[radarhere]

- Consistent DPI rounding 3709
[radarhere]

- Change size of MPO image to match frame 3588
[radarhere]

- Read Photoshop resolution data 3701
[radarhere]

- Ensure image is mutable before saving 3724
[radarhere]

- Correct remap_palette documentation 3740
[radarhere]

- Promote P images to PA in putalpha 3726
[radarhere]

- Allow RGB and RGBA values for new P images 3719
[radarhere]

- Fixed TIFF bug when seeking backwards and then forwards 3713
[radarhere]

- Cache EXIF information 3498
[Glandos]

- Added transparency for all PNG greyscale modes 3744
[radarhere]

- Fix deprecation warnings in Python 3.8 3749
[radarhere]

- Fixed GIF bug when rewinding to a non-zero frame 3716
[radarhere]

- Only close original fp in __del__ and __exit__ if original fp is exclusive 3683
[radarhere]

- Fix BytesWarning in Tests/test_numpy.py 3725
[jdufresne]

- Add missing MIME types and extensions 3520
[pirate486743186]

- Add I;16 PNG save 3566
[radarhere]

- Add support for BMP RGBA bitfield compression 3705
[radarhere]

- Added ability to set language for text rendering 3693
[iwsfutcmd]

- Only close exclusive fp on Image __exit__ 3698
[radarhere]

- Changed EPS subprocess stdout from devnull to None 3635
[radarhere]

- Add reading old-JPEG compressed TIFFs 3489
[kkopachev]

- Add EXIF support for PNG 3674
[radarhere]

- Add option to set dither param on quantize 3699
[glasnt]

- Add reading of DDS uncompressed RGB data 3673
[radarhere]

- Correct length of Tiff BYTE tags 3672
[radarhere]

- Add DIB saving and loading through Image open 3691
[radarhere]

- Removed deprecated VERSION 3624
[hugovk]

- Fix 'BytesWarning: Comparison between bytes and string' in PdfDict 3580
[jdufresne]

- Do not resize in Image.thumbnail if already the destination size 3632
[radarhere]

- Replace .seek() magic numbers with io.SEEK_* constants 3572
[jdufresne]

- Make ContainerIO.isatty() return a bool, not int 3568
[jdufresne]

- Add support to all transpose operations for I;16 modes 3563, 3741
[radarhere]

- Deprecate support for PyQt4 and PySide 3655
[hugovk, radarhere]

- Add TIFF compression codecs: LZMA, Zstd, WebP 3555
[cgohlke]

- Fixed pickling of iTXt class with protocol > 1 3537
[radarhere]

- _util.isPath returns True for pathlib.Path objects 3616
[wbadart]

- Remove unnecessary unittest.main() boilerplate from test files 3631
[jdufresne]

- Exif: Seek to IFD offset 3584
[radarhere]

- Deprecate PIL.*ImagePlugin.__version__ attributes 3628
[jdufresne]

- Docs: Add note about ImageDraw operations that exceed image bounds 3620
[radarhere]

- Allow for unknown PNG chunks after image data 3558
[radarhere]

- Changed EPS subprocess stdin from devnull to None 3611
[radarhere]

- Fix possible integer overflow 3609
[cgohlke]

- Catch BaseException for resource cleanup handlers 3574
[jdufresne]

- Improve pytest configuration to allow specific tests as CLI args 3579
[jdufresne]

- Drop support for Python 3.4 3596
[hugovk]

- Remove deprecated PIL.OleFileIO 3598
[hugovk]

- Remove deprecated ImageOps undocumented functions 3599
[hugovk]

- Depends: Update libwebp to 1.0.2 3602
[radarhere]

- Detect MIME types 3525
[radarhere]

5.4.1

------------------

- File closing: Only close __fp if not fp 3540
[radarhere]

- Fix build for Termux 3529
[pslacerda]

- PNG: Detect MIME types 3525
[radarhere]

- PNG: Handle IDAT chunks after image end 3532
[radarhere]

5.4.0

------------------

- Docs: Improved ImageChops documentation 3522
[radarhere]

- Allow RGB and RGBA values for P image putpixel 3519
[radarhere]

- Add APNG extension to PNG plugin 3501
[pirate486743186, radarhere]

- Lookup ld.so.cache instead of hardcoding search paths 3245
[pslacerda]

- Added custom string TIFF tags 3513
[radarhere]

- Improve setup.py configuration 3395
[diorcety]

- Read textual chunks located after IDAT chunks for PNG 3506
[radarhere]

- Performance: Don't try to hash value if enum is empty 3503
[Glandos]

- Added custom int and float TIFF tags 3350
[radarhere]

- Fixes for issues reported by static code analysis 3393
[frenzymadness]

- GIF: Wait until mode is normalized to copy im.info into encoderinfo 3187
[radarhere]

- Docs: Add page of deprecations and removals 3486
[hugovk]

- Travis CI: Upgrade PyPy from 5.8.0 to 6.0 3488
[hugovk]

- Travis CI: Allow lint job to fail 3467
[hugovk]

- Resolve __fp when closing and deleting 3261
[radarhere]

- Close exclusive fp before discarding 3461
[radarhere]

- Updated open files documentation 3490
[radarhere]

- Added libjpeg_turbo to check_feature 3493
[radarhere]

- Change color table index background to tuple when saving as WebP 3471
[radarhere]

- Allow arbitrary number of comment extension subblocks 3479
[radarhere]

- Ensure previous FLI frame is loaded before seeking to the next 3478
[radarhere]

- ImageShow improvements 3450
[radarhere]

- Depends: Update libimagequant to 2.12.2 3442, libtiff to 4.0.10 3458, libwebp to 1.0.1 3468, Tk Tcl to 8.6.9 3465
[radarhere]

- Check quality_layers type 3464
[radarhere]

- Add context manager, __del__ and close methods to TarIO 3455
[radarhere]

- Test: Do not play sound when running screencapture command 3454
[radarhere]

- Close exclusive fp on open exception 3456
[radarhere]

- Only close existing fp in WebP if fp is exclusive 3418
[radarhere]

- Docs: Re-add the downloads badge 3443
[hugovk]

- Added negative index to PixelAccess 3406
[Nazime]

- Change tuple background to global color table index when saving as GIF 3385
[radarhere]

- Test: Improved ImageGrab tests 3424
[radarhere]

- Flake8 fixes 3422, 3440
[radarhere, hugovk]

- Only ask for YCbCr->RGB libtiff conversion for jpeg-compressed tiffs 3417
[kkopachev]

- Optimise ImageOps.fit by combining resize and crop 3409
[homm]

5.3.0

------------------

- Changed Image size property to be read-only by default 3203
[radarhere]

- Add warnings if image file identification fails due to lack of WebP support 3169
[radarhere, hugovk]

- Hide the Ghostscript progress dialog popup on Windows 3378
[hugovk]

- Adding support to reading tiled and YcbCr jpeg tiffs through libtiff 3227
[kkopachev]

- Fixed None as TIFF compression argument 3310
[radarhere]

- Changed GIF seek to remove previous info items 3324
[radarhere]

- Improved PDF document info 3274
[radarhere]

- Add line width parameter to rectangle and ellipse-based shapes 3094
[hugovk, radarhere]

- Fixed decompression bomb check in _crop 3313
[dinkolubina, hugovk]

- Added support to ImageDraw.floodfill for non-RGB colors 3377
[radarhere]

- Tests: Avoid catching unexpected exceptions in tests 2203
[jdufresne]

- Use TextIOWrapper.detach() instead of NoCloseStream 2214
[jdufresne]

- Added transparency to matrix conversion 3205
[radarhere]

- Added ImageOps pad method 3364
[radarhere]

- Give correct extrema for I;16 format images 3359
[bz2]

- Added PySide2 3279
[radarhere]

- Corrected TIFF tags 3369
[radarhere]

- CI: Install CFFI and pycparser without any PYTHONOPTIMIZE 3374
[hugovk]

- Read/Save RGB webp as RGB (instead of RGBX) 3298
[kkopachev]

- ImageDraw: Add line joints 3250
[radarhere]

- Improved performance of ImageDraw floodfill method 3294
[yo1995]

- Fix builds with --parallel 3272
[hsoft]

- Add more raw Tiff modes (RGBaX, RGBaXX, RGBAX, RGBAXX) 3335
[homm]

- Close existing WebP fp before setting new fp 3341
[radarhere]

- Add orientation, compression and id_section as TGA save keyword arguments 3327
[radarhere]

- Convert int values of RATIONAL TIFF tags to floats 3338
[radarhere, wiredfool]

- Fix code for PYTHONOPTIMIZE 3233
[hugovk]

- Changed ImageFilter.Kernel to subclass ImageFilter.BuiltinFilter, instead of the other way around 3273
[radarhere]

- Remove unused draw.draw_line, draw.draw_point and font.getabc methods 3232
[hugovk]

- Tests: Added ImageFilter tests 3295
[radarhere]

- Tests: Added ImageChops tests 3230
[hugovk, radarhere]

- AppVeyor: Download lib if not present in pillow-depends 3316
[radarhere]

- Travis CI: Add Python 3.7 and Xenial 3234
[hugovk]

- Docs: Added documentation for NumPy conversion 3301
[radarhere]

- Depends: Update libimagequant to 2.12.1 3281
[radarhere]

- Add three-color support to ImageOps.colorize 3242
[tsennott]

- Tests: Add LA to TGA test modes 3222
[danpla]

- Skip outline if the draw operation fills with the same colour 2922
[radarhere]

- Flake8 fixes 3173, 3380
[radarhere]

- Avoid deprecated 'U' mode when opening files 2187
[jdufresne]

Links

• PyPI: https://pypi.org/project/pillow
• Changelog: https://pyup.io/changelogs/pillow/
• Homepage: http://python-pillow.org

Update pyasn1-modules from 0.2.2 to 0.2.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pyasn1-modules
• Changelog: https://pyup.io/changelogs/pyasn1-modules/
• Repo: https://github.com/etingof/pyasn1-modules

Update pyasn1 from 0.4.4 to 0.4.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pyasn1
• Changelog: https://pyup.io/changelogs/pyasn1/
• Repo: https://github.com/etingof/pyasn1

Update pycparser from 2.18 to 2.19.

Changelog

2.19

- PR 277: Fix parsing of floating point literals
- PR 254: Add support for parsing empty structs
- PR 240: Fix enum formatting in generated C code (also 216)
- PR 222: Add support for pragma in struct declarations

Links

• PyPI: https://pypi.org/project/pycparser
• Changelog: https://pyup.io/changelogs/pycparser/
• Repo: https://github.com/eliben/pycparser

Update pyopenssl from 18.0.0 to 19.0.0.

Changelog

19.0.0

-------------------


Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- ``X509Store.add_cert`` no longer raises an error if you add a duplicate cert.
`787 <https://github.com/pyca/pyopenssl/pull/787>`_


Deprecations:
^^^^^^^^^^^^^

*none*


Changes:
^^^^^^^^

- pyOpenSSL now works with OpenSSL 1.1.1.
`805 <https://github.com/pyca/pyopenssl/pull/805>`_
- pyOpenSSL now handles NUL bytes in ``X509Name.get_components()``
`804 <https://github.com/pyca/pyopenssl/pull/804>`_



----

Links

• PyPI: https://pypi.org/project/pyopenssl
• Changelog: https://pyup.io/changelogs/pyopenssl/
• Homepage: https://pyopenssl.org/
• Docs: https://pythonhosted.org/pyOpenSSL/

Update pyrsistent from 0.14.4 to 0.15.4.

Changelog

0.15.4

* Fix 174, fix a GC traversal bug in pvector evolver C extension. Thanks till-varoquaux for finding and fixing this!
* Fix 175, pytest 5 compatibility, this is a quick fix, some more work is needed to get coverage working etc.

0.15.3

* Fix 172, catch all exceptions during extension build to reduce chance of corner cases that prevents installation.
* Fix 171, in PVector equality comparison don's assume that other object has a length, check before calling len.
* Fix 168, write warning about failing build of C extension directly to stderr to avoid that pip silences it.
* Fix 155, update PMapEvolver type stub to better reflect implementation.

0.15.2

* Fix 166, Propagate 'ignore_extra' param in hierarchy. Thanks ss18 for this!
* Fix 167, thaw typing. Thanks nattofriends for this!
* Fix 154, not possible to insert empty pmap as leaf node with transform.

0.15.1

* Fix 163 installation broken on Python 2 because of fix of 161, thanks vphilippon for this! Sorry for the
inconvenience.

0.15.0

* Python 3.4 is no longer officially supported since it is EOL since 2019-03-18.
* Fix 157, major improvements to type hints. Thanks je-l for working on this and nattofriend for reviewing the PR!
* Fix 161, installation fails on some Windows platforms because fallback to Python pvector does not work.
Thanks MaxTaggart for fixing and verifying this!

0.14.11

* Fix 152 Don't use __builtin_popcount, this hopefully fixes 147 Error in pvectorc.cp37-win_amd64.pyd file, as well.
Thanks benrg for this!
* Fix 151 Fix compatibility for hypothesis 4. Thanks felixonmars for this!

0.14.10

* Fix 148, only require pytest-runner if running tests. Thanks ccorbacho for this!

0.14.9

* Fix 144, Compile pvectormodule.c on windows. Thanks ganwell for this!

0.14.8

* Fix 142, Improve type stubs. Thanks arxanas for this!

0.14.7

* Fix 102, add PEP 561 type annotation stubs for most pyrsistent types. Thanks nattofriends for this!

0.14.6

* Fix 135, Type classes for Python 3 type annotations of pyrsistent types. Thanks nattofriends for this!
* Fix 128, Allow PClass and PRecord to ignore input parameters to constructor that are not part of the spec
instead of blowing up with a type error. Thanks agberk for this!

0.14.5

* Fix 137, deprecation warnings in Python 3.7. Thanks thombashi for this!
* Fix 129, building via setuptools and setup.py. Thanks galuszkak for this!

Links

• PyPI: https://pypi.org/project/pyrsistent
• Changelog: https://pyup.io/changelogs/pyrsistent/
• Repo: http://github.com/tobgu/pyrsistent/

Update python-dateutil from 2.7.3 to 2.8.0.

Changelog

2.8.0

==========================

Data updates
------------

- Updated tzdata version to to 2018i.


Features
--------

- Added support for ``EXDATE`` parameters when parsing ``rrule`` strings.
Reported by mlorant (gh issue 410), fixed by nicoe (gh pr 859).
- Added support for sub-minute time zone offsets in Python 3.6+.
Fixed by cssherry (gh issue 582, pr 763)
- Switched the ``tzoffset``, ``tzstr`` and ``gettz`` caches over to using weak
references, so that the cache expires when no other references to the
original ``tzinfo`` objects exist. This cache-expiry behavior is not
guaranteed in the public interface and may change in the future. To improve
performance in the case where transient references to the same time zones
are repeatedly created but no strong reference is continuously held, a
smaller "strong value" cache was also added. Weak value cache implemented by
cs-cordero (gh pr 672, 801), strong cache added by
Gökçen Nurlu (gh issue 691, gh pr 761)


Bugfixes
--------

- Added time zone inference when initializing an ``rrule`` with a specified
``UNTIL`` but without an explicitly specified ``DTSTART``; the time zone
of the generated ``DTSTART`` will now be taken from the ``UNTIL`` rule.
Reported by href (gh issue 652). Fixed by absreim (gh pr 693).
- Fixed an issue where ``parser.parse`` would raise ``Decimal``-specific errors
instead of a standard ``ValueError`` if certain malformed values were parsed
(e.g. ``NaN`` or infinite values). Reported and fixed by
amureki (gh issue 662, gh pr 679).
- Fixed issue in ``parser`` where a ``tzinfos`` call explicitly returning
``None`` would throw a ``ValueError``.
Fixed by parsethis (gh issue 661, gh pr 681)
- Fixed incorrect parsing of certain dates earlier than 100 AD when repesented
in the form "%B.%Y.%d", e.g. "December.0031.30". (gh issue 687, pr 700)
- Add support for ISO 8601 times with comma as the decimal separator in the
``dateutil.parser.isoparse`` function. (gh pr 721)
- Changed handling of ``T24:00`` to be compliant with the standard. ``T24:00``
now represents midnight on the *following* day.
Fixed by cheukting (gh issue 658, gh pr 751)
- Fixed an issue where ``isoparser.parse_isotime`` was unable to handle the
``24:00`` variant representation of midnight. (gh pr 773)
- Added support for more than 6 fractional digits in `isoparse`.
Reported and fixed by jayschwa (gh issue 786, gh pr 787).
- Added 'z' (lower case Z) as valid UTC time zone in isoparser.
Reported by cjgibson (gh issue 820). Fixed by Cheukting (gh pr 822)
- Fixed a bug with base offset changes during DST in ``tzfile``, and refactored
the way base offset changes are detected. Originally reported on
StackOverflow by MartinThoma. (gh issue 812, gh pr 810)
- Fixed error condition in ``tz.gettz`` when a non-ASCII timezone is passed on
Windows in Python 2.7. (gh issue 802, pr 861)
- Improved performance and inspection properties of ``tzname`` methods.
(gh pr 811)
- Removed unnecessary binary_type compatibility shims.
Added by jdufresne (gh pr 817)
- Changed ``python setup.py test`` to print an error to ``stderr`` and exit
with 1 instead of 0. Reported and fixed by hroncok (gh pr 814)
- Added a ``pyproject.toml`` file with build requirements and an explicitly
specified build backend. (gh issue 736, gh prs 746, 863)


Documentation changes
---------------------

- Added documentation for the ``rrule.rrulestr`` function.
Fixed by prdickson (gh issue 623, gh pr 762)
- Added documentation for ``dateutil.tz.gettz``.
Fixed by weatherpattern (gh issue 647, gh pr 704)
- Add documentation for the ``dateutil.tz.win`` module and mocked out certain
Windows-specific modules so that autodoc can still be run on non-Windows
systems. (gh issue 442, pr 715)
- Added changelog to documentation. (gh issue 692, gh pr 707)
- Changed order of keywords in the ``rrule`` docstring.
Reported and fixed by rmahajan14 (gh issue 686, gh pr 695).
- Improved documentation on the use of ``until`` and ``count`` parameters in
``rrule``. Fixed by lucaferocino (gh pr 755).
- Added an example of how to use a custom ``parserinfo`` subclass to parse
non-standard datetime formats in the examples documentation for ``parser``.
Added by prdickson (gh 753)
- Added doctest examples to ``tzfile`` documentation.
Patch by weatherpattern (gh pr 671)
- Updated the documentation for ``relativedelta``'s ``weekday`` arguments.
Fixed by kvn219 huangy22 and ElliotJH (gh pr 673)
- Improved explanation of the order that ``relativedelta`` components are
applied in. Fixed by kvn219 huangy22 and ElliotJH (gh pr 673)
- Expanded the description and examples in the ``relativedelta`` class.
Contributed by andrewcbennett (gh pr 759)
- Improved the contributing documentation to clarify where to put new changelog
files. Contributed by andrewcbennett (gh pr 757)
- Fixed a broken doctest in the ``relativedelta`` module.
Fixed by nherriot (gh pr 758).
- Changed the default theme to ``sphinx_rtd_theme``, and changed the sphinx
configuration accordingly. (gh pr 707)
- Reorganized ``dateutil.tz`` documentation and fixed issue with the
``dateutil.tz`` docstring. (gh pr 714)
- Cleaned up malformed RST in the ``tz`` documentation.
(gh issue 702, gh pr 706)
- Corrected link syntax and updated URL to https for ISO year week number
notation in ``relativedelta`` examples. (gh issue 670, pr 711)


Misc
----

- GH 674, GH 688, GH 699, GH 720, GH 723, GH 726, GH 727, GH 740,
GH 750, GH 760, GH 767, GH 772, GH 773, GH 780, GH 784, GH 785,
GH 791, GH 799, GH 813, GH 836, GH 839, GH 857

2.7.5

==========================

Data updates
------------

- Update tzdata to 2018g

2.7.4

==========================

Data updates
------------

- Updated tzdata version to 2018f.

Links

• PyPI: https://pypi.org/project/python-dateutil
• Changelog: https://pyup.io/changelogs/python-dateutil/
• Docs: https://dateutil.readthedocs.io

Update pytz from 2018.5 to 2019.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pytz
• Homepage: http://pythonhosted.org/pytz
• Docs: https://pythonhosted.org/pytz/

Update service-identity from 17.0.0 to 18.1.0.

Changelog

18.1.0

-------------------

Changes:
^^^^^^^^

- pyOpenSSL is optional now if you use ``service_identity.cryptography.*`` only.
- Added support for ``iPAddress`` ``subjectAltName``\ s.
You can now verify whether a connection or a certificate is valid for an IP address using ``service_identity.pyopenssl.verify_ip_address()`` and ``service_identity.cryptography.verify_certificate_ip_address()``.
`12 <https://github.com/pyca/service_identity/pull/12>`_


----

Links

• PyPI: https://pypi.org/project/service-identity
• Changelog: https://pyup.io/changelogs/service-identity/
• Docs: https://service-identity.readthedocs.io/

Update six from 1.11.0 to 1.12.0.

Changelog

1.12.0

------

- Issue 259, pull request 260: `six.add_metaclass` now preserves
`__qualname__` from the original class.

- Pull request 204: Add `six.ensure_binary`, `six.ensure_text`, and
`six.ensure_str`.

Links

• PyPI: https://pypi.org/project/six
• Changelog: https://pyup.io/changelogs/six/
• Repo: https://github.com/benjaminp/six

Update twisted[conch,tls] from 18.7.0 to 19.2.1.

Changelog

19.2.0

===========================

This is the final release that will support Python 3.4.

Features
--------

- twisted.internet.ssl.CertificateOptions now uses 32 random bytes instead of an MD5 hash for the ssl session identifier context. (9463)
- DeferredLock and DeferredSemaphore can be used as asynchronous context
managers on Python 3.5+. (9546)
- t.i.b.BaseConnector has custom __repr__ (9548)
- twisted.internet.ssl.optionsForClientTLS now supports validating IP addresses from the certificate subjectAltName (9585)
- Twisted's minimum Cryptography requirement is now 2.5. (9592)


Bugfixes
--------

- twisted.web.proxy.ReverseProxyResource fixed documentation and example snippet (9192)
- twisted.python.failure.Failure.getTracebackObject now returns traceback objects whose frames can be passed into traceback.print_stack for better debugging of where the exception came from. (9305)
- twisted.internet.ssl.KeyPair.generate: No longer generate 1024-bit RSA keys by default. Anyone who generated a key with this method using the default value should move to replace it immediately. (9453)
- The message of twisted.internet.error.ConnectionAborted is no longer truncated. (9522)
- twisted.enterprise.adbapi.ConnectionPool.connect now logs only the dbapiName and not the connection arguments, which may contain credentials (9544)
- twisted.python.runtime.Platform.supportsINotify no longer considers the result of isDocker for its own result. (9579)


Improved Documentation
----------------------

- The documentation for the the twisted.internet.interfaces.IConsumer, IProducer, and IPullProducer interfaces is more detailed. (2546)
- The errback example in the docstring of twisted.logger.Logger.failure has been corrected. (9334)
- The sample code in the "Twisted Web In 60 Seconds" tutorial runs on Python 3. (9559)


Misc
----

- 8921, 9071, 9125, 9428, 9536, 9540, 9580


Conch
-----

Features
~~~~~~~~

- twisted.conch.ssh.keys can now read private keys in the new "openssh-key-v1" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. (9515)


Bugfixes
~~~~~~~~

- Conch now uses pyca/cryptography for Diffie-Hellman key generation and agreement. (8831)


Misc
~~~~

- 9584


Web
---

Features
~~~~~~~~

- twisted.web.client.HostnameCachingHTTPSPolicy was added as a new contextFactory option.  The policy caches a specified number of twisted.internet.interfaces.IOpenSSLClientConnectionCreator instances to to avoid the cost of instantiating a connection creator for multiple requests to the same host. (9138)


Bugfixes
~~~~~~~~

- twisted.web.http.Request.cookies, twisted.web.http.HTTPChannel.writeHeaders, and twisted.web.http_headers.Headers were all vulnerable to header injection attacks.  They now replace linear whitespace ('\r', '\n', and '\r\n') with a single space.  twisted.web.http.Reqeuest.cookies also replaces semicolons (';') with a single space. (9420)
- twisted.web.client.Request and twisted.web.client.HTTPClient were both vulnerable to header injection attacks.  They now replace linear whitespace ('\r', '\n', and '\r\n') with a single space. (9421)


Mail
----

No significant changes.


Words
-----

No significant changes.


Names
-----

Features
~~~~~~~~

- twisted.names.dns now has IRecord implementations for the SSHFP and TSIG record types. (9373)

18.9.0

===========================

Features
--------

- twisted.internet._sslverify.ClientTLSOptions no longer raises IDNAError when given an IPv6 address as a hostname in a HTTPS URL. (9433)
- The repr() of a twisted.internet.base.DelayedCall now encodes the same information as its str(), exposing details of its scheduling and target callable. (9481)
- Python 3.7 is now supported. (9502)


Bugfixes
--------

- twisted.logger.LogBeginner's default critical observer now prints tracebacks for new and legacy log system events through the use of the new eventAsText API.  This API also does not raise an error for non-ascii encoded data in Python2, it attempts as well as possible to format the traceback. (7927)
- Syntax error under Python 3.7 fixed for twisted.conch.manhole and
twisted.main.imap4. (9384)
- `trial -j` reports tracebacks on test failures under Python 3. (9436)
- Properly format multi-byte and non-ascii encoded data in a traceback. (9456)
- twisted.python.rebuild now functions on Python 3.7. (9492)
- HTTP/2 server connections will no longer time out active downloads that take too long. (9529)


Improved Documentation
----------------------

- Several minor formatting problems in the API documentation have been corrected. (9461)
- The documentation of twisted.internet.defer.Deferred.fromFuture() has been updated to reflect upstream changes. (9539)


Deprecations and Removals
-------------------------

- async keyword argument is deprecated in twisted.conch.manhole
(ManholeInterpreter.write and Manhole.add) and in
twisted.main.imap4.IMAP4Server.sendUntaggedResponse,
isAsync keyword argument is introduced instead. (9384)


Misc
----

- 9379, 9485, 9489, 9499, 9501, 9511, 9514, 9523, 9524, 9525, 9538


Conch
-----

Bugfixes
~~~~~~~~

- twisted.conch.keys.Key.public returns the same twisted.conch.keys.Key instance when it is already a public key instead of failing with an exception. (9441)
- RSA private keys are no longer corrupted during loading, allowing OpenSSL's fast-path to operate for RSA signing. (9518)


Improved Documentation
~~~~~~~~~~~~~~~~~~~~~~

- The documentation for IConchUser.gotGlobalRequest() is more accurate. (9413)


Deprecations and Removals
~~~~~~~~~~~~~~~~~~~~~~~~~

- twisted.conch.ssh.filetransfer.ClientDirectory's use as an iterator has been deprecated. (9527)


Web
---

Bugfixes
~~~~~~~~

- twisted.web.server.Request.getSession now returns a new session if the
previous session has expired. (9288)


Misc
~~~~

- 9479, 9480, 9482, 9491


Mail
----

No significant changes.


Words
-----

No significant changes.


Names
-----

No significant changes.

Links

• PyPI: https://pypi.org/project/twisted
• Changelog: https://pyup.io/changelogs/twisted/
• Homepage: http://twistedmatrix.com/

Update venusian from 1.1.0 to 1.2.0.

Changelog

1.2.0

------------------

- Add support for Python 3.7.

- Drop support for Python 3.3.

Links

• PyPI: https://pypi.org/project/venusian
• Changelog: https://pyup.io/changelogs/venusian/
• Homepage: https://pylonsproject.org

Update zope.interface from 4.5.0 to 4.6.0.

Changelog

4.6.0

------------------

- Add support for Python 3.7

- Fix ``verifyObject`` for class objects with staticmethods on
Python 3. See `issue 126
<https://github.com/zopefoundation/zope.interface/issues/126>`_.

Links

• PyPI: https://pypi.org/project/zope.interface
• Changelog: https://pyup.io/changelogs/zope.interface/
• Repo: https://github.com/zopefoundation/zope.interface

---

This change is 

[codecov]

Codecov Report

Merging #246 into master will not change coverage.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #246   +/-   ##
======================================
  Coverage    93.8%   93.8%           
======================================
  Files          13      13           
  Lines        1066    1066           
  Branches       66      66           
======================================
  Hits         1000    1000           
  Misses         53      53           
  Partials       13      13

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 23a03a8...19ceed0. Read the comment docs.

[codecov]

Codecov Report

Merging #246 into master will not change coverage.
The diff coverage is n/a.

@@          Coverage Diff           @@
##           master    #246   +/-   ##
======================================
  Coverage    93.8%   93.8%           
======================================
  Files          13      13           
  Lines        1066    1066           
  Branches       66      66           
======================================
  Hits         1000    1000           
  Misses         53      53           
  Partials       13      13

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 23a03a8...19ceed0. Read the comment docs.