pyup: Scheduled weekly dependency update for week 06

[pyup-bot]

Update pip from 19.3.1 to 20.0.2.

Changelog

20.0.2

===================

Bug Fixes
---------

- Fix a regression in generation of compatibility tags. (`7626 <https://github.com/pypa/pip/issues/7626>`_)

Vendored Libraries
------------------

- Upgrade packaging to 20.1

20.0.1

===================

Bug Fixes
---------

- Rename an internal module, to avoid ImportErrors due to improper uninstallation. (`7621 <https://github.com/pypa/pip/issues/7621>`_)

20.0

=================

Process
-------

- Switch to a dedicated CLI tool for vendoring dependencies.

Deprecations and Removals
-------------------------

- Remove wheel tag calculation from pip and use ``packaging.tags``. This
should provide more tags ordered better than in prior releases. (`6908 <https://github.com/pypa/pip/issues/6908>`_)
- Deprecate setup.py-based builds that do not generate an ``.egg-info`` directory. (`6998 <https://github.com/pypa/pip/issues/6998>`_)
- The pip>=20 wheel cache is not retro-compatible with previous versions. Until
pip 21.0, pip will continue to take advantage of existing legacy cache
entries. (`7296 <https://github.com/pypa/pip/issues/7296>`_)
- Deprecate undocumented ``--skip-requirements-regex`` option. (`7297 <https://github.com/pypa/pip/issues/7297>`_)
- Deprecate passing install-location-related options via ``--install-option``. (`7309 <https://github.com/pypa/pip/issues/7309>`_)
- Use literal "abi3" for wheel tag on CPython 3.x, to align with PEP 384
which only defines it for this platform. (`7327 <https://github.com/pypa/pip/issues/7327>`_)
- Remove interpreter-specific major version tag e.g. ``cp3-none-any``
from consideration. This behavior was not documented strictly, and this
tag in particular is `not useful <https://snarky.ca/the-challenges-in-designing-a-library-for-pep-425/>`_.
Anyone with a use case can create an issue with pypa/packaging. (`7355 <https://github.com/pypa/pip/issues/7355>`_)
- Wheel processing no longer permits wheels containing more than one top-level
.dist-info directory. (`7487 <https://github.com/pypa/pip/issues/7487>`_)
- Support for the ``git+git`` form of VCS requirement is being deprecated and
will be removed in pip 21.0. Switch to ``git+https://`` or
``git+ssh://``. ``git+git://`` also works but its use is discouraged as it is
insecure. (`7543 <https://github.com/pypa/pip/issues/7543>`_)

Features
--------

- Default to doing a user install (as if ``--user`` was passed) when the main
site-packages directory is not writeable and user site-packages are enabled. (`1668 <https://github.com/pypa/pip/issues/1668>`_)
- Warn if a path in PATH starts with tilde during ``pip install``. (`6414 <https://github.com/pypa/pip/issues/6414>`_)
- Cache wheels built from Git requirements that are considered immutable,
because they point to a commit hash. (`6640 <https://github.com/pypa/pip/issues/6640>`_)
- Add option ``--no-python-version-warning`` to silence warnings
related to deprecation of Python versions. (`6673 <https://github.com/pypa/pip/issues/6673>`_)
- Cache wheels that ``pip wheel`` built locally, matching what
``pip install`` does. This particularly helps performance in workflows where
``pip wheel`` is used for `building before installing
<https://pip.pypa.io/en/stable/user_guide/installing-from-local-packages>`_.
Users desiring the original behavior can use ``pip wheel --no-cache-dir``. (`6852 <https://github.com/pypa/pip/issues/6852>`_)
- Display CA information in ``pip debug``. (`7146 <https://github.com/pypa/pip/issues/7146>`_)
- Show only the filename (instead of full URL), when downloading from PyPI. (`7225 <https://github.com/pypa/pip/issues/7225>`_)
- Suggest a more robust command to upgrade pip itself to avoid confusion when the
current pip command is not available as ``pip``. (`7376 <https://github.com/pypa/pip/issues/7376>`_)
- Define all old pip console script entrypoints to prevent import issues in
stale wrapper scripts. (`7498 <https://github.com/pypa/pip/issues/7498>`_)
- The build step of ``pip wheel`` now builds all wheels to a cache first,
then copies them to the wheel directory all at once.
Before, it built them to a temporary direcory and moved
them to the wheel directory one by one. (`7517 <https://github.com/pypa/pip/issues/7517>`_)
- Expand ``~`` prefix to user directory in path options, configs, and
environment variables. Values that may be either URL or path are not
currently supported, to avoid ambiguity:

* ``--find-links``
* ``--constraint``, ``-c``
* ``--requirement``, ``-r``
* ``--editable``, ``-e`` (`980 <https://github.com/pypa/pip/issues/980>`_)

Bug Fixes
---------

- Correctly handle system site-packages, in virtual environments created with venv (PEP 405). (`5702 <https://github.com/pypa/pip/issues/5702>`_, `7155 <https://github.com/pypa/pip/issues/7155>`_)
- Fix case sensitive comparison of pip freeze when used with -r option. (`5716 <https://github.com/pypa/pip/issues/5716>`_)
- Enforce PEP 508 requirement format in ``pyproject.toml``
``build-system.requires``. (`6410 <https://github.com/pypa/pip/issues/6410>`_)
- Make ``ensure_dir()`` also ignore ``ENOTEMPTY`` as seen on Windows. (`6426 <https://github.com/pypa/pip/issues/6426>`_)
- Fix building packages which specify ``backend-path`` in pyproject.toml. (`6599 <https://github.com/pypa/pip/issues/6599>`_)
- Do not attempt to run ``setup.py clean`` after a ``pep517`` build error,
since a ``setup.py`` may not exist in that case. (`6642 <https://github.com/pypa/pip/issues/6642>`_)
- Fix passwords being visible in the index-url in
"Downloading <url>" message. (`6783 <https://github.com/pypa/pip/issues/6783>`_)
- Change method from shutil.remove to shutil.rmtree in noxfile.py. (`7191 <https://github.com/pypa/pip/issues/7191>`_)
- Skip running tests which require subversion, when svn isn't installed (`7193 <https://github.com/pypa/pip/issues/7193>`_)
- Fix not sending client certificates when using ``--trusted-host``. (`7207 <https://github.com/pypa/pip/issues/7207>`_)
- Make sure ``pip wheel`` never outputs pure python wheels with a
python implementation tag. Better fix/workaround for
`3025 <https://github.com/pypa/pip/issues/3025>`_ by
using a per-implementation wheel cache instead of caching pure python
wheels with an implementation tag in their name. (`7296 <https://github.com/pypa/pip/issues/7296>`_)
- Include ``subdirectory`` URL fragments in cache keys. (`7333 <https://github.com/pypa/pip/issues/7333>`_)
- Fix typo in warning message when any of ``--build-option``, ``--global-option``
and ``--install-option`` is used in requirements.txt (`7340 <https://github.com/pypa/pip/issues/7340>`_)
- Fix the logging of cached HTTP response shown as downloading. (`7393 <https://github.com/pypa/pip/issues/7393>`_)
- Effectively disable the wheel cache when it is not writable, as is the
case with the http cache. (`7488 <https://github.com/pypa/pip/issues/7488>`_)
- Correctly handle relative cache directory provided via --cache-dir. (`7541 <https://github.com/pypa/pip/issues/7541>`_)

Vendored Libraries
------------------

- Upgrade CacheControl to 0.12.5
- Upgrade certifi to 2019.9.11
- Upgrade colorama to 0.4.1
- Upgrade distlib to 0.2.9.post0
- Upgrade ipaddress to 1.0.22
- Update packaging to 20.0.
- Upgrade pkg_resources (via setuptools) to 44.0.0
- Upgrade pyparsing to 2.4.2
- Upgrade six to 1.12.0
- Upgrade urllib3 to 1.25.6

Improved Documentation
----------------------

- Document that "coding: utf-8" is supported in requirements.txt (`7182 <https://github.com/pypa/pip/issues/7182>`_)
- Explain how to get pip's source code in `Getting Started <https://pip.pypa.io/en/stable/development/getting-started/>`_ (`7197 <https://github.com/pypa/pip/issues/7197>`_)
- Describe how basic authentication credentials in URLs work. (`7201 <https://github.com/pypa/pip/issues/7201>`_)
- Add more clear installation instructions (`7222 <https://github.com/pypa/pip/issues/7222>`_)
- Fix documentation links for index options (`7347 <https://github.com/pypa/pip/issues/7347>`_)
- Better document the requirements file format (`7385 <https://github.com/pypa/pip/issues/7385>`_)

Links

• PyPI: https://pypi.org/project/pip
• Changelog: https://pyup.io/changelogs/pip/
• Homepage: https://pip.pypa.io/

Update virtualenv from 16.7.7 to 20.0.1.

Changelog

20.0.0b2

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Create the first iteration of the new documentation - by :user:`gaborbernat`. (`1465 <https://github.com/pypa/virtualenv/issues/1465>`_)
- Project readme is now of type MarkDown instead of reStructuredText - by :user:`gaborbernat`. (`1531 <https://github.com/pypa/virtualenv/issues/1531>`_)

20.0.0b1

----------------------

* First public release of the rewrite. Everything is brand new and just added.

.. warning::

The current virtualenv is the second iteration of implementation. From version ``0.8`` all the way to ``16.7.9``
we numbered the first iteration. Version ``20.0.0b1`` is a complete rewrite of the package, and as such this release
history starts from there.

Links

• PyPI: https://pypi.org/project/virtualenv
• Changelog: https://pyup.io/changelogs/virtualenv/
• Homepage: https://virtualenv.pypa.io/

Update django from 1.11.27 to 1.11.28.

Changelog

1.11.28

============================

*February 3, 2020*

Django 1.11.28 fixes a security issue in 1.11.27.

CVE-2020-7471: Potential SQL injection via ``StringAgg(delimiter)``
===================================================================

:class:`~django.contrib.postgres.aggregates.StringAgg` aggregation function was
subject to SQL injection, using a suitably crafted ``delimiter``.


============================

Links

• PyPI: https://pypi.org/project/django
• Changelog: https://pyup.io/changelogs/django/
• Homepage: https://www.djangoproject.com/

Update django-extensions from 2.2.5 to 2.2.8.

Changelog

2.2.8

-----

Changes:
- Locale: zh_Hans, removed as it generated UnicodeDecodeError errors (1478)

2.2.7

-----

Changes:
- Improvement: shell_plus, 865 always add manage.py basedir to path for notebook kernel
- Improvement: docs, add zh-Hans locale
- Improvement: runserver_plus, fix broken import for werkzeug v1.0.0
- Improvement: runserver_plus, 1461 fix always trying to load StaticFilesHandler
- Improvement: pipchecker, 1471 fix import of PipSession

2.2.6

-----

Changes:
- Improvement: travis, update pypy and pypy3 versions
- Improvement: shell_plus, ability to print location/traceback besides sql
- Improvement: runserver_plus, ability to print location/traceback besides sql
- Improvement: UniqueFieldMixin, Support Django 2.2 UniqueConstraint.condition
- Improvement: DEFAULT_MYSQL_ENGINES, add mysql.connector.django
- Improvement: shell_plus, allow setting SHELL_PLUS="notebook"
- Improvement: shell_plus, add -c/--command to shell_plus mirroring django's shell command
- Fix: shell_plus, fix postgresql debug wrapper on django 3.0 or higher
- Fix: runserver_plus, fix postgresql debug wrapper on django 3.0 or higher

Links

• PyPI: https://pypi.org/project/django-extensions
• Changelog: https://pyup.io/changelogs/django-extensions/
• Repo: http://github.com/django-extensions/django-extensions

Update djangorestframework from 3.10.3 to 3.11.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/djangorestframework
• Changelog: https://pyup.io/changelogs/djangorestframework/
• Homepage: https://www.django-rest-framework.org/

Update drf-flex-fields from 0.6.1 to 0.7.5.

Changelog

0.7.5

- Simplifies declaration of expandable_fields
- If using a tuple, the second element - to define the serializer settings - is now optional.
- Instead of a tuple, you can now just use the serializer class or a string to lazily reference that class.
- Updates documentation.

0.7.0

* Adds support for different ways of passing arrays in query strings. Thanks sentyaev!
* Fixes attribute error when map is supplied to split levels utility function. Thanks hemache!

Links

• PyPI: https://pypi.org/project/drf-flex-fields
• Changelog: https://pyup.io/changelogs/drf-flex-fields/
• Repo: https://github.com/rsinger86/drf-flex-fields

Update drf-extensions from 0.5.0 to 0.6.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/drf-extensions
• Changelog: https://pyup.io/changelogs/drf-extensions/
• Repo: http://github.com/chibisov/drf-extensions

Update pyyaml from 5.1.2 to 5.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pyyaml
• Repo: https://github.com/yaml/pyyaml

Update Pygments from 2.4.2 to 2.5.2.

Changelog

2.5.2

-------------
(released November 29, 2019)

- Fix incompatibility with some setuptools versions (PR1316)

- Fix lexing of ReST field lists (PR1279)
- Fix lexing of Matlab keywords as field names (PR1282)
- Recognize double-quoted strings in Matlab (PR1278)
- Avoid slow backtracking in Vim lexer (PR1312)
- Fix Scala highlighting of types (PR1315)
- Highlight field lists more consistently in ReST (PR1279)
- Fix highlighting Matlab keywords in field names (PR1282)
- Recognize Matlab double quoted strings (PR1278)
- Add some Terraform keywords
- Update Modelica lexer to 3.4
- Update Crystal examples

2.5.1

-------------
(released November 26, 2019)

- This release fixes a packaging issue. No functional changes.

2.5.0

-------------
(released November 26, 2019)

- Added lexers:

* Email (PR1246)
* Erlang, Elxir shells (PR823, 1521)
* Notmuch (PR1264)
* `Scdoc <https://git.sr.ht/~sircmpwn/scdoc>`_ (PR1268)
* `Solidity <https://solidity.readthedocs.io/>`_ (1214)
* `Zeek <https://www.zeek.org>`_ (new name for Bro) (PR1269)
* `Zig <https://ziglang.org/>`_ (PR820)

- Updated lexers:

* Apache2 Configuration (PR1251)
* Bash sessions (1253)
* CSound (PR1250)
* Dart
* Dockerfile
* Emacs Lisp
* Handlebars (PR773)
* Java (1101, 987)
* Logtalk (PR1261)
* Matlab (PR1271)
* Praat (PR1277)
* Python3 (PR1255)
* Ruby
* YAML (1528)
* Velocity

- Added styles:

* Inkpot (PR1276)

- The ``PythonLexer`` class is now an alias for the former ``Python3Lexer``.
The old ``PythonLexer`` is available as ``Python2Lexer``.  Same change has
been done for the ``PythonTracebackLexer``.  The ``python3`` option for
the ``PythonConsoleLexer`` is now true by default.

- Bump ``NasmLexer`` priority over ``TasmLexer`` for ``.asm`` files
(fixes 1326)
- Default font in the ``ImageFormatter`` has been updated (928, PR1245)
- Test suite switched to py.test, removed nose dependency (1490)
- Reduce ``TeraTerm`` lexer score -- it used to match nearly all languages
(1256)
- Treat ``Skylark``/``Starlark`` files as Python files (PR1259)
- Image formatter: actually respect ``line_number_separator`` option

- Add LICENSE file to wheel builds
- Agda: fix lambda highlighting
- Dart: support ` annotations
- Dockerfile: accept ``FROM ... AS`` syntax
- Emacs Lisp: add more string functions
- GAS: accept registers in directive arguments
- Java: make structural punctuation (braces, parens, colon, comma) ``Punctuation``, not ``Operator`` (987)
- Java: support ``var`` contextual keyword (1101)
- Matlab: Fix recognition of ``function`` keyword (PR1271)
- Python: recognize ``.jy`` filenames (976)
- Python: recognize ``f`` string prefix (1156)
- Ruby: support squiggly heredocs
- Shell sessions: recognize Virtualenv prompt (PR1266)
- Velocity: support silent reference syntax

Links

• PyPI: https://pypi.org/project/pygments
• Changelog: https://pyup.io/changelogs/pygments/
• Homepage: http://pygments.org/

Update django-allauth from 0.40.0 to 0.41.0.

Changelog

0.41.0

*******************

Security notice
---------------

- See `CVE-2019-19844
<https://www.djangoproject.com/weblog/2019/dec/18/security-releases/>`_.


Note worthy changes
-------------------

- New providers: Exist.io., YNAB, Amazon Cognito.

- You can now store OAuth credentials directly in your
``settings.SOCIALACCOUNT_PROVIDERS`` settings instead of storing them in the
database using a ``SocialApp`` record.


Backwards incompatible changes
------------------------------

- Dropped Python 2 and Django 1 compatibility.

Links

• PyPI: https://pypi.org/project/django-allauth
• Changelog: https://pyup.io/changelogs/django-allauth/
• Repo: http://github.com/pennersr/django-allauth

Update GitPython from 3.0.4 to 3.0.7.

Changelog

3.0.7

=================================================

* removes python 2 compatibility shims, making GitPython a pure Python 3 library
with all of the python related legacy removed.
* Have a look at the PR, it is a good read on the mistakes made in the course of this,
https://github.com/gitpython-developers/GitPython/pull/979 , please help the maintainers
if you can to prevent accidents like these in future.

see the following for details:
https://github.com/gitpython-developers/gitpython/milestone/33?closed=1

3.0.6

=================================================

There was an issue with my setup, so things managed to slip to pypi without a signature.

Use 3.0.7 instead.

3.0.5

=============================================

see the following for details:
https://github.com/gitpython-developers/gitpython/milestone/32?closed=1

Links

• PyPI: https://pypi.org/project/gitpython
• Changelog: https://pyup.io/changelogs/gitpython/
• Repo: https://github.com/gitpython-developers/GitPython
• Docs: https://pythonhosted.org/GitPython/

Update django-gravatar2 from 1.4.2 to 1.4.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-gravatar2
• Repo: https://github.com/twaddington/django-gravatar

Update mock from 3.0.5 to 4.0.1.

Changelog

4.0.1

-----

- Remove the universal marker from the wheel.

4.0.0

-----

- No Changes from 4.0.0b1.

4.0.0b1

-------

- The release is a fresh cut of cpython's `4a686504`__. All changes to :mod:`mock`
from that commit and before are included in this release along with the
subsequent changes listed below.

__ https://github.com/python/cpython/commit/4a686504eb2bbf69adf78077458508a7ba131667

- Issue 37972: Subscripts to the `unittest.mock.call` objects now receive
the same chaining mechanism as any other custom attributes, so that the
following usage no longer raises a `TypeError`:

call().foo().__getitem__('bar')

Patch by blhsing

- Issue 38839: Fix some unused functions in tests. Patch by Adam Johnson.

- Issue 39485: Fix a bug in :func:`unittest.mock.create_autospec` that
would complain about the wrong number of arguments for custom descriptors
defined in an extension module returning functions.

- Issue 39082: Allow AsyncMock to correctly patch static/class methods

- Issue 38093: Fixes AsyncMock so it doesn't crash when used with
AsyncContextManagers or AsyncIterators.

- Issue 38859: AsyncMock now returns StopAsyncIteration on the exaustion of
a side_effects iterable. Since PEP-479 its Impossible to raise a
StopIteration exception from a coroutine.

- Issue 38163: Child mocks will now detect their type as either synchronous
or asynchronous, asynchronous child mocks will be AsyncMocks and
synchronous child mocks will be either MagicMock or Mock (depending on
their parent type).

- Issue 38473: Use signature from inner mock for autospecced methods
attached with :func:`unittest.mock.attach_mock`. Patch by Karthikeyan
Singaravelan.

- Issue 38136: Changes AsyncMock call count and await count to be two
different counters. Now await count only counts when a coroutine has been
awaited, not when it has been called, and vice-versa. Update the
documentation around this.

- Issue 37555: Fix `NonCallableMock._call_matcher` returning tuple instead
of `_Call` object when `self._spec_signature` exists. Patch by Elizabeth
Uselton

- Issue 37251: Remove `__code__` check in AsyncMock that incorrectly
evaluated function specs as async objects but failed to evaluate classes
with `__await__` but no `__code__` attribute defined as async objects.

- Issue 38669: Raise :exc:`TypeError` when passing target as a string with
:meth:`unittest.mock.patch.object`.

- Issue 25597: Ensure, if ``wraps`` is supplied to
:class:`unittest.mock.MagicMock`, it is used to calculate return values
for the magic methods instead of using the default return values. Patch by
Karthikeyan Singaravelan.

- Issue 38108: Any synchronous magic methods on an AsyncMock now return a
MagicMock. Any asynchronous magic methods on a MagicMock now return an
AsyncMock.

- Issue 21478: Record calls to parent when autospecced object is attached
to a mock using :func:`unittest.mock.attach_mock`. Patch by Karthikeyan
Singaravelan.

- Issue 38857: AsyncMock fix for return values that are awaitable types.
This also covers side_effect iterable values that happend to be awaitable,
and wraps callables that return an awaitable type. Before these awaitables
were being awaited instead of being returned as is.

- Issue 38932: Mock fully resets child objects on reset_mock(). Patch by
Vegard Stikbakke

- Issue 37685: Fixed ``__eq__``, ``__lt__`` etc implementations in some
classes. They now return :data:`NotImplemented` for unsupported type of
the other operand. This allows the other operand to play role (for example
the equality comparison with :data:`~unittest.mock.ANY` will return
``True``).

- Issue 37212: :func:`unittest.mock.call` now preserves the order of
keyword arguments in repr output. Patch by Karthikeyan Singaravelan.

- Issue 37828: Fix default mock name in
:meth:`unittest.mock.Mock.assert_called` exceptions. Patch by Abraham
Toriz Cruz.

- Issue 36871: Improve error handling for the assert_has_calls and
assert_has_awaits methods of mocks. Fixed a bug where any errors
encountered while binding the expected calls to the mock's spec were
silently swallowed, leading to misleading error output.

- Issue 21600: Fix :func:`mock.patch.stopall` to stop active patches that
were created with :func:`mock.patch.dict`.

- Issue 38161: Removes _AwaitEvent from AsyncMock.

- Issue 36871: Ensure method signature is used instead of constructor
signature of a class while asserting mock object against method calls.
Patch by Karthikeyan Singaravelan.

Links

• PyPI: https://pypi.org/project/mock
• Changelog: https://pyup.io/changelogs/mock/
• Docs: http://mock.readthedocs.org/en/latest/

Update stripe from 2.38.0 to 2.42.0.

Changelog

2.42.0

* [640](https://github.com/stripe/stripe-python/pull/640) Add support for `CreditNoteLineItem`
* [639](https://github.com/stripe/stripe-python/pull/639) Pin black version
* [637](https://github.com/stripe/stripe-python/pull/637) Start testing Python 3.8

2.41.1

* [636](https://github.com/stripe/stripe-python/pull/636) Fix uploading files with Unicode names (Python 2.7)
* [635](https://github.com/stripe/stripe-python/pull/635) Update Python API docs inline link
* [631](https://github.com/stripe/stripe-python/pull/631) Update `proxy.py`

2.41.0

* [630](https://github.com/stripe/stripe-python/pull/630) Add support for `CreditNote` preview

2.40.0

* [627](https://github.com/stripe/stripe-python/pull/627) Add list_usage_record_summaries and list_source_transactions

2.39.0

* [625](https://github.com/stripe/stripe-python/pull/625) Add support for `Mandate`

Links

• PyPI: https://pypi.org/project/stripe
• Changelog: https://pyup.io/changelogs/stripe/
• Repo: https://github.com/stripe/stripe-python

Update regex from 2019.11.1 to 2020.1.8.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/regex
• Repo: https://bitbucket.org/mrabarnett/mrab-regex

Update django-formtools from 2.1 to 2.2.

Changelog

2.2

----------------

- Dropped testing for Django 1.8, 1.9, 1.10.

- Dropped support for Python 2.

- Added support for Django 2.1, 2.2, 3.0, and Python 3.7.

- Updated translations from Transifex.

Links

• PyPI: https://pypi.org/project/django-formtools
• Changelog: https://pyup.io/changelogs/django-formtools/
• Docs: https://django-formtools.readthedocs.io/en/latest/

Update django-crispy-forms from 1.8.0 to 1.8.1.

Changelog

1.8.1

* Fixing FileField UI bug introduced with 1.8.0
* Remove is-valid css class for radio (bug introduced with 1.8.0)
* Various alignment and margin fixes for Bootstrap 4 template pack
* Documentation : using read-the-docs template, documenting how to run test suite, documenting use_custom_control help attributes

See the [1.8.1 Milestone](https://github.com/django-crispy-forms/django-crispy-forms/milestone/8?closed=1) for the full change list.

Links

• PyPI: https://pypi.org/project/django-crispy-forms
• Changelog: https://pyup.io/changelogs/django-crispy-forms/
• Repo: https://github.com/django-crispy-forms/django-crispy-forms

Update docker from 4.1.0 to 4.2.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/docker
• Changelog: https://pyup.io/changelogs/docker/
• Repo: https://github.com/docker/docker-py

Update django-annoying from 0.10.5 to 0.10.6.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-annoying
• Changelog: https://pyup.io/changelogs/django-annoying/
• Repo: https://github.com/skorokithakis/django-annoying

Update django-taggit from 1.1.0 to 1.2.0.

Changelog

1.2.0

~~~~~~~~~~~~~~~~~~

* **Removed** support for end-of-life Django 2.0 and 2.1.
* Added support for Django 3.0.
* Added support for Python 3.8.
* Moved ``TaggedItemBase.tags_for()`` to ItemBase.
* Replaced reference to removed Django's ``.virtual_fields`` with
``.private_field``.
* Added ``TextareaTagWidget``.

Links

• PyPI: https://pypi.org/project/django-taggit
• Changelog: https://pyup.io/changelogs/django-taggit/
• Repo: https://github.com/jazzband/django-taggit

Update packaging from 19.2 to 20.1.

Changelog

20.1

~~~~~~~~~~~~~~~~~~~

No changes yet.

20.0

~~~~~~~~~~~~~~~~~

* Add type hints (:issue:`191`)

* Add proper trove classifiers for PyPy support (:issue:`198`)

* Scale back depending on ``ctypes`` for manylinux support detection (:issue:`171`)

* Use ``sys.implementation.name`` where appropriate for ``packaging.tags`` (:issue:`193`)

* Expand upon the API provded by ``packaging.tags``: ``interpreter_name()``, ``mac_platforms()``, ``compatible_tags()``, ``cpython_tags()``, ``generic_tags()`` (:issue:`187`)

* Officially support Python 3.8 (:issue:`232`)

* Add ``major``, ``minor``, and ``micro`` aliases to ``packaging.version.Version`` (:issue:`226`)

* Properly mark ``packaging`` has being fully typed by adding a `py.typed` file (:issue:`226`)

Links

• PyPI: https://pypi.org/project/packaging
• Changelog: https://pyup.io/changelogs/packaging/
• Repo: https://github.com/pypa/packaging

Update django-cors-middleware from 1.4.0 to 1.5.0.

Changelog

Links

• PyPI: https://pypi.org/project/django-cors-middleware
• Changelog: https://pyup.io/changelogs/django-cors-middleware/
• Repo: https://github.com/zestedesavoir/django-cors-middleware

Update user-agents from 2.0 to 2.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/user-agents
• Repo: https://github.com/selwin/python-user-agents

Update django-storages[azure] from 1.7.2 to 1.9.1.

Changelog

1.9.1

******************

S3
--

- Fix reading files with ``S3Boto3StorageFile`` (`831`_, `833`_)

.. _831: https://github.com/jschneier/django-storages/issues/831
.. _833: https://github.com/jschneier/django-storages/pull/833

1.9

****************

General
-------

- **Breaking**: The long deprecated S3 backend based on ``boto`` has been removed. (`825`_)
- Test against and support Python 3.8 (`810`_)

S3
--

- **Deprecated**: Automatic bucket creation will be removed in version 1.10 (`826`_)
- **Deprecated**: The undocumented ``AWS_PRELOAD_METADATA`` and associated functionality will
be removed in version 1.10 (`829`_)
- **Deprecated**: Support for ``AWS_REDUCED_REDUNDANCY`` will be removed in version 1.10
Replace with ``StorageClass=REDUCED_REDUNDANCY`` in ``AWS_S3_OBJECT_PARAMETERS`` (`829`_)
- **Deprecated**: Support for ``AWS_S3_ENCRYPTION`` will be removed in version 1.10 (`829`_)
Replace with ``ServerSideEncryption=AES256`` in ``AWS_S3_OBJECT_PARAMETERS``
- A custom ``ContentEncoding`` is no longer overwritten automatically (note that specifying
one will disable automatic ``gzip``) (`391`_, `828`_).
- Add ``S3Boto3Storage.get_object_parameters``, an overridable method for customizing
upload parameters on a per-object basis (`819`_, `828`_)
- Opening and closing a file in `w` mode without writing anything will now create an empty file
in S3, this mimics the builtin ``open`` and Django's own ``FileSystemStorage`` (`435`_, `816`_)
- Fix reading a file in text mode (`404`_, `827`_)

Google Cloud
------------

- **Deprecated**: Automatic bucket creation will be removed in version 1.10 (`826`_)

Dropbox
-------

- Fix crash on ``DropBoxStorage.listdir`` (`762`_)
- Settings can now additionally be specified at the class level to ease subclassing (`745`_)

Libcloud
--------

- Add support for Backblaze B2 to ``LibCloudStorage.url`` (`807`_)

FTP
---

- Fix creating multiple intermediary directories on Windows (`823`_, `824`_)

.. _825: https://github.com/jschneier/django-storages/pull/825
.. _826: https://github.com/jschneier/django-storages/pull/826
.. _829: https://github.com/jschneier/django-storages/pull/829
.. _391: https://github.com/jschneier/django-storages/issues/391
.. _828: https://github.com/jschneier/django-storages/pull/828
.. _819: https://github.com/jschneier/django-storages/issues/819
.. _810: https://github.com/jschneier/django-storages/pull/810
.. _435: https://github.com/jschneier/django-storages/issues/435
.. _816: https://github.com/jschneier/django-storages/pull/816
.. _404: https://github.com/jschneier/django-storages/issues/404
.. _827: https://github.com/jschneier/django-storages/pull/827
.. _762: https://github.com/jschneier/django-storages/pull/762
.. _745: https://github.com/jschneier/django-storages/pull/745
.. _807: https://github.com/jschneier/django-storages/pull/807
.. _823: https://github.com/jschneier/django-storages/issues/823
.. _824: https://github.com/jschneier/django-storages/pull/824

1.8

****************

General
-------
- Add support for Django 3.0 (`759`_)
- Update license identifier to unambiguous ``BSD-3-Clause``

S3
--

- Include error message raised when missing library is imported (`776`_, `793`_)

Google
------

- **Breaking** The minimum supported version of ``google-cloud-storage`` is now ``1.15.0`` which enables...
- Add setting ``GS_CUSTOM_ENDPOINT`` to allow usage of custom domains (`775`_, `648`_)

Azure
-----

- Fix extra installation by pinning version to < 12 (`785`_)
- Add support for setting ``AZURE_CACHE_CONTROL`` header (`780`_, `674`_)

.. _759: https://github.com/jschneier/django-storages/pull/759
.. _776: https://github.com/jschneier/django-storages/issues/776
.. _793: https://github.com/jschneier/django-storages/pull/793
.. _775: https://github.com/jschneier/django-storages/issues/775
.. _648: https://github.com/jschneier/django-storages/pull/648
.. _785: https://github.com/jschneier/django-storages/pull/785
.. _780: https://github.com/jschneier/django-storages/pull/780
.. _674: https://github.com/jschneier/django-storages/issues/674

Links

• PyPI: https://pypi.org/project/django-storages
• Changelog: https://pyup.io/changelogs/django-storages/
• Repo: https://github.com/jschneier/django-storages

Update azure-storage-blob from 1.5.0 to 12.1.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/azure-storage-blob
• Repo: https://github.com/Azure/azure-sdk-for-python/tree/master/sdk/storage/azure-storage-blob

Update azure-storage-common from 1.4.2 to 2.1.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/azure-storage-common
• Repo: https://github.com/Azure/azure-storage-python

Update django-debug-toolbar from 2.0 to 2.2.

Changelog

2.2

----------------

* Removed support for end of life Django 2.0 and 2.1.
* Added support for Python 3.8.
* Add locals() option for sql panel.
* Added support for Django 3.0

2.1

----------------

* Changed the Travis CI matrix to run style checks first.
* Exposed the ``djdt.init`` function too.
* Small improvements to the code to take advantage of newer Django APIs
and avoid warnings because of deprecated code.
* Verified compatibility with the upcoming Django 3.0 (at the time of
writing).

Links

• PyPI: https://pypi.org/project/django-debug-toolbar
• Changelog: https://pyup.io/changelogs/django-debug-toolbar/
• Repo: https://github.com/jazzband/django-debug-toolbar

Update gunicorn from 19.9.0 to 20.0.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/gunicorn
• Changelog: https://pyup.io/changelogs/gunicorn/
• Homepage: http://gunicorn.org

Update pillow from 6.2.1 to 7.0.0.

Changelog

7.0.0

------------------

- Drop support for EOL Python 2.7 4109
[hugovk, radarhere, jdufresne]

- Fix rounding error on RGB to L conversion 4320
[homm]

- Exif writing fixes: Rational boundaries and signed/unsigned types 3980
[kkopachev, radarhere]

- Allow loading of WMF images at a given DPI 4311
[radarhere]

- Added reduce operation 4251
[homm]

- Raise ValueError for io.StringIO in Image.open 4302
[radarhere, hugovk]

- Fix thumbnail geometry when DCT scaling is used 4231
[homm, radarhere]

- Use default DPI when exif provides invalid x_resolution 4147
[beipang2, radarhere]

- Change default resize resampling filter from NEAREST to BICUBIC 4255
[homm]

- Fixed black lines on upscaled images with the BOX filter 4278
[homm]

- Better thumbnail aspect ratio preservation 4256
[homm]

- Add La mode packing and unpacking 4248
[homm]

- Include tests in coverage reports 4173
[hugovk]

- Handle broken Photoshop data 4239
[radarhere]

- Raise a specific exception if no data is found for an MPO frame 4240
[radarhere]

- Fix Unicode support for PyPy 4145
[nulano]

- Added UnidentifiedImageError 4182
[radarhere, hugovk]

- Remove deprecated __version__ from plugins 4197
[hugovk, radarhere]

- Fixed freeing unallocated pointer when resizing with height too large 4116
[radarhere]

- Copy info in Image.transform 4128
[radarhere]

- Corrected DdsImagePlugin setting info gamma 4171
[radarhere]

- Depends: Update libtiff to 4.1.0 4195, Tk Tcl to 8.6.10 4229, libimagequant to 2.12.6 4318
[radarhere]

- Improve handling of file resources 3577
[jdufresne]

- Removed CI testing of Fedora 29 4165
[hugovk]

- Added pypy3 to tox envlist 4137
[jdufresne]

- Drop support for EOL PyQt4 and PySide 4108
[hugovk, radarhere]

- Removed deprecated setting of TIFF image sizes 4114
[radarhere]

- Removed deprecated PILLOW_VERSION 4107
[hugovk]

- Changed default frombuffer raw decoder args 1730
[radarhere]

6.2.2

------------------

- This is the last Pillow release to support Python 2.7 3642

- Overflow checks for realloc for tiff decoding. CVE TBD
[wiredfool, radarhere]

- Catch SGI buffer overrun. CVE TBD
[radarhere]

- Catch PCX P mode buffer overrun. CVE TBD
[radarhere]

- Catch FLI buffer overrun. CVE TBD
[radarhere]

- Raise an error for an invalid number of bands in FPX image. CVE-2019-19911
[wiredfool, radarhere]

Links

• PyPI: https://pypi.org/project/pillow
• Changelog: https://pyup.io/changelogs/pillow/
• Homepage: https://python-pillow.org

Update psycopg2-binary from 2.8.3 to 2.8.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/psycopg2-binary
• Homepage: http://initd.org/psycopg/

Update watchdog from 0.9.0 to 0.10.2.

Changelog

0.10.2

~~~~~~

2020-02-08 • `full history <https://github.com/gorakhargosh/watchdog/compare/v0.10.1...v0.10.2>`__

- Fixed the ``build_ext`` command on macOS Catalina (`628 <https://github.com/gorakhargosh/watchdog/pull/628>`__)
- Fixed the installation of macOS requirements on non-macOS OSes (`635 <https://github.com/gorakhargosh/watchdog/pull/635>`__)
- Refactored ``dispatch()`` method of ``FileSystemEventHandler``,
``PatternMatchingEventHandler`` and ``RegexMatchingEventHandler``
- [bsd] Improved tests support on non Windows/Linux platforms (`633 <https://github.com/gorakhargosh/watchdog/pull/633>`__, `639 <https://github.com/gorakhargosh/watchdog/pull/639>`__)
- [bsd] Added FreeBSD CI support (`532 <https://github.com/gorakhargosh/watchdog/pull/532>`__)
- [bsd] Restored full support (`638 <https://github.com/gorakhargosh/watchdog/pull/638>`__, `641 <https://github.com/gorakhargosh/watchdog/pull/641>`__)
- Thanks to our beloved contributors: BoboTiG, evilham, danilobellini

0.10.1

~~~~~~

2020-01-30 • `full history <https://github.com/gorakhargosh/watchdog/compare/v0.10.0...v0.10.1>`__

- Fixed Python 2.7 to 3.6 installation when the OS locale is set to POSIX (`615 <https://github.com/gorakhargosh/watchdog/pull/615>`__)
- Fixed the ``build_ext`` command on macOS  (`618 <https://github.com/gorakhargosh/watchdog/pull/618>`__, `620 <https://github.com/gorakhargosh/watchdog/pull/620>`_)
- Moved requirements to ``setup.cfg``  (`617 <https://github.com/gorakhargosh/watchdog/pull/617>`__)
- [mac] Removed old C code for Python 2.5 in the `fsevents` C implementation
- [snapshot] Added ``EmptyDirectorySnapshot`` (`613 <https://github.com/gorakhargosh/watchdog/pull/613>`__)
- Thanks to our beloved contributors: Ajordat, tehkirill, BoboTiG

0.10.0

~~~~~~

2020-01-26 • `full history <https://github.com/gorakhargosh/watchdog/compare/v0.9.0...v0.10.0>`__

**Breaking Changes**

- Dropped support for Python 2.6, 3.2 and 3.3
- Emitters that failed to start are now removed
- [snapshot] Removed the deprecated ``walker_callback`` argument,
use ``stat`` instead
- [watchmedo] The utility is no more installed by default but via the extra
``watchdog[watchmedo]``

**Other Changes**

- Fixed several Python 3 warnings
- Identify synthesized events with ``is_synthetic`` attribute (`369 <https://github.com/gorakhargosh/watchdog/pull/369>`__)
- Use ``os.scandir()`` to improve memory usage (`503 <https://github.com/gorakhargosh/watchdog/pull/503>`__)
- [bsd] Fixed flavors of FreeBSD detection (`529 <https://github.com/gorakhargosh/watchdog/pull/529>`__)
- [bsd] Skip unprocessable socket files (`509 <https://github.com/gorakhargosh/watchdog/issue/509>`__)
- [inotify] Fixed events containing non-ASCII characters (`516 <https://github.com/gorakhargosh/watchdog/issues/516>`__)
- [inotify] Fixed the way ``OSError`` are re-raised (`377 <https://github.com/gorakhargosh/watchdog/issues/377>`__)
- [inotify] Fixed wrong source path after renaming a top level folder (`515 <https://github.com/gorakhargosh/watchdog/pull/515>`__)
- [inotify] Removed  delay from non-move events (`477 <https://github.com/gorakhargosh/watchdog/pull/477>`__)
- [mac] Fixed a bug when calling ``FSEventsEmitter.stop()`` twice (`466 <https://github.com/gorakhargosh/watchdog/pull/466>`__)
- [mac] Support for unscheduling deleted watch (`541 <https://github.com/gorakhargosh/watchdog/issue/541>`__)
- [mac] Fixed missing field initializers and unused parameters in
``watchdog_fsevents.c``
- [snapshot] Don't walk directories without read permissions (`408 <https://github.com/gorakhargosh/watchdog/pull/408>`__)
- [snapshot] Fixed a race condition crash when a directory is swapped for a file (`513 <https://github.com/gorakhargosh/watchdog/pull/513>`__)
- [snasphot] Fixed an ``AttributeError`` about forgotten ``path_for_inode`` attr (`436 <https://github.com/gorakhargosh/watchdog/issues/436>`__)
- [snasphot] Added the ``ignore_device=False`` parameter to the ctor (`597 <https://github.com/gorakhargosh/watchdog/pull/597>`__)
- [watchmedo] Fixed the path separator used (`478 <https://github.com/gorakhargosh/watchdog/pull/478>`__)
- [watchmedo] Fixed the use of ``yaml.load()`` for ``yaml.safe_load()`` (`453 <https://github.com/gorakhargosh/watchdog/issues/453>`__)
- [watchmedo] Handle all available signals (`549 <https://github.com/gorakhargosh/watchdog/issue/549>`__)
- [watchmedo] Added the ``--debug-force-polling`` argument (`404 <https://github.com/gorakhargosh/watchdog/pull/404>`__)
- [windows] Fixed issues when the observed directory is deleted (`570 <https://github.com/gorakhargosh/watchdog/issues/570>`__ and `601 <https://github.com/gorakhargosh/watchdog/pull/601>`__)
- [windows] ``WindowsApiEmitter`` made easier to subclass (`344 <https://github.com/gorakhargosh/watchdog/pull/344>`__)
- [windows] Use separate ctypes DLL instances
- [windows] Generate sub created events only if ``recursive=True`` (`454 <https://github.com/gorakhargosh/watchdog/pull/454>`__)
- Thanks to our beloved contributors: BoboTiG, LKleinNux, rrzaripov,
wildmichael, TauPan, segevfiner, petrblahos, QuantumEnergyE,
jeffwidman, kapsh, nickoala, petrblahos, julianolf, tonybaloney,
mbakiev, pR0Ps, javaguirre, skurfer, exarkun, joshuaskelly,
danilobellini, Ajordat

Links

• PyPI: https://pypi.org/project/watchdog
• Changelog: https://pyup.io/changelogs/watchdog/
• Repo: http://github.com/gorakhargosh/watchdog
• Docs: https://pythonhosted.org/watchdog/

Update ipdb from 0.12.2 to 0.12.3.

Changelog

0.12.3

-------------------

- Fix version in usage
[gotcha]

Links

• PyPI: https://pypi.org/project/ipdb
• Changelog: https://pyup.io/changelogs/ipdb/
• Repo: https://github.com/gotcha/ipdb

Update tox from 3.14.1 to 3.14.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/tox
• Docs: http://tox.readthedocs.org

Update Markdown from 3.1.1 to 3.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/markdown
• Repo: https://Python-Markdown.github.io/

Update django-dynamic-fixture from 2.0.0 to 3.0.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-dynamic-fixture
• Repo: https://github.com/paulocheque/django-dynamic-fixture

Update pytest from 5.2.2 to 5.3.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pytest
• Homepage: https://docs.pytest.org/en/latest/

Update pytest-django from 3.6.0 to 3.8.0.

Changelog

3.8.0

------------------

Improvements
^^^^^^^^^^^^

* Make Django's assertion helpers available in pytest_django.asserts (709).

* Report django-configurations setting (791)

3.7.0

------------------

Bugfixes
^^^^^^^^

* Monkeypatch pytest to not use ``TestCase.debug`` with unittests, instead
of patching it into Django (782).

* Work around pytest crashing due to ``pytest.fail`` being used from within the
DB blocker, and pytest trying to display an object representation involving
DB access (781).  pytest-django uses a ``RuntimeError`` now instead.

Links

• PyPI: https://pypi.org/project/pytest-django
• Changelog: https://pyup.io/changelogs/pytest-django/
• Docs: https://pytest-django.readthedocs.io/

Update pytest-xdist from 1.30.0 to 1.31.0.

Changelog

1.31.0

================================

Features
--------

- `486 <https://github.com/pytest-dev/pytest-xdist/issues/486>`_: Add support for Python 3.8.


Bug Fixes
---------

- `491 <https://github.com/pytest-dev/pytest-xdist/issues/491>`_: Fix regression that caused custom plugin command-line arguments to be discarded when using ``--tx`` mode.

Links

• PyPI: https://pypi.org/project/pytest-xdist
• Changelog: https://pyup.io/changelogs/pytest-xdist/
• Repo: https://github.com/pytest-dev/pytest-xdist

Update pytest-mock from 1.11.2 to 2.0.0.

Changelog

2.0.0

------------------

Breaking Changes
++++++++++++++++

* ``mocker.spy`` attributes for tracking returned values and raised exceptions of its spied functions
are now called ``spy_return`` and ``spy_exception``, instead of reusing the existing
``MagicMock`` attributes ``return_value`` and ``side_effect``.

Version ``1.13`` introduced a serious regression: after a spied function using ``mocker.spy``
raises an exception, further calls to the spy will not call the spied function,
always raising the first exception instead: assigning to ``side_effect`` causes
``unittest.mock`` to behave this way (`175`_).

* The deprecated ``mock`` alias to the ``mocker`` fixture has finally been removed.

.. _175: https://github.com/pytest-dev/pytest-mock/issues/175

1.13.0

-------------------

* The object returned by ``mocker.spy`` now also tracks any side effect
of the spied method/function.

1.12.1

-------------------

* Fix error if ``mocker.patch`` is used in code where the source file
is not available, for example stale ``.pyc`` files (`169`_).

.. _169: https://github.com/pytest-dev/pytest-mock/issues/169issuecomment-555729265

1.12.0

-------------------

* Now all patch functions also raise a ``ValueError`` when used
as a context-manager. Thanks `AlexGascon`_ for the PR (`168`_).

.. _AlexGascon: https://github.com/AlexGascon
.. _168: https://github.com/pytest-dev/pytest-mock/pull/168

Links

• PyPI: https://pypi.org/project/pytest-mock
• Changelog: https://pyup.io/changelogs/pytest-mock/
• Repo: https://github.com/pytest-dev/pytest-mock/

[stsewd]

Nothing breaking

fix binding a socket using the file descriptor
remove support for the bdist_rpm build

[stsewd]

I think we shouldn't update the azure stuff in this PR

[stsewd]

Mayor change is dropping python2
https://github.com/python-pillow/Pillow/blob/master/CHANGES.rst#700-2020-01-02

[stsewd]

Last version to support django 1.11

[stsewd]

we should drop this dep and change all our imports to from unitetest import mock

[stsewd]

#6665

[stsewd]

nothing breaking https://github.com/jazzband/django-formtools/blob/master/docs/changelog.rst#22-2019-12-05

[stsewd]

there are some changes with s3, but I don't think those are a problem (mostly deprecations) https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst

[stsewd]

Not sure about updating this

Looks like these are handled in django-storage now jschneier/django-storages#785

Also, see https://github.com/readthedocs/readthedocs-ext/commit/eeb6e738a1f494a530b3686274cf94864f2142e3
and jschneier/django-storages#784

[stsewd]

Opened #6666 to keep track of some deps I downgraded here.

[ericholscher]

This is a lot of version updates. I'm not convinced this is actually a good practice, and seems likely to just introduce more bugs than it fixes :/ We should definitely upgrade gitpython though.

[ericholscher]

Do we still need this when we're running all the commands in Docker now?

[stsewd]

We still need it, we use it to parse tags and branches (this happens outside the container)

[ericholscher]

This is scary -- I'd want to test it more.

[stsewd]

There is nothing breaking in the changelog https://docker-py.readthedocs.io/en/stable/change-log.html

[ericholscher]

Changelogs can't possible know what might break with our particular setup. We've broken lots of things before because of upgrades.