Bump the python group with 8 updates #471

dependabot · 2024-11-01T07:09:01Z

Bumps the python group with 8 updates:

Package	From	To
coverage	`7.6.2`	`7.6.4`
django-cors-headers	`4.4.0`	`4.6.0`
pillow	`10.4.0`	`11.0.0`
psycopg2-binary	`2.9.9`	`2.9.10`
redis	`5.1.1`	`5.2.0`
tqdm	`4.66.5`	`4.66.6`
whitenoise	`6.7.0`	`6.8.2`
django-auth-ldap	`4.8.0`	`5.1.0`

Updates coverage from 7.6.2 to 7.6.4

Changelog

Sourced from coverage's changelog.

Version 7.6.4 — 2024-10-20

fix: multi-line with statements could cause contained branches to be incorrectly marked as missing (issue 1880_). This is now fixed.

.. _issue 1880: nedbat/coveragepy#1880

.. _changes_7-6-3:

Version 7.6.3 — 2024-10-13

Fix: nested context managers could incorrectly be analyzed to flag a missing branch on the last context manager, as described in issue 1876_. This is now fixed.

Fix: the missing branch message about not exiting a module had an extra "didn't," as described in issue 1873_. This is now fixed.

.. _issue 1873: nedbat/coveragepy#1873 .. _issue 1876: nedbat/coveragepy#1876

.. _changes_7-6-2:

Commits

f24f76b docs: sample HTML for 7.6.4
96e10f7 docs: prep for 7.6.4
b8c236a fix: multi-line with-statements exit correctly. #1880
64b7a45 docs: another discord reference
68d7427 docs: Python Discord
43adcea build: include 3.14 in the usual Pythons
fb2b49f build: github_releases can update older releases, and pauses to get the sorti...
ca550ca 3.0b2 wasn't correctly titled
debcc77 build: bump version
342a4cb docs: sample HTML for 7.6.3
Additional commits viewable in compare view

Updates django-cors-headers from 4.4.0 to 4.6.0

Changelog

Sourced from django-cors-headers's changelog.

4.6.0 (2024-10-29)

Drop Django 3.2 to 4.1 support.

4.5.0 (2024-10-12)

Drop Python 3.8 support.

Support Python 3.13.

Commits

fd8e9af Version 4.6.0
a3479b1 Drop Django 3.2 to 4.1 support (#978)
6f5222d Version 4.5.0
96ef5d7 Drop Python 3.8 support (#977)
6a0d30d Add automated release process (#976)
e816d10 [pre-commit.ci] pre-commit autoupdate (#975)
132f381 Bump astral-sh/setup-uv from 1 to 3 in the github-actions group (#974)
3194a6d Support Python 3.13 (#972)
1cba108 Upgrade requirements (#971)
a56c753 Use uv on GitHub Actions (#970)
Additional commits viewable in compare view

Updates pillow from 10.4.0 to 11.0.0

Release notes

Sourced from pillow's releases.

11.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/11.0.0.html

Changes

Do not create core image in TIFF seek() #8392 [@radarhere]

Removed custom build_openjpeg #8365 [@radarhere]

Support writing LONG8 offsets in AppendingTiffWriter #8417 [@radarhere]

Use ImageFile.MAXBLOCK when saving TIFF images #8461 [@radarhere]

Always raise warnings for deprecated feature checks #8459 [@radarhere]

Do not close provided file handles with libtiff when saving #8458 [@radarhere]

Revert "Skip QEMU-emulated wheels on workflow dispatch event" #8455 [@radarhere]

Support ImageFilter.BuiltinFilter for I;16* images #8438 [@radarhere]

[pre-commit.ci] pre-commit autoupdate #8448 [@pre-commit-ci]

Use ImagingCore.ptr instead of ImagingCore.id #8341 [@homm]

Simplified code #8445 [@radarhere]

Removed unused code #8447 [@radarhere]

Updated EPS mode when opening images without transparency #8281 [@Yay295]

Use transparency when combining P frames from APNGs #8443 [@radarhere]

Generate and upload attestations to PyPI #8441 [@hugovk]

Do not convert images unnecessarily in ImageEnhance #8431 [@radarhere]

Raise an error if path is compacted during mapping #8416 [@radarhere]

Support all resampling filters when resizing I;16* images #8422 [@radarhere]

Free memory on early return #8413 [@radarhere]

Cast int before potentially exceeding INT_MAX #8402 [@radarhere]

Prevent division by zero #8408 [@radarhere]

Check image value before use #8400 [@radarhere]

Use ruff check #8423 [@radarhere]

Change harfbuzz versions in wheels #8421 [@radarhere]

Use Capsule for WebP saving #8386 [@homm]

Fixed writing multiple StripOffsets to TIFF #8317 [@Yay295]

Updated macOS deployment target for PyPy on Intel to 10.15 #8414 [@radarhere]

Fix dereference before checking for NULL in ImagingTransformAffine #8398 [@PavlNekrasov]

Use transposed size after opening for TIFF images #8390 [@radarhere]

Improve ImageFont error messages #8338 [@yngvem]

Mention MAX_TEXT_CHUNK limit in PNG error message #8391 [@radarhere]

Cast Dib handle to int #8385 [@radarhere]

Updated macOS deployment target for Python >= 3.12 on Intel to 10.13 #8379 [@radarhere]

Removed unused ImagePath variable #8377 [@radarhere]

Change macos-14 to macos-latest #8376 [@radarhere]

Accept float stroke widths #8369 [@radarhere]

Remove comments #8370 [@radarhere]

Removed libffi-dev #8368 [@radarhere]

Improved handling of RGBA palettes when saving GIF images #8366 [@radarhere]

Support converting more modes to LAB by converting to RGBA first #8358 [@radarhere]

Optimize getbbox() and getextrema() routines #8194 [@homm]

Removed unused TiffImagePlugin IFD_LEGACY_API #8355 [@radarhere]

Handle duplicate EXIF header #8350 [@zakajd]

Use (void) for empty function parameters #8002 [@Yay295]

Return early from BoxBlur if either width or height is zero #8347 [@radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

11.0.0 (2024-10-15)

Update licence to MIT-CMU #8460 [hugovk]

Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

Do not close provided file handles with libtiff when saving #8458 [radarhere]

Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

Use transparency when combining P frames from APNGs #8443 [radarhere]

Support all resampling filters when resizing I;16* images #8422 [radarhere]

Free memory on early return #8413 [radarhere]

Cast int before potentially exceeding INT_MAX #8402 [radarhere]

Check image value before use #8400 [radarhere]

Improved copying imagequant libraries #8420 [radarhere]

Use Capsule for WebP saving #8386 [homm, radarhere]

Fixed writing multiple StripOffsets to TIFF #8317 [Yay295, radarhere]

... (truncated)

Commits

204aae6 11.0.0 version bump
f2cc87b Update CHANGES.rst [ci skip]
c855e8e Merge pull request #8464 from radarhere/imagemath_type_hint
dc37515 Merge pull request #8463 from hugovk/update-3.13-date
c3d81d6 Update Python 3.13 release date
a60610c Added type hints
a5c58f2 Merge pull request #8460 from hugovk/mit-cmu
e74994e Update licence to MIT-CMU
b5e1115 Update CHANGES.rst [ci skip]
686b5e2 Merge pull request #8392 from radarhere/tiff_seek
Additional commits viewable in compare view

Updates psycopg2-binary from 2.9.9 to 2.9.10

Changelog

Sourced from psycopg2-binary's changelog.

Current release

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add support for Python 3.13.

Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).

~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.

Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add support for Python 3.12.

Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).

Fix building when pg_config returns an empty string (:ticket:[#1599](https://github.com/psycopg/psycopg2/issues/1599)).

Wheel package bundled with OpenSSL 1.1.1v.

What's new in psycopg 2.9.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Package manylinux 2014 for aarch64 and ppc64le platforms, in order to include libpq 15 in the binary package (:ticket:[#1396](https://github.com/psycopg/psycopg2/issues/1396)).

Wheel package bundled with OpenSSL 1.1.1t.

What's new in psycopg 2.9.5 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add support for Python 3.11.

Add support for rowcount in MERGE statements in binary packages (:ticket:[#1497](https://github.com/psycopg/psycopg2/issues/1497)).

... (truncated)

Commits

See full diff in compare view

Updates redis from 5.1.1 to 5.2.0

Release notes

Sourced from redis's releases.

5.2.0

Changes

🚀 New Features

Extend AggregateRequest with scorer argument (#3409)

🧰 Maintenance

Pin pytest-profiling version due to the bug (#3417)

Contributors

We'd like to thank all the contributors who worked on this release!

@uglide @rbs333 @vladvildanov @dwdougherty

Commits

166ae7b Updated package version (#3418)
00f5be4 adds scorer to AggregateRequest (#3409)
4c4d4af Pin pytest-profiling (#3417)
d6ddb0d DOC-4199: add TCEs to the combined query page (#3380)
17db62e DOC-4200: add TCEs to the aggregation query page (#3381)
700045c Backport 5.1 changes into master (#3406)
See full diff in compare view

Updates tqdm from 4.66.5 to 4.66.6

Release notes

Sourced from tqdm's releases.

tqdm v4.66.6 stable

cli: zip-safe --manpath, --comppath (#1627)

misc framework updates (#1627)

fix pytest DeprecationWarning

fix snapcraft build

fix nbval DeprecationWarning

update & tidy workflows

bump pre-commit

docs: update URLs

Commits

5b84012 bump version, merge pull request #1627 from tqdm/devel
0a439b5 tests: fix nbval DeprecationWarning
47b9227 snap: fix build
a365e16 use test more
eed9be2 fix pytest deprecation warning
2575c15 cli: zip-safe --manpath, --comppath
3bf4c97 bump pre-commit
f8330bc update & tidy workflows
729db6c docs: update URLs
See full diff in compare view

Updates whitenoise from 6.7.0 to 6.8.2

Changelog

Sourced from whitenoise's changelog.

6.8.2 (2024-10-29)

Fix compression speed gains for the thread pool when running Django’s collectstatic. The thread pool had no effect due to use of a generator for the results, a refactoring introduced when reviewing the initial PR.

Thanks to Petr Přikryl for the investigation and fix in PR [#616](https://github.com/evansd/whitenoise/issues/616) <https://github.com/evansd/whitenoise/pull/616>__.

6.8.1 (2024-10-28)

Raise any errors from threads in the whitenoise.compress command.

Regression in 6.8.0. Thanks to Tom Grainger for the spotting this with a comment on PR [#484](https://github.com/evansd/whitenoise/issues/484) <https://github.com/evansd/whitenoise/pull/484#discussion_r1818989096>__.

6.8.0 (2024-10-28)

Drop Django 3.2 to 4.1 support.

Drop Python 3.8 support.

Support Python 3.13.

Fix a bug introduced in version 6.0.0 where Range requests could lead to database connection errors in other requests.

Thanks to Per Myren for the detailed investigation and fix in PR [#612](https://github.com/evansd/whitenoise/issues/612) <https://github.com/evansd/whitenoise/pull/612>__.

Use Django’s |FORCE_SCRIPT_NAME|__ setting correctly. This reverts a change from version 5.3.0 that added a call to Django’s |get_script_prefix() method|__ outside of the request-response cycle.

.. |FORCE_SCRIPT_NAME| replace:: FORCE_SCRIPT_NAME __ https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-FORCE_SCRIPT_NAME

.. |get_script_prefix() method| replace:: get_script_prefix() method __ https://docs.djangoproject.com/en/stable/ref/urlresolvers/#django.urls.get_script_prefix

Thanks to Sarah Boyce in PR [#486](https://github.com/evansd/whitenoise/issues/486) <https://github.com/evansd/whitenoise/pull/486>__.

Compress files using a thread pool. This speeds up the compression step up to four times in benchmarks.

Thanks to Anthony Ricaud in PR [#484](https://github.com/evansd/whitenoise/issues/484) <https://github.com/evansd/whitenoise/pull/484>__.

Commits

2f75ac8 Version 6.8.2
61853c7 Fix compression speed gains (#616)
bfc5dae Version 6.8.1
6bbec0f Raise errors from threads in whitenoise.compress (#615)
0b054e5 Version 6.8.0
54c464a Upgrade and clarify Django quickstart docs (#548)
d5caf8d Compress each file in a ThreadPool (#484)
9494ff3 Use settings.FORCE_SCRIPT_NAME correctly (#486)
c42e93c Make sure SlicedFile is closed properly (#612)
f8dff50 Drop Django 3.2 to 4.1 support (#614)
Additional commits viewable in compare view

Updates django-auth-ldap from 4.8.0 to 5.1.0

Release notes

Sourced from django-auth-ldap's releases.

5.1.0

What's Changed

Allow importing the backend without loading apps by @francoisfreitag in django-auth-ldap/django-auth-ldap#382 (Closes #380)

Drop support for EOL Python 3.8 by @francoisfreitag in django-auth-ldap/django-auth-ldap#383

Full Changelog: django-auth-ldap/django-auth-ldap@5.0.0...5.1.0

5.0.0

Breaking changes

An LDAPError during an LDAP search operation would cause the library to assume an empty result set. When mirroring groups, only a portion of a user groups would be mirrored. Allowing them to proceed with authentication may then break application access controls, as membership to a group (imagine an exclude group) would be missing.

The library now systematically sends the ldap_error django signal. If an LDAPError occurs during an operation, the operation is aborted. In particular, when mirroring groups (LDAPUser._mirror_groups), an AuthenticationFailed might now be raised.

See django-auth-ldap/django-auth-ldap#378 for details.

What else changed

Drop support for django 3.2 by @francoisfreitag in django-auth-ldap/django-auth-ldap#371

Add support for Django 5.1 by @francoisfreitag in django-auth-ldap/django-auth-ldap#373

Restore testing for Python 3.8 and 3.9 by @francoisfreitag in django-auth-ldap/django-auth-ldap#375

Test support for Python 3.13 by @francoisfreitag in django-auth-ldap/django-auth-ldap#374

Full Changelog: django-auth-ldap/django-auth-ldap@4.8.0...5.0.0

Commits

943c800 Allow importing the backend without loading apps
1966c9e Drop support for EOL Python 3.8
3685761 Propagate LDAP errors instead of silently ignoring, send more ldap_error signals
796129b Cache pip packages across GitHub actions
2c5d07b Specify python-version for each GitHub action
7508234 Add setuptools requirement to build docs with Python 3.12
1850b19 Use tox-gh to simplify test matrix on GitHub
92a1439 Add support for Python 3.13
21c2296 Restore testing for Python 3.8 and 3.9
fb89efc Add support for Django 5.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python group with 8 updates: | Package | From | To | | --- | --- | --- | | [coverage](https://github.com/nedbat/coveragepy) | `7.6.2` | `7.6.4` | | [django-cors-headers](https://github.com/adamchainz/django-cors-headers) | `4.4.0` | `4.6.0` | | [pillow](https://github.com/python-pillow/Pillow) | `10.4.0` | `11.0.0` | | [psycopg2-binary](https://github.com/psycopg/psycopg2) | `2.9.9` | `2.9.10` | | [redis](https://github.com/redis/redis-py) | `5.1.1` | `5.2.0` | | [tqdm](https://github.com/tqdm/tqdm) | `4.66.5` | `4.66.6` | | [whitenoise](https://github.com/evansd/whitenoise) | `6.7.0` | `6.8.2` | | [django-auth-ldap](https://github.com/django-auth-ldap/django-auth-ldap) | `4.8.0` | `5.1.0` | Updates `coverage` from 7.6.2 to 7.6.4 - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.6.2...7.6.4) Updates `django-cors-headers` from 4.4.0 to 4.6.0 - [Changelog](https://github.com/adamchainz/django-cors-headers/blob/main/CHANGELOG.rst) - [Commits](adamchainz/django-cors-headers@4.4.0...4.6.0) Updates `pillow` from 10.4.0 to 11.0.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.4.0...11.0.0) Updates `psycopg2-binary` from 2.9.9 to 2.9.10 - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](https://github.com/psycopg/psycopg2/commits) Updates `redis` from 5.1.1 to 5.2.0 - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v5.1.1...v5.2.0) Updates `tqdm` from 4.66.5 to 4.66.6 - [Release notes](https://github.com/tqdm/tqdm/releases) - [Commits](tqdm/tqdm@v4.66.5...v4.66.6) Updates `whitenoise` from 6.7.0 to 6.8.2 - [Changelog](https://github.com/evansd/whitenoise/blob/main/docs/changelog.rst) - [Commits](evansd/whitenoise@6.7.0...6.8.2) Updates `django-auth-ldap` from 4.8.0 to 5.1.0 - [Release notes](https://github.com/django-auth-ldap/django-auth-ldap/releases) - [Changelog](https://github.com/django-auth-ldap/django-auth-ldap/blob/master/docs/changes.rst) - [Commits](django-auth-ldap/django-auth-ldap@4.8.0...5.1.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: django-cors-headers dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-major dependency-group: python - dependency-name: psycopg2-binary dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: tqdm dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: whitenoise dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: django-auth-ldap dependency-type: direct:production update-type: version-update:semver-major dependency-group: python ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 1, 2024

djperrefort enabled auto-merge (squash) November 1, 2024 13:57

djperrefort merged commit afc6736 into main Nov 1, 2024
17 checks passed

djperrefort deleted the dependabot/pip/python-32ff3fcdfa branch November 1, 2024 13:59

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the python group with 8 updates #471

Bump the python group with 8 updates #471

dependabot bot commented on behalf of github Nov 1, 2024

Bump the python group with 8 updates #471

Bump the python group with 8 updates #471

Conversation

dependabot bot commented on behalf of github Nov 1, 2024

Version 7.6.4 — 2024-10-20

Version 7.6.3 — 2024-10-13

4.6.0 (2024-10-29)

4.5.0 (2024-10-12)

11.0.0

Changes

11.0.0 (2024-10-15)

Current release

5.2.0

Changes

🚀 New Features

🧰 Maintenance

Contributors

tqdm v4.66.6 stable

6.8.2 (2024-10-29)

6.8.1 (2024-10-28)

6.8.0 (2024-10-28)

5.1.0

What's Changed

5.0.0

Breaking changes

What else changed