pyup: Scheduled weekly dependency update for week 05

[pyup-bot]

Update pip from 19.3.1 to 20.0.2.

Changelog

20.0.2

===================

Bug Fixes
---------

- Fix a regression in generation of compatibility tags. (`7626 <https://github.com/pypa/pip/issues/7626>`_)

Vendored Libraries
------------------

- Upgrade packaging to 20.1

20.0.1

===================

Bug Fixes
---------

- Rename an internal module, to avoid ImportErrors due to improper uninstallation. (`7621 <https://github.com/pypa/pip/issues/7621>`_)

20.0

=================

Process
-------

- Switch to a dedicated CLI tool for vendoring dependencies.

Deprecations and Removals
-------------------------

- Remove wheel tag calculation from pip and use ``packaging.tags``. This
should provide more tags ordered better than in prior releases. (`6908 <https://github.com/pypa/pip/issues/6908>`_)
- Deprecate setup.py-based builds that do not generate an ``.egg-info`` directory. (`6998 <https://github.com/pypa/pip/issues/6998>`_)
- The pip>=20 wheel cache is not retro-compatible with previous versions. Until
pip 21.0, pip will continue to take advantage of existing legacy cache
entries. (`7296 <https://github.com/pypa/pip/issues/7296>`_)
- Deprecate undocumented ``--skip-requirements-regex`` option. (`7297 <https://github.com/pypa/pip/issues/7297>`_)
- Deprecate passing install-location-related options via ``--install-option``. (`7309 <https://github.com/pypa/pip/issues/7309>`_)
- Use literal "abi3" for wheel tag on CPython 3.x, to align with PEP 384
which only defines it for this platform. (`7327 <https://github.com/pypa/pip/issues/7327>`_)
- Remove interpreter-specific major version tag e.g. ``cp3-none-any``
from consideration. This behavior was not documented strictly, and this
tag in particular is `not useful <https://snarky.ca/the-challenges-in-designing-a-library-for-pep-425/>`_.
Anyone with a use case can create an issue with pypa/packaging. (`7355 <https://github.com/pypa/pip/issues/7355>`_)
- Wheel processing no longer permits wheels containing more than one top-level
.dist-info directory. (`7487 <https://github.com/pypa/pip/issues/7487>`_)
- Support for the ``git+git`` form of VCS requirement is being deprecated and
will be removed in pip 21.0. Switch to ``git+https://`` or
``git+ssh://``. ``git+git://`` also works but its use is discouraged as it is
insecure. (`7543 <https://github.com/pypa/pip/issues/7543>`_)

Features
--------

- Default to doing a user install (as if ``--user`` was passed) when the main
site-packages directory is not writeable and user site-packages are enabled. (`1668 <https://github.com/pypa/pip/issues/1668>`_)
- Warn if a path in PATH starts with tilde during ``pip install``. (`6414 <https://github.com/pypa/pip/issues/6414>`_)
- Cache wheels built from Git requirements that are considered immutable,
because they point to a commit hash. (`6640 <https://github.com/pypa/pip/issues/6640>`_)
- Add option ``--no-python-version-warning`` to silence warnings
related to deprecation of Python versions. (`6673 <https://github.com/pypa/pip/issues/6673>`_)
- Cache wheels that ``pip wheel`` built locally, matching what
``pip install`` does. This particularly helps performance in workflows where
``pip wheel`` is used for `building before installing
<https://pip.pypa.io/en/stable/user_guide/installing-from-local-packages>`_.
Users desiring the original behavior can use ``pip wheel --no-cache-dir``. (`6852 <https://github.com/pypa/pip/issues/6852>`_)
- Display CA information in ``pip debug``. (`7146 <https://github.com/pypa/pip/issues/7146>`_)
- Show only the filename (instead of full URL), when downloading from PyPI. (`7225 <https://github.com/pypa/pip/issues/7225>`_)
- Suggest a more robust command to upgrade pip itself to avoid confusion when the
current pip command is not available as ``pip``. (`7376 <https://github.com/pypa/pip/issues/7376>`_)
- Define all old pip console script entrypoints to prevent import issues in
stale wrapper scripts. (`7498 <https://github.com/pypa/pip/issues/7498>`_)
- The build step of ``pip wheel`` now builds all wheels to a cache first,
then copies them to the wheel directory all at once.
Before, it built them to a temporary direcory and moved
them to the wheel directory one by one. (`7517 <https://github.com/pypa/pip/issues/7517>`_)
- Expand ``~`` prefix to user directory in path options, configs, and
environment variables. Values that may be either URL or path are not
currently supported, to avoid ambiguity:

* ``--find-links``
* ``--constraint``, ``-c``
* ``--requirement``, ``-r``
* ``--editable``, ``-e`` (`980 <https://github.com/pypa/pip/issues/980>`_)

Bug Fixes
---------

- Correctly handle system site-packages, in virtual environments created with venv (PEP 405). (`5702 <https://github.com/pypa/pip/issues/5702>`_, `7155 <https://github.com/pypa/pip/issues/7155>`_)
- Fix case sensitive comparison of pip freeze when used with -r option. (`5716 <https://github.com/pypa/pip/issues/5716>`_)
- Enforce PEP 508 requirement format in ``pyproject.toml``
``build-system.requires``. (`6410 <https://github.com/pypa/pip/issues/6410>`_)
- Make ``ensure_dir()`` also ignore ``ENOTEMPTY`` as seen on Windows. (`6426 <https://github.com/pypa/pip/issues/6426>`_)
- Fix building packages which specify ``backend-path`` in pyproject.toml. (`6599 <https://github.com/pypa/pip/issues/6599>`_)
- Do not attempt to run ``setup.py clean`` after a ``pep517`` build error,
since a ``setup.py`` may not exist in that case. (`6642 <https://github.com/pypa/pip/issues/6642>`_)
- Fix passwords being visible in the index-url in
"Downloading <url>" message. (`6783 <https://github.com/pypa/pip/issues/6783>`_)
- Change method from shutil.remove to shutil.rmtree in noxfile.py. (`7191 <https://github.com/pypa/pip/issues/7191>`_)
- Skip running tests which require subversion, when svn isn't installed (`7193 <https://github.com/pypa/pip/issues/7193>`_)
- Fix not sending client certificates when using ``--trusted-host``. (`7207 <https://github.com/pypa/pip/issues/7207>`_)
- Make sure ``pip wheel`` never outputs pure python wheels with a
python implementation tag. Better fix/workaround for
`3025 <https://github.com/pypa/pip/issues/3025>`_ by
using a per-implementation wheel cache instead of caching pure python
wheels with an implementation tag in their name. (`7296 <https://github.com/pypa/pip/issues/7296>`_)
- Include ``subdirectory`` URL fragments in cache keys. (`7333 <https://github.com/pypa/pip/issues/7333>`_)
- Fix typo in warning message when any of ``--build-option``, ``--global-option``
and ``--install-option`` is used in requirements.txt (`7340 <https://github.com/pypa/pip/issues/7340>`_)
- Fix the logging of cached HTTP response shown as downloading. (`7393 <https://github.com/pypa/pip/issues/7393>`_)
- Effectively disable the wheel cache when it is not writable, as is the
case with the http cache. (`7488 <https://github.com/pypa/pip/issues/7488>`_)
- Correctly handle relative cache directory provided via --cache-dir. (`7541 <https://github.com/pypa/pip/issues/7541>`_)

Vendored Libraries
------------------

- Upgrade CacheControl to 0.12.5
- Upgrade certifi to 2019.9.11
- Upgrade colorama to 0.4.1
- Upgrade distlib to 0.2.9.post0
- Upgrade ipaddress to 1.0.22
- Update packaging to 20.0.
- Upgrade pkg_resources (via setuptools) to 44.0.0
- Upgrade pyparsing to 2.4.2
- Upgrade six to 1.12.0
- Upgrade urllib3 to 1.25.6

Improved Documentation
----------------------

- Document that "coding: utf-8" is supported in requirements.txt (`7182 <https://github.com/pypa/pip/issues/7182>`_)
- Explain how to get pip's source code in `Getting Started <https://pip.pypa.io/en/stable/development/getting-started/>`_ (`7197 <https://github.com/pypa/pip/issues/7197>`_)
- Describe how basic authentication credentials in URLs work. (`7201 <https://github.com/pypa/pip/issues/7201>`_)
- Add more clear installation instructions (`7222 <https://github.com/pypa/pip/issues/7222>`_)
- Fix documentation links for index options (`7347 <https://github.com/pypa/pip/issues/7347>`_)
- Better document the requirements file format (`7385 <https://github.com/pypa/pip/issues/7385>`_)

Links

• PyPI: https://pypi.org/project/pip
• Changelog: https://pyup.io/changelogs/pip/
• Homepage: https://pip.pypa.io/

Update virtualenv from 16.7.7 to 16.7.9.

Changelog

16.7.9

--------------------

Bugfixes
^^^^^^^^

- upgrade setuptools from ``41.6.0`` to ``42.0.2`` (`1460 <https://github.com/pypa/virtualenv/issues/1460>`_)

16.7.8

--------------------

Bugfixes
^^^^^^^^

- upgrade setuptools from 41.4.0 to 41.6.0 (`1442 <https://github.com/pypa/virtualenv/issues/1442>`_)

Links

• PyPI: https://pypi.org/project/virtualenv
• Changelog: https://pyup.io/changelogs/virtualenv/
• Homepage: https://virtualenv.pypa.io/

Update django from 1.11.27 to 1.11.28.

Changelog

1.11.28

============================

*February 3, 2020*

Django 1.11.28 fixes a security issue in 1.11.27.

CVE-2020-7471: Potential SQL injection via ``StringAgg(delimiter)``
===================================================================

:class:`~django.contrib.postgres.aggregates.StringAgg` aggregation function was
subject to SQL injection, using a suitably crafted ``delimiter``.


============================

Links

• PyPI: https://pypi.org/project/django
• Changelog: https://pyup.io/changelogs/django/
• Homepage: https://www.djangoproject.com/

Update django-extensions from 2.2.5 to 2.2.6.

Changelog

2.2.6

-----

Changes:
- Improvement: travis, update pypy and pypy3 versions
- Improvement: shell_plus, ability to print location/traceback besides sql
- Improvement: runserver_plus, ability to print location/traceback besides sql
- Improvement: UniqueFieldMixin, Support Django 2.2 UniqueConstraint.condition
- Improvement: DEFAULT_MYSQL_ENGINES, add mysql.connector.django
- Improvement: shell_plus, allow setting SHELL_PLUS="notebook"
- Improvement: shell_plus, add -c/--command to shell_plus mirroring django's shell command
- Fix: shell_plus, fix postgresql debug wrapper on django 3.0 or higher
- Fix: runserver_plus, fix postgresql debug wrapper on django 3.0 or higher

Links

• PyPI: https://pypi.org/project/django-extensions
• Changelog: https://pyup.io/changelogs/django-extensions/
• Repo: http://github.com/django-extensions/django-extensions

Update djangorestframework from 3.10.3 to 3.11.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/djangorestframework
• Changelog: https://pyup.io/changelogs/djangorestframework/
• Homepage: https://www.django-rest-framework.org/

Update drf-extensions from 0.5.0 to 0.6.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/drf-extensions
• Changelog: https://pyup.io/changelogs/drf-extensions/
• Repo: http://github.com/chibisov/drf-extensions

Update pyyaml from 5.1.2 to 5.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pyyaml
• Repo: https://github.com/yaml/pyyaml

Update Pygments from 2.4.2 to 2.5.2.

Changelog

2.5.2

-------------
(released November 29, 2019)

- Fix incompatibility with some setuptools versions (PR1316)

- Fix lexing of ReST field lists (PR1279)
- Fix lexing of Matlab keywords as field names (PR1282)
- Recognize double-quoted strings in Matlab (PR1278)
- Avoid slow backtracking in Vim lexer (PR1312)
- Fix Scala highlighting of types (PR1315)
- Highlight field lists more consistently in ReST (PR1279)
- Fix highlighting Matlab keywords in field names (PR1282)
- Recognize Matlab double quoted strings (PR1278)
- Add some Terraform keywords
- Update Modelica lexer to 3.4
- Update Crystal examples

2.5.1

-------------
(released November 26, 2019)

- This release fixes a packaging issue. No functional changes.

2.5.0

-------------
(released November 26, 2019)

- Added lexers:

* Email (PR1246)
* Erlang, Elxir shells (PR823, 1521)
* Notmuch (PR1264)
* `Scdoc <https://git.sr.ht/~sircmpwn/scdoc>`_ (PR1268)
* `Solidity <https://solidity.readthedocs.io/>`_ (1214)
* `Zeek <https://www.zeek.org>`_ (new name for Bro) (PR1269)
* `Zig <https://ziglang.org/>`_ (PR820)

- Updated lexers:

* Apache2 Configuration (PR1251)
* Bash sessions (1253)
* CSound (PR1250)
* Dart
* Dockerfile
* Emacs Lisp
* Handlebars (PR773)
* Java (1101, 987)
* Logtalk (PR1261)
* Matlab (PR1271)
* Praat (PR1277)
* Python3 (PR1255)
* Ruby
* YAML (1528)
* Velocity

- Added styles:

* Inkpot (PR1276)

- The ``PythonLexer`` class is now an alias for the former ``Python3Lexer``.
The old ``PythonLexer`` is available as ``Python2Lexer``.  Same change has
been done for the ``PythonTracebackLexer``.  The ``python3`` option for
the ``PythonConsoleLexer`` is now true by default.

- Bump ``NasmLexer`` priority over ``TasmLexer`` for ``.asm`` files
(fixes 1326)
- Default font in the ``ImageFormatter`` has been updated (928, PR1245)
- Test suite switched to py.test, removed nose dependency (1490)
- Reduce ``TeraTerm`` lexer score -- it used to match nearly all languages
(1256)
- Treat ``Skylark``/``Starlark`` files as Python files (PR1259)
- Image formatter: actually respect ``line_number_separator`` option

- Add LICENSE file to wheel builds
- Agda: fix lambda highlighting
- Dart: support ` annotations
- Dockerfile: accept ``FROM ... AS`` syntax
- Emacs Lisp: add more string functions
- GAS: accept registers in directive arguments
- Java: make structural punctuation (braces, parens, colon, comma) ``Punctuation``, not ``Operator`` (987)
- Java: support ``var`` contextual keyword (1101)
- Matlab: Fix recognition of ``function`` keyword (PR1271)
- Python: recognize ``.jy`` filenames (976)
- Python: recognize ``f`` string prefix (1156)
- Ruby: support squiggly heredocs
- Shell sessions: recognize Virtualenv prompt (PR1266)
- Velocity: support silent reference syntax

Links

• PyPI: https://pypi.org/project/pygments
• Changelog: https://pyup.io/changelogs/pygments/
• Homepage: http://pygments.org/

Update django-allauth from 0.40.0 to 0.41.0.

Changelog

0.41.0

*******************

Security notice
---------------

- See `CVE-2019-19844
<https://www.djangoproject.com/weblog/2019/dec/18/security-releases/>`_.


Note worthy changes
-------------------

- New providers: Exist.io., YNAB, Amazon Cognito.

- You can now store OAuth credentials directly in your
``settings.SOCIALACCOUNT_PROVIDERS`` settings instead of storing them in the
database using a ``SocialApp`` record.


Backwards incompatible changes
------------------------------

- Dropped Python 2 and Django 1 compatibility.

Links

• PyPI: https://pypi.org/project/django-allauth
• Changelog: https://pyup.io/changelogs/django-allauth/
• Repo: http://github.com/pennersr/django-allauth

Update GitPython from 3.0.4 to 3.0.5.

Changelog

3.0.5

=============================================

see the following for details:
https://github.com/gitpython-developers/gitpython/milestone/32?closed=1

Links

• PyPI: https://pypi.org/project/gitpython
• Changelog: https://pyup.io/changelogs/gitpython/
• Repo: https://github.com/gitpython-developers/GitPython
• Docs: https://pythonhosted.org/GitPython/

Update django-gravatar2 from 1.4.2 to 1.4.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-gravatar2
• Repo: https://github.com/twaddington/django-gravatar

Update stripe from 2.38.0 to 2.42.0.

Changelog

2.42.0

* [640](https://github.com/stripe/stripe-python/pull/640) Add support for `CreditNoteLineItem`
* [639](https://github.com/stripe/stripe-python/pull/639) Pin black version
* [637](https://github.com/stripe/stripe-python/pull/637) Start testing Python 3.8

2.41.1

* [636](https://github.com/stripe/stripe-python/pull/636) Fix uploading files with Unicode names (Python 2.7)
* [635](https://github.com/stripe/stripe-python/pull/635) Update Python API docs inline link
* [631](https://github.com/stripe/stripe-python/pull/631) Update `proxy.py`

2.41.0

* [630](https://github.com/stripe/stripe-python/pull/630) Add support for `CreditNote` preview

2.40.0

* [627](https://github.com/stripe/stripe-python/pull/627) Add list_usage_record_summaries and list_source_transactions

2.39.0

* [625](https://github.com/stripe/stripe-python/pull/625) Add support for `Mandate`

Links

• PyPI: https://pypi.org/project/stripe
• Changelog: https://pyup.io/changelogs/stripe/
• Repo: https://github.com/stripe/stripe-python

Update regex from 2019.11.1 to 2020.1.8.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/regex
• Repo: https://bitbucket.org/mrabarnett/mrab-regex

Update django-formtools from 2.1 to 2.2.

Changelog

2.2

----------------

- Dropped testing for Django 1.8, 1.9, 1.10.

- Dropped support for Python 2.

- Added support for Django 2.1, 2.2, 3.0, and Python 3.7.

- Updated translations from Transifex.

Links

• PyPI: https://pypi.org/project/django-formtools
• Changelog: https://pyup.io/changelogs/django-formtools/
• Docs: https://django-formtools.readthedocs.io/en/latest/

Update django-crispy-forms from 1.8.0 to 1.8.1.

Changelog

1.8.1

* Fixing FileField UI bug introduced with 1.8.0
* Remove is-valid css class for radio (bug introduced with 1.8.0)
* Various alignment and margin fixes for Bootstrap 4 template pack
* Documentation : using read-the-docs template, documenting how to run test suite, documenting use_custom_control help attributes

See the [1.8.1 Milestone](https://github.com/django-crispy-forms/django-crispy-forms/milestone/8?closed=1) for the full change list.

Links

• PyPI: https://pypi.org/project/django-crispy-forms
• Changelog: https://pyup.io/changelogs/django-crispy-forms/
• Repo: https://github.com/django-crispy-forms/django-crispy-forms

Update django-annoying from 0.10.5 to 0.10.6.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-annoying
• Changelog: https://pyup.io/changelogs/django-annoying/
• Repo: https://github.com/skorokithakis/django-annoying

Update django-taggit from 1.1.0 to 1.2.0.

Changelog

1.2.0

~~~~~~~~~~~~~~~~~~

* **Removed** support for end-of-life Django 2.0 and 2.1.
* Added support for Django 3.0.
* Added support for Python 3.8.
* Moved ``TaggedItemBase.tags_for()`` to ItemBase.
* Replaced reference to removed Django's ``.virtual_fields`` with
``.private_field``.
* Added ``TextareaTagWidget``.

Links

• PyPI: https://pypi.org/project/django-taggit
• Changelog: https://pyup.io/changelogs/django-taggit/
• Repo: https://github.com/jazzband/django-taggit

Update packaging from 19.2 to 20.1.

Changelog

20.1

~~~~~~~~~~~~~~~~~~~

No changes yet.

20.0

~~~~~~~~~~~~~~~~~

* Add type hints (:issue:`191`)

* Add proper trove classifiers for PyPy support (:issue:`198`)

* Scale back depending on ``ctypes`` for manylinux support detection (:issue:`171`)

* Use ``sys.implementation.name`` where appropriate for ``packaging.tags`` (:issue:`193`)

* Expand upon the API provded by ``packaging.tags``: ``interpreter_name()``, ``mac_platforms()``, ``compatible_tags()``, ``cpython_tags()``, ``generic_tags()`` (:issue:`187`)

* Officially support Python 3.8 (:issue:`232`)

* Add ``major``, ``minor``, and ``micro`` aliases to ``packaging.version.Version`` (:issue:`226`)

* Properly mark ``packaging`` has being fully typed by adding a `py.typed` file (:issue:`226`)

Links

• PyPI: https://pypi.org/project/packaging
• Changelog: https://pyup.io/changelogs/packaging/
• Repo: https://github.com/pypa/packaging

Update django-cors-middleware from 1.4.0 to 1.5.0.

Changelog

Links

• PyPI: https://pypi.org/project/django-cors-middleware
• Changelog: https://pyup.io/changelogs/django-cors-middleware/
• Repo: https://github.com/zestedesavoir/django-cors-middleware

Update django-storages[azure] from 1.7.2 to 1.9.

Changelog

1.9

***********************

General
-------

- **Breaking**: The long deprecated S3 backend based on ``boto`` has been removed. (`825`_)
- Test against and support Python 3.8 (`810`_)

S3
--

- **Deprecated**: Automatic bucket creation will be removed in version 1.10 (`826`_)
- **Deprecated**: The undocumented ``AWS_PRELOAD_METADATA`` and associated functionality will
be removed in version 1.10 (`829`_)
- **Deprecated**: Support for ``AWS_REDUCED_REDUNDANCY`` will be removed in version 1.10
Replace with ``StorageClass=REDUCED_REDUNDANCY`` in ``AWS_S3_OBJECT_PARAMETERS`` (`829`_)
- **Deprecated**: Support for ``AWS_S3_ENCRYPTION`` will be removed in version 1.10 (`829`_)
Replace with ``ServerSideEncryption=AES256`` in ``AWS_S3_OBJECT_PARAMETERS``
- A custom ``ContentEncoding`` is no longer overwritten automatically (note that specifying
one will disable automatic ``gzip``) (`391`_, `828`_).
- Add ``S3Boto3Storage.get_object_parameters``, an overridable method for customizing
upload parameters on a per-object basis (`819`_, `828`_)
- Opening and closing a file in `w` mode without writing anything will now create an empty file
in S3, this mimics the builtin ``open`` and Django's own ``FileSystemStorage`` (`435`_, `816`_)
- Fix reading a file in text mode (`404`_, `827`_)

Google Cloud
------------

- **Deprecated**: Automatic bucket creation will be removed in version 1.10 (`826`_)

Dropbox
-------

- Fix crash on ``DropBoxStorage.listdir`` (`762`_)
- Settings can now additionally be specified at the class level to ease subclassing (`745`_)

Libcloud
--------

- Add support for Backblaze B2 to ``LibCloudStorage.url`` (`807`_)

FTP
---

- Fix creating multiple intermediary directories on Windows (`823`_, `824`_)

.. _825: https://github.com/jschneier/django-storages/pull/825
.. _826: https://github.com/jschneier/django-storages/pull/826
.. _829: https://github.com/jschneier/django-storages/pull/829
.. _391: https://github.com/jschneier/django-storages/issues/391
.. _828: https://github.com/jschneier/django-storages/pull/828
.. _819: https://github.com/jschneier/django-storages/issues/819
.. _810: https://github.com/jschneier/django-storages/pull/810
.. _435: https://github.com/jschneier/django-storages/issues/435
.. _816: https://github.com/jschneier/django-storages/pull/816
.. _404: https://github.com/jschneier/django-storages/issues/404
.. _827: https://github.com/jschneier/django-storages/pull/827
.. _762: https://github.com/jschneier/django-storages/pull/762
.. _745: https://github.com/jschneier/django-storages/pull/745
.. _807: https://github.com/jschneier/django-storages/pull/807
.. _823: https://github.com/jschneier/django-storages/issues/823
.. _824: https://github.com/jschneier/django-storages/pull/824

1.8

****************

General
-------
- Add support for Django 3.0 (`759`_)
- Update license identifier to unambiguous ``BSD-3-Clause``

S3
--

- Include error message raised when missing library is imported (`776`_, `793`_)

Google
------

- **Breaking** The minimum supported version of ``google-cloud-storage`` is now ``1.15.0`` which enables...
- Add setting ``GS_CUSTOM_ENDPOINT`` to allow usage of custom domains (`775`_, `648`_)

Azure
-----

- Fix extra installation by pinning version to < 12 (`785`_)
- Add support for setting ``AZURE_CACHE_CONTROL`` header (`780`_, `674`_)

.. _759: https://github.com/jschneier/django-storages/pull/759
.. _776: https://github.com/jschneier/django-storages/issues/776
.. _793: https://github.com/jschneier/django-storages/pull/793
.. _775: https://github.com/jschneier/django-storages/issues/775
.. _648: https://github.com/jschneier/django-storages/pull/648
.. _785: https://github.com/jschneier/django-storages/pull/785
.. _780: https://github.com/jschneier/django-storages/pull/780
.. _674: https://github.com/jschneier/django-storages/issues/674

Links

• PyPI: https://pypi.org/project/django-storages
• Changelog: https://pyup.io/changelogs/django-storages/
• Repo: https://github.com/jschneier/django-storages

Update azure-storage-blob from 1.5.0 to 12.1.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/azure-storage-blob
• Repo: https://github.com/Azure/azure-sdk-for-python/tree/master/sdk/storage/azure-storage-blob

Update azure-storage-common from 1.4.2 to 2.1.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/azure-storage-common
• Repo: https://github.com/Azure/azure-storage-python

Update django-debug-toolbar from 2.0 to 2.2.

Changelog

2.2

----------------

* Removed support for end of life Django 2.0 and 2.1.
* Added support for Python 3.8.
* Add locals() option for sql panel.
* Added support for Django 3.0

2.1

----------------

* Changed the Travis CI matrix to run style checks first.
* Exposed the ``djdt.init`` function too.
* Small improvements to the code to take advantage of newer Django APIs
and avoid warnings because of deprecated code.
* Verified compatibility with the upcoming Django 3.0 (at the time of
writing).

Links

• PyPI: https://pypi.org/project/django-debug-toolbar
• Changelog: https://pyup.io/changelogs/django-debug-toolbar/
• Repo: https://github.com/jazzband/django-debug-toolbar

Update gunicorn from 19.9.0 to 20.0.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/gunicorn
• Changelog: https://pyup.io/changelogs/gunicorn/
• Homepage: http://gunicorn.org

Update pillow from 6.2.1 to 7.0.0.

Changelog

7.0.0

------------------

- Drop support for EOL Python 2.7 4109
[hugovk, radarhere, jdufresne]

- Fix rounding error on RGB to L conversion 4320
[homm]

- Exif writing fixes: Rational boundaries and signed/unsigned types 3980
[kkopachev, radarhere]

- Allow loading of WMF images at a given DPI 4311
[radarhere]

- Added reduce operation 4251
[homm]

- Raise ValueError for io.StringIO in Image.open 4302
[radarhere, hugovk]

- Fix thumbnail geometry when DCT scaling is used 4231
[homm, radarhere]

- Use default DPI when exif provides invalid x_resolution 4147
[beipang2, radarhere]

- Change default resize resampling filter from NEAREST to BICUBIC 4255
[homm]

- Fixed black lines on upscaled images with the BOX filter 4278
[homm]

- Better thumbnail aspect ratio preservation 4256
[homm]

- Add La mode packing and unpacking 4248
[homm]

- Include tests in coverage reports 4173
[hugovk]

- Handle broken Photoshop data 4239
[radarhere]

- Raise a specific exception if no data is found for an MPO frame 4240
[radarhere]

- Fix Unicode support for PyPy 4145
[nulano]

- Added UnidentifiedImageError 4182
[radarhere, hugovk]

- Remove deprecated __version__ from plugins 4197
[hugovk, radarhere]

- Fixed freeing unallocated pointer when resizing with height too large 4116
[radarhere]

- Copy info in Image.transform 4128
[radarhere]

- Corrected DdsImagePlugin setting info gamma 4171
[radarhere]

- Depends: Update libtiff to 4.1.0 4195, Tk Tcl to 8.6.10 4229, libimagequant to 2.12.6 4318
[radarhere]

- Improve handling of file resources 3577
[jdufresne]

- Removed CI testing of Fedora 29 4165
[hugovk]

- Added pypy3 to tox envlist 4137
[jdufresne]

- Drop support for EOL PyQt4 and PySide 4108
[hugovk, radarhere]

- Removed deprecated setting of TIFF image sizes 4114
[radarhere]

- Removed deprecated PILLOW_VERSION 4107
[hugovk]

- Changed default frombuffer raw decoder args 1730
[radarhere]

6.2.2

------------------

- This is the last Pillow release to support Python 2.7 3642

- Overflow checks for realloc for tiff decoding. CVE TBD
[wiredfool, radarhere]

- Catch SGI buffer overrun. CVE TBD
[radarhere]

- Catch PCX P mode buffer overrun. CVE TBD
[radarhere]

- Catch FLI buffer overrun. CVE TBD
[radarhere]

- Raise an error for an invalid number of bands in FPX image. CVE-2019-19911
[wiredfool, radarhere]

Links

• PyPI: https://pypi.org/project/pillow
• Changelog: https://pyup.io/changelogs/pillow/
• Homepage: https://python-pillow.org

Update psycopg2-binary from 2.8.3 to 2.8.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/psycopg2-binary
• Homepage: http://initd.org/psycopg/

Update watchdog from 0.9.0 to 0.10.1.

Changelog

0.10.1

~~~~~~

2020-01-30 • `full history <https://github.com/gorakhargosh/watchdog/compare/v0.10.0...v0.10.1>`__

- Fixed Python 2.7 to 3.6 installation when the OS locale is set to POSIX (`615 <https://github.com/gorakhargosh/watchdog/pull/615>`__)
- Fixed the ``build_ext`` command on macOS  (`618 <https://github.com/gorakhargosh/watchdog/pull/618>`__, `620 <https://github.com/gorakhargosh/watchdog/pull/620>`_)
- Moved requirements to ``setup.cfg``  (`617 <https://github.com/gorakhargosh/watchdog/pull/617>`__)
- [mac] Removed old C code for Python 2.5 in the `fsevents` C implementation
- [snapshot] Added ``EmptyDirectorySnapshot`` (`613 <https://github.com/gorakhargosh/watchdog/pull/613>`__)
- Thanks to our beloved contributors: Ajordat, tehkirill, BoboTiG

0.10.0

~~~~~~

2020-01-26 • `full history <https://github.com/gorakhargosh/watchdog/compare/v0.9.0...v0.10.0>`__

**Breaking Changes**

- Dropped support for Python 2.6, 3.2 and 3.3
- Emitters that failed to start are now removed
- [snapshot] Removed the deprecated ``walker_callback`` argument,
use ``stat`` instead
- [watchmedo] The utility is no more installed by default but via the extra
``watchdog[watchmedo]``

**Other Changes**

- Fixed several Python 3 warnings
- Identify synthesized events with ``is_synthetic`` attribute (`369 <https://github.com/gorakhargosh/watchdog/pull/369>`__)
- Use ``os.scandir()`` to improve memory usage (`503 <https://github.com/gorakhargosh/watchdog/pull/503>`__)
- [bsd] Fixed flavors of FreeBSD detection (`529 <https://github.com/gorakhargosh/watchdog/pull/529>`__)
- [bsd] Skip unprocessable socket files (`509 <https://github.com/gorakhargosh/watchdog/issue/509>`__)
- [inotify] Fixed events containing non-ASCII characters (`516 <https://github.com/gorakhargosh/watchdog/issues/516>`__)
- [inotify] Fixed the way ``OSError`` are re-raised (`377 <https://github.com/gorakhargosh/watchdog/issues/377>`__)
- [inotify] Fixed wrong source path after renaming a top level folder (`515 <https://github.com/gorakhargosh/watchdog/pull/515>`__)
- [inotify] Removed  delay from non-move events (`477 <https://github.com/gorakhargosh/watchdog/pull/477>`__)
- [mac] Fixed a bug when calling ``FSEventsEmitter.stop()`` twice (`466 <https://github.com/gorakhargosh/watchdog/pull/466>`__)
- [mac] Support for unscheduling deleted watch (`541 <https://github.com/gorakhargosh/watchdog/issue/541>`__)
- [mac] Fixed missing field initializers and unused parameters in
``watchdog_fsevents.c``
- [snapshot] Don't walk directories without read permissions (`408 <https://github.com/gorakhargosh/watchdog/pull/408>`__)
- [snapshot] Fixed a race condition crash when a directory is swapped for a file (`513 <https://github.com/gorakhargosh/watchdog/pull/513>`__)
- [snasphot] Fixed an ``AttributeError`` about forgotten ``path_for_inode`` attr (`436 <https://github.com/gorakhargosh/watchdog/issues/436>`__)
- [snasphot] Added the ``ignore_device=False`` parameter to the ctor (`597 <https://github.com/gorakhargosh/watchdog/pull/597>`__)
- [watchmedo] Fixed the path separator used (`478 <https://github.com/gorakhargosh/watchdog/pull/478>`__)
- [watchmedo] Fixed the use of ``yaml.load()`` for ``yaml.safe_load()`` (`453 <https://github.com/gorakhargosh/watchdog/issues/453>`__)
- [watchmedo] Handle all available signals (`549 <https://github.com/gorakhargosh/watchdog/issue/549>`__)
- [watchmedo] Added the ``--debug-force-polling`` argument (`404 <https://github.com/gorakhargosh/watchdog/pull/404>`__)
- [windows] Fixed issues when the observed directory is deleted (`570 <https://github.com/gorakhargosh/watchdog/issues/570>`__ and `601 <https://github.com/gorakhargosh/watchdog/pull/601>`__)
- [windows] ``WindowsApiEmitter`` made easier to subclass (`344 <https://github.com/gorakhargosh/watchdog/pull/344>`__)
- [windows] Use separate ctypes DLL instances
- [windows] Generate sub created events only if ``recursive=True`` (`454 <https://github.com/gorakhargosh/watchdog/pull/454>`__)
- Thanks to our beloved contributors: BoboTiG, LKleinNux, rrzaripov,
wildmichael, TauPan, segevfiner, petrblahos, QuantumEnergyE,
jeffwidman, kapsh, nickoala, petrblahos, julianolf, tonybaloney,
mbakiev, pR0Ps, javaguirre, skurfer, exarkun, joshuaskelly,
danilobellini, Ajordat

Links

• PyPI: https://pypi.org/project/watchdog
• Changelog: https://pyup.io/changelogs/watchdog/
• Repo: http://github.com/gorakhargosh/watchdog
• Docs: https://pythonhosted.org/watchdog/

Update ipdb from 0.12.2 to 0.12.3.

Changelog

0.12.3

-------------------

- Fix version in usage
[gotcha]

Links

• PyPI: https://pypi.org/project/ipdb
• Changelog: https://pyup.io/changelogs/ipdb/
• Repo: https://github.com/gotcha/ipdb

Update tox from 3.14.1 to 3.14.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/tox
• Docs: http://tox.readthedocs.org

Update django-dynamic-fixture from 2.0.0 to 3.0.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-dynamic-fixture
• Repo: https://github.com/paulocheque/django-dynamic-fixture

Update pytest from 5.2.2 to 5.3.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pytest
• Homepage: https://docs.pytest.org/en/latest/

Update pytest-django from 3.6.0 to 3.8.0.

Changelog

3.8.0

------------------

Improvements
^^^^^^^^^^^^

* Make Django's assertion helpers available in pytest_django.asserts (709).

* Report django-configurations setting (791)

3.7.0

------------------

Bugfixes
^^^^^^^^

* Monkeypatch pytest to not use ``TestCase.debug`` with unittests, instead
of patching it into Django (782).

* Work around pytest crashing due to ``pytest.fail`` being used from within the
DB blocker, and pytest trying to display an object representation involving
DB access (781).  pytest-django uses a ``RuntimeError`` now instead.

Links

• PyPI: https://pypi.org/project/pytest-django
• Changelog: https://pyup.io/changelogs/pytest-django/
• Docs: https://pytest-django.readthedocs.io/

Update pytest-xdist from 1.30.0 to 1.31.0.

Changelog

1.31.0

================================

Features
--------

- `486 <https://github.com/pytest-dev/pytest-xdist/issues/486>`_: Add support for Python 3.8.


Bug Fixes
---------

- `491 <https://github.com/pytest-dev/pytest-xdist/issues/491>`_: Fix regression that caused custom plugin command-line arguments to be discarded when using ``--tx`` mode.

Links

• PyPI: https://pypi.org/project/pytest-xdist
• Changelog: https://pyup.io/changelogs/pytest-xdist/
• Repo: https://github.com/pytest-dev/pytest-xdist

Update pytest-mock from 1.11.2 to 2.0.0.

Changelog

2.0.0

------------------

Breaking Changes
++++++++++++++++

* ``mocker.spy`` attributes for tracking returned values and raised exceptions of its spied functions
are now called ``spy_return`` and ``spy_exception``, instead of reusing the existing
``MagicMock`` attributes ``return_value`` and ``side_effect``.

Version ``1.13`` introduced a serious regression: after a spied function using ``mocker.spy``
raises an exception, further calls to the spy will not call the spied function,
always raising the first exception instead: assigning to ``side_effect`` causes
``unittest.mock`` to behave this way (`175`_).

* The deprecated ``mock`` alias to the ``mocker`` fixture has finally been removed.

.. _175: https://github.com/pytest-dev/pytest-mock/issues/175

1.13.0

-------------------

* The object returned by ``mocker.spy`` now also tracks any side effect
of the spied method/function.

1.12.1

-------------------

* Fix error if ``mocker.patch`` is used in code where the source file
is not available, for example stale ``.pyc`` files (`169`_).

.. _169: https://github.com/pytest-dev/pytest-mock/issues/169issuecomment-555729265

1.12.0

-------------------

* Now all patch functions also raise a ``ValueError`` when used
as a context-manager. Thanks `AlexGascon`_ for the PR (`168`_).

.. _AlexGascon: https://github.com/AlexGascon
.. _168: https://github.com/pytest-dev/pytest-mock/pull/168

Links

• PyPI: https://pypi.org/project/pytest-mock
• Changelog: https://pyup.io/changelogs/pytest-mock/
• Repo: https://github.com/pytest-dev/pytest-mock/

[humitos]

Changes look reasonable to me.

I think we can merge this after today's deploy and start testing it locally.

[humitos]

We need to be careful with these. We should test,

• build files are uploaded properly
• collectstatic does work

[pyup-bot]

Closing this in favor of #6643