Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade: Bump the dependencies group with 8 updates #287

Merged
merged 2 commits into from
Jul 27, 2023
Merged

Upgrade: Bump the dependencies group with 8 updates #287

merged 2 commits into from
Jul 27, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 27, 2023

Bumps the dependencies group with 8 updates:

Package Update
aiohttp 3.8.4 to 3.8.5
botocore 1.30.0 to 1.31.12
certifi 2023.5.7 to 2023.7.22
charset-normalizer 3.1.0 to 3.2.0
click 8.1.3 to 8.1.6
frozenlist 1.3.3 to 1.4.0
sentry-sdk 1.27.0 to 1.28.1
urllib3 1.26.16 to 2.0.4

Updates aiohttp from 3.8.4 to 3.8.5

Release notes

Sourced from aiohttp's releases.

3.8.5

Security bugfixes

  • Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

    Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see GHSA-45c4-8wx5-qw6w.

    .. _llhttp: https://llhttp.org

    (#7346)

Features

  • Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

    (#7366)

Bugfixes

  • Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

    (#3355)

Changelog

Sourced from aiohttp's changelog.

3.8.5 (2023-07-19)

Security bugfixes

  • Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz and :user:Dreamsorcerer.

    Thanks to :user:sethmlarson for reporting this and providing us with comprehensive reproducer, workarounds and fixing details! For more information, see GHSA-45c4-8wx5-qw6w.

    .. _llhttp: https://llhttp.org

    [#7346](https://github.com/aio-libs/aiohttp/issues/7346) <https://github.com/aio-libs/aiohttp/issues/7346>_

Features

  • Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

    [#7366](https://github.com/aio-libs/aiohttp/issues/7366) <https://github.com/aio-libs/aiohttp/issues/7366>_

Bugfixes

  • Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

    [#3355](https://github.com/aio-libs/aiohttp/issues/3355) <https://github.com/aio-libs/aiohttp/issues/3355>_

Commits

Updates botocore from 1.30.0 to 1.31.12

Changelog

Sourced from botocore's changelog.

1.31.12

  • api-change:cloudcontrol: Updates the documentation for CreateResource.
  • api-change:entityresolution: AWS Entity Resolution can effectively match a source record from a customer relationship management (CRM) system with a source record from a marketing system containing campaign information.
  • api-change:glue: Release Glue Studio Snowflake Connector Node for SDK/CLI
  • api-change:healthlake: Updating the HealthLake service documentation.
  • api-change:managedblockchain-query: Amazon Managed Blockchain (AMB) Query provides serverless access to standardized, multi-blockchain datasets with developer-friendly APIs.
  • api-change:mediaconvert: This release includes general updates to user documentation.
  • api-change:omics: The service is renaming as a part of AWS Health.
  • api-change:opensearchserverless: This release adds new collection type VectorSearch.
  • api-change:polly: Amazon Polly adds 1 new voice - Lisa (nl-BE)
  • api-change:route53: Update that corrects the documents for received feedback.

1.31.11

  • api-change:billingconductor: Added support for Auto-Assocate Billing Groups for CreateBillingGroup, UpdateBillingGroup, and ListBillingGroups.
  • api-change:customer-profiles: Amazon Connect Customer Profiles now supports rule-based resolution to match and merge similar profiles into unified profiles, helping companies deliver faster and more personalized customer service by providing access to relevant customer information for agents and automated experiences.
  • api-change:datasync: AWS DataSync now supports Microsoft Azure Blob Storage locations.
  • api-change:dynamodb: Documentation updates for DynamoDB
  • api-change:ec2: This release adds an instance's peak and baseline network bandwidth as well as the memory sizes of an instance's inference accelerators to DescribeInstanceTypes.
  • api-change:emr-serverless: This release adds support for publishing application logs to CloudWatch.
  • api-change:lambda: Add Python 3.11 (python3.11) support to AWS Lambda
  • api-change:rds: This release adds support for monitoring storage optimization progress on the DescribeDBInstances API.
  • api-change:sagemaker: Mark ContentColumn and TargetLabelColumn as required Targets in TextClassificationJobConfig in CreateAutoMLJobV2API
  • api-change:securityhub: Add support for CONTAINS and NOT_CONTAINS comparison operators for Automation Rules string filters and map filters
  • api-change:sts: API updates for the AWS Security Token Service
  • api-change:transfer: This release adds support for SFTP Connectors.
  • api-change:wisdom: This release added two new data types: AssistantIntegrationConfiguration, and SessionIntegrationConfiguration to support Wisdom integration with Amazon Connect Chat

1.31.10

  • api-change:apigatewayv2: Documentation updates for Amazon API Gateway.
  • api-change:ce: This release introduces the new API 'GetSavingsPlanPurchaseRecommendationDetails', which retrieves the details for a Savings Plan recommendation. It also updates the existing API 'GetSavingsPlansPurchaseRecommendation' to include the recommendation detail ID.
  • api-change:chime-sdk-media-pipelines: AWS Media Pipeline compositing enhancement and Media Insights Pipeline auto language identification.
  • api-change:cloudformation: This release supports filtering by DRIFT_STATUS for existing API ListStackInstances and adds support for a new API ListStackInstanceResourceDrifts. Customers can now view resource drift information from their StackSet management accounts.
  • api-change:ec2: Add "disabled" enum value to SpotInstanceState.
  • api-change:glue: Added support for Data Preparation Recipe node in Glue Studio jobs
  • api-change:quicksight: This release launches new Snapshot APIs for CSV and PDF exports, adds support for info icon for filters and parameters in Exploration APIs, adds modeled exception to the DeleteAccountCustomization API, and introduces AttributeAggregationFunction's ability to add UNIQUE_VALUE aggregation in tooltips.

1.31.9

  • api-change:glue: This release adds support for AWS Glue Crawler with Apache Hudi Tables, allowing Crawlers to discover Hudi Tables in S3 and register them in Glue Data Catalog for query engines to query against.
  • api-change:mediaconvert: This release includes improvements to Preserve 444 handling, compatibility of HEVC sources without frame rates, and general improvements to MP4 outputs.

... (truncated)

Commits
  • 805ad4c Merge branch 'release-1.31.12'
  • a22d266 Bumping version to 1.31.12
  • 0249ce0 Update to latest partitions and endpoints
  • 4d95569 Update to latest models
  • fe5a45d Merge branch 'release-1.31.11'
  • bf00c7d Merge branch 'release-1.31.11' into develop
  • 43a0c2e Bumping version to 1.31.11
  • 69df0da Update to latest models
  • 2b6d06d Merge branch 'release-1.31.10'
  • 1a5df55 Merge branch 'release-1.31.10' into develop
  • Additional commits viewable in compare view

Updates certifi from 2023.5.7 to 2023.7.22

Commits

Updates charset-normalizer from 3.1.0 to 3.2.0

Release notes

Sourced from charset-normalizer's releases.

Version 3.2.0

3.2.0 (2023-06-07)

Changed

  • Typehint for function from_path no longer enforce PathLike as its first argument
  • Minor improvement over the global detection reliability

Added

  • Introduce function is_binary that relies on main capabilities, and is optimized to detect binaries
  • Propagate enable_fallback argument throughout from_bytes, from_path, and from_fp that allow a deeper control over the detection (default True)
  • Explicit support for Python 3.12

Fixed

  • Edge case detection failure where a file would contain 'very-long' camel-cased word (Issue #289)
Changelog

Sourced from charset-normalizer's changelog.

3.2.0 (2023-06-07)

Changed

  • Typehint for function from_path no longer enforce PathLike as its first argument
  • Minor improvement over the global detection reliability

Added

  • Introduce function is_binary that relies on main capabilities, and optimized to detect binaries
  • Propagate enable_fallback argument throughout from_bytes, from_path, and from_fp that allow a deeper control over the detection (default True)
  • Explicit support for Python 3.12

Fixed

  • Edge case detection failure where a file would contain 'very-long' camel cased word (Issue #289)
Commits
  • 0424c80 Add workflow_call for ci.yml workflow (reusable) (#307)
  • 782885e Fix issue 289, add function is_binary, add explicit support py 3.12 (#306)
  • 1b0fb5c ⬆️ Bump pytest from 7.3.2 to 7.4.0 (#304)
  • 3acf08e ⬆️ Bump mypy from 1.3.0 to 1.4.1 (#305)
  • 5c030b5 Replace emoji shortcodes with UTF-8 emoji (#303)
  • f9f686b ⬆️ Bump pypa/cibuildwheel from 2.13.0 to 2.13.1 (#302)
  • d42cdaf ⬆️ Bump slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0 (#301)
  • f8e7db1 ⬆️ Bump pytest from 7.3.1 to 7.3.2 (#300)
  • 6f02962 ⬆️ Bump pytest-cov from 4.0.0 to 4.1.0 (#298)
  • 8028c56 ⬆️ Bump pypa/cibuildwheel from 2.12.3 to 2.13.0 (#299)
  • Additional commits viewable in compare view

Updates click from 8.1.3 to 8.1.6

Release notes

Sourced from click's releases.

8.1.6

This is a fix release for the 8.1.x feature branch. If you were having issues with type checking tools like pyright or mypy not accepting uses of Click's decorators, this should fix that.

8.1.5

This is a fix release for the 8.1.x feature branch. This fixes an issue with decorator type annotations that caused type checkers to fail for valid code. There are no runtime behavior changes.

8.1.4

This is a fix release for the 8.1.x feature branch.

Changelog

Sourced from click's changelog.

Version 8.1.6

Released 2023-07-18

  • Fix an issue with type hints for @click.group(). :issue:2558

Version 8.1.5

Released 2023-07-13

  • Fix an issue with type hints for @click.command(), @click.option(), and other decorators. Introduce typing tests. :issue:2558

Version 8.1.4

Released 2023-07-06

  • Replace all typing.Dict occurrences to typing.MutableMapping for parameter hints. :issue:2255
  • Improve type hinting for decorators and give all generic types parameters. :issue:2398
  • Fix return value and type signature of shell_completion.add_completion_class function. :pr:2421
  • Bash version detection doesn't fail on Windows. :issue:2461
  • Completion works if there is a dot (.) in the program name. :issue:2166
  • Improve type annotations for pyright type checker. :issue:2268
  • Improve responsiveness of click.clear(). :issue:2284
  • Improve command name detection when using Shiv or PEX. :issue:2332
  • Avoid showing empty lines if command help text is empty. :issue:2368
  • ZSH completion script works when loaded from fpath. :issue:2344.
  • EOFError and KeyboardInterrupt tracebacks are not suppressed when standalone_mode is disabled. :issue:2380
  • @group.command does not fail if the group was created with a custom command_class. :issue:2416
  • multiple=True is allowed for flag options again and does not require setting default=(). :issue:2246, 2292, 2295
  • Make the decorators returned by @argument() and @option() reusable when the cls parameter is used. :issue:2294
  • Don't fail when writing filenames to streams with strict errors. Replace invalid bytes with the replacement character (). :issue:2395
  • Remove unnecessary attempt to detect MSYS2 environment. :issue:2355
  • Remove outdated and unnecessary detection of App Engine environment. :pr:2554
  • echo() does not fail when no streams are attached, such as with pythonw on Windows. :issue:2415
  • Argument with expose_value=False do not cause completion to fail. :issue:2336
Commits

Updates frozenlist from 1.3.3 to 1.4.0

Release notes

Sourced from frozenlist's releases.

1.4.0

The published source distribution package became buildable under Python 3.12.

Bugfixes

  • Removed an unused :py:data:typing.Tuple import (#411)_

Deprecations and Removals

  • Dropped Python 3.7 support. (#413)_

Misc

Changelog

Sourced from frozenlist's changelog.

1.4.0 (2023-07-12)

The published source distribution package became buildable under Python 3.12.

Bugfixes

  • Removed an unused :py:data:typing.Tuple import [#411](https://github.com/aio-libs/frozenlist/issues/411) <https://github.com/aio-libs/frozenlist/issues/411>_

Deprecations and Removals

  • Dropped Python 3.7 support. [#413](https://github.com/aio-libs/frozenlist/issues/413) <https://github.com/aio-libs/frozenlist/issues/413>_

Misc

  • [#410](https://github.com/aio-libs/frozenlist/issues/410) <https://github.com/aio-libs/frozenlist/issues/410>, [#433](https://github.com/aio-libs/frozenlist/issues/433) <https://github.com/aio-libs/frozenlist/issues/433>
Commits
  • 9d96e08 🐛 Add "Gitter" to the spelling allowlist
  • 7b65e79 📦 Bump frozenlist to v1.4.0
  • b3a6bd7 🧪 Check dist meta in strict mode
  • 116c164 📝🔥 Remove references to Discourse
  • ad22ce8 📝 Replace Gitter mentions with Matrix
  • f119a80 📦📝 Link CoC from the PyPI page sidebar
  • adcdfce 🎨📝 Replace PyPI badge w/ shields.io in README
  • fc7747e 📝📦 Link the changelog from PyPI
  • 16e5426 📝 Update docs links with new FQDN
  • 2a284f3 🧪 Report coverage for the tests
  • Additional commits viewable in compare view

Updates sentry-sdk from 1.27.0 to 1.28.1

Release notes

Sourced from sentry-sdk's releases.

1.28.1

Various fixes & improvements

1.28.0

Various fixes & improvements

1.27.1

Various fixes & improvements

  • Add Starlette/FastAPI template tag for adding Sentry tracing information (#2225) by @​antonpirker
    • By adding {{ sentry_trace_meta }} to your Starlette/FastAPI Jinja2 templates we will include Sentry trace information as a meta tag in the rendered HTML to allow your frontend to pick up and continue the trace started in the backend.
  • Fixed generation of baggage when a DSC is already in propagation context (#2232) by @​antonpirker
  • Handle explicitly passing None for trace_configs in aiohttp (#2230) by @​Harmon758
  • Support newest Starlette versions (#2227) by @​antonpirker
Changelog

Sourced from sentry-sdk's changelog.

1.28.1

Various fixes & improvements

1.28.0

Various fixes & improvements

1.27.1

Various fixes & improvements

  • Add Starlette/FastAPI template tag for adding Sentry tracing information (#2225) by @​antonpirker
    • By adding {{ sentry_trace_meta }} to your Starlette/FastAPI Jinja2 templates we will include Sentry trace information as a meta tag in the rendered HTML to allow your frontend to pick up and continue the trace started in the backend.
  • Fixed generation of baggage when a DSC is already in propagation context (#2232) by @​antonpirker
  • Handle explicitly passing None for trace_configs in aiohttp (#2230) by @​Harmon758
  • Support newest Starlette versions (#2227) by @​antonpirker
Commits
  • e1c77cc Updated changelog
  • 78b5113 release: 1.28.1
  • d586149 Make sure each task that is started by Celery Beat has its own trace. (#2249)
  • 093003f remove stale.yml (#2245)
  • d874091 Add Sampling Decision to Trace Envelope Header (#2239)
  • 5704f12 Skip distributions with incomplete metadata (#2231)
  • 7a9b1b7 Do not add trace headers (sentry-trace and baggage) to HTTP requests to S...
  • 994a45b Redis: Add support for redis.asyncio (#1933)
  • b89fa8d Prevent adding sentry-trace header multiple times (#2235)
  • 684c43f Django: Fix 404 Handler handler being labeled as "generic ASGI request" (#1277)
  • Additional commits viewable in compare view

Updates urllib3 from 1.26.16 to 2.0.4

Release notes

Sourced from urllib3's releases.

2.0.4

  • Added support for union operators to HTTPHeaderDict (#2254)
  • Added BaseHTTPResponse to urllib3.__all__ (#3078)
  • Fixed urllib3.connection.HTTPConnection to raise the http.client.connect audit event to have the same behavior as the standard library HTTP client (#2757)
  • Relied on the standard library for checking hostnames in supported PyPy releases (#3087)

2.0.3

  • Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. #3020
  • Deprecated URLs which don't have an explicit scheme #2950
  • Fixed response decoding with Zstandard when compressed data is made of several frames. #3008
  • Fixed assert_hostname=False to correctly skip hostname check. #3051

2.0.2

  • Fixed HTTPResponse.stream() to continue yielding bytes if buffered decompressed data was still available to be read even if the underlying socket is closed. This prevents a compressed response from being truncated. (urllib3/urllib3#3009)

2.0.1

  • Fixed a socket leak when fingerprint or hostname verifications fail. (#2991)
  • Fixed an error when HTTPResponse.read(0) was the first read call or when the internal response body buffer was otherwise empty. (#2998)

2.0.0

Read the v2.0 migration guide for help upgrading to the latest version of urllib3.

Removed

  • Removed support for Python 2.7, 3.5, and 3.6 (#883, #2336).
  • Removed fallback on certificate commonName in match_hostname() function. This behavior was deprecated in May 2000 in RFC 2818. Instead only subjectAltName is used to verify the hostname by default. To enable verifying the hostname against commonName use SSLContext.hostname_checks_common_name = True (#2113).
  • Removed support for Python with an ssl module compiled with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 (#2168).
  • Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support. When an incompatible OpenSSL version is detected an ImportError is raised (#2168).
  • Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure (#2082).
  • Removed urllib3.contrib.appengine.AppEngineManager and support for Google App Engine Standard Environment (#2044).
  • Removed deprecated Retry options method_whitelist, DEFAULT_REDIRECT_HEADERS_BLACKLIST (#2086).
  • Removed urllib3.HTTPResponse.from_httplib (#2648).
  • Removed default value of None for the request_context parameter of urllib3.PoolManager.connection_from_pool_key. This change should have no effect on users as the default value of None was an invalid option and was never used (#1897).
  • Removed the urllib3.request module. urllib3.request.RequestMethods has been made a private API. This change was made to ensure that from urllib3 import request imported the top-level request() function instead of the urllib3.request module (#2269).
  • Removed support for SSLv3.0 from the urllib3.contrib.pyopenssl even when support is available from the compiled OpenSSL library (#2233).
  • Removed the deprecated urllib3.contrib.ntlmpool module (#2339).
  • Removed DEFAULT_CIPHERS, HAS_SNI, USE_DEFAULT_SSLCONTEXT_CIPHERS, from the private module urllib3.util.ssl_ (#2168).
  • Removed urllib3.exceptions.SNIMissingWarning (#2168).
  • Removed the _prepare_conn method from HTTPConnectionPool. Previously this was only used to call HTTPSConnection.set_cert() by HTTPSConnectionPool (#1985).
  • Removed tls_in_tls_required property from HTTPSConnection. This is now determined from the scheme parameter in HTTPConnection.set_tunnel() (#1985).

Deprecated

  • Deprecated HTTPResponse.getheaders() and HTTPResponse.getheader() which will be removed in urllib3 v2.1.0. Instead use HTTPResponse.headers and HTTPResponse.headers.get(name, default). (#1543, #2814).
  • Deprecated urllib3.contrib.pyopenssl module which will be removed in urllib3 v2.1.0 (#2691).
  • Deprecated urllib3.contrib.securetransport module which will be removed in urllib3 v2.1.0 (#2692).
  • Deprecated ssl_version option in favor of ssl_minimum_version. ssl_version will be removed in urllib3 v2.1.0 (#2110).
  • Deprecated the strict parameter as it's not longer needed in Python 3.x. It will be removed in urllib3 v2.1.0 (#2267)
  • Deprecated the NewConnectionError.pool attribute which will be removed in urllib3 v2.1.0 (#2271).
  • Deprecated format_header_param_html5 and format_header_param in favor of format_multipart_header_param (#2257).

... (truncated)

Changelog

Sourced from urllib3's changelog.

2.0.4 (2023-07-19)

  • Added support for union operators to HTTPHeaderDict ([#2254](https://github.com/urllib3/urllib3/issues/2254) <https://github.com/urllib3/urllib3/issues/2254>__)
  • Added BaseHTTPResponse to urllib3.__all__ ([#3078](https://github.com/urllib3/urllib3/issues/3078) <https://github.com/urllib3/urllib3/issues/3078>__)
  • Fixed urllib3.connection.HTTPConnection to raise the http.client.connect audit event to have the same behavior as the standard library HTTP client ([#2757](https://github.com/urllib3/urllib3/issues/2757) <https://github.com/urllib3/urllib3/issues/2757>__)
  • Relied on the standard library for checking hostnames in supported PyPy releases ([#3087](https://github.com/urllib3/urllib3/issues/3087) <https://github.com/urllib3/urllib3/issues/3087>__)

2.0.3 (2023-06-07)

  • Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. ([#3020](https://github.com/urllib3/urllib3/issues/3020) <https://github.com/urllib3/urllib3/issues/3020>__)
  • Deprecated URLs which don't have an explicit scheme ([#2950](https://github.com/urllib3/urllib3/issues/2950) <https://github.com/urllib3/urllib3/pull/2950>_)
  • Fixed response decoding with Zstandard when compressed data is made of several frames. ([#3008](https://github.com/urllib3/urllib3/issues/3008) <https://github.com/urllib3/urllib3/issues/3008>__)
  • Fixed assert_hostname=False to correctly skip hostname check. ([#3051](https://github.com/urllib3/urllib3/issues/3051) <https://github.com/urllib3/urllib3/issues/3051>__)

2.0.2 (2023-05-03)

  • Fixed HTTPResponse.stream() to continue yielding bytes if buffered decompressed data was still available to be read even if the underlying socket is closed. This prevents a compressed response from being truncated. ([#3009](https://github.com/urllib3/urllib3/issues/3009) <https://github.com/urllib3/urllib3/issues/3009>__)

2.0.1 (2023-04-30)

  • Fixed a socket leak when fingerprint or hostname verifications fail. ([#2991](https://github.com/urllib3/urllib3/issues/2991) <https://github.com/urllib3/urllib3/issues/2991>__)
  • Fixed an error when HTTPResponse.read(0) was the first read call or when the internal response body buffer was otherwise empty. ([#2998](https://github.com/urllib3/urllib3/issues/2998) <https://github.com/urllib3/urllib3/issues/2998>__)

2.0.0 (2023-04-26)

Read the v2.0 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>__ for help upgrading to the latest version of urllib3.

Removed

  • Removed support for Python 2.7, 3.5, and 3.6 ([#883](https://github.com/urllib3/urllib3/issues/883) <https://github.com/urllib3/urllib3/issues/883>, [#2336](https://github.com/urllib3/urllib3/issues/2336) <https://github.com/urllib3/urllib3/issues/2336>).
  • Removed fallback on certificate commonName in match_hostname() function. This behavior was deprecated in May 2000 in RFC 2818. Instead only subjectAltName is used to verify the hostname by default. To enable verifying the hostname against commonName use SSLContext.hostname_checks_common_name = True ([#2113](https://github.com/urllib3/urllib3/issues/2113) <https://github.com/urllib3/urllib3/issues/2113>__).
  • Removed support for Python with an ssl module compiled with LibreSSL, CiscoSSL, wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 ([#2168](https://github.com/urllib3/urllib3/issues/2168) <https://github.com/urllib3/urllib3/issues/2168>__).
  • Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support. When an incompatible OpenSSL version is detected an ImportError is raised ([#2168](https://github.com/urllib3/urllib3/issues/2168) <https://github.com/urllib3/urllib3/issues/2168>__).

... (truncated)

Commits
  • c9fa144 Release version 2.0.4 (#3084)
  • d40d146 Add Illia to CODEOWNERS
  • 0a375d1 Raise http.client.connect audit events in HTTPConnection (#2859)
  • c056eb3 Bump actions/setup-python from 4.6.0 to 4.7.0
  • a1c184b Remove warnings filters fixed in pytest 7.4.0 (#3086)
  • 609c546 Add support for union operators to HTTPHeaderDict (#2943)
  • 05b21ca Bump cryptography from 41.0.0 to 41.0.2
  • 9aa0d4f Bump cryptography from 39.0.1 to 41.0.0 (#3057)
  • 326c423 Rely on the standard library for checking hostnames in supported PyPy releases
  • d0ac08d Bump gh-action-pypi-publish to v1.8.8
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot
Upgrade: Bump the dependencies group with 8 updates
5927352 
Bumps the dependencies group with 8 updates:

| Package | Update |
| --- | --- |
| [aiohttp](https://github.com/aio-libs/aiohttp) | 3.8.4 to 3.8.5 |
| [botocore](https://github.com/boto/botocore) | 1.30.0 to 1.31.12 |
| [certifi](https://github.com/certifi/python-certifi) | 2023.5.7 to 2023.7.22 |
| [charset-normalizer](https://github.com/Ousret/charset_normalizer) | 3.1.0 to 3.2.0 |
| [click](https://github.com/pallets/click) | 8.1.3 to 8.1.6 |
| [frozenlist](https://github.com/aio-libs/frozenlist) | 1.3.3 to 1.4.0 |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | 1.27.0 to 1.28.1 |
| [urllib3](https://github.com/urllib3/urllib3) | 1.26.16 to 2.0.4 |


Updates `aiohttp` from 3.8.4 to 3.8.5
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst)
- [Commits](aio-libs/aiohttp@v3.8.4...v3.8.5)

Updates `botocore` from 1.30.0 to 1.31.12
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](boto/botocore@1.30.0...1.31.12)

Updates `certifi` from 2023.5.7 to 2023.7.22
- [Commits](certifi/python-certifi@2023.05.07...2023.07.22)

Updates `charset-normalizer` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/Ousret/charset_normalizer/releases)
- [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](jawah/charset_normalizer@3.1.0...3.2.0)

Updates `click` from 8.1.3 to 8.1.6
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/8.1.6/CHANGES.rst)
- [Commits](pallets/click@8.1.3...8.1.6)

Updates `frozenlist` from 1.3.3 to 1.4.0
- [Release notes](https://github.com/aio-libs/frozenlist/releases)
- [Changelog](https://github.com/aio-libs/frozenlist/blob/master/CHANGES.rst)
- [Commits](aio-libs/frozenlist@v1.3.3...v1.4.0)

Updates `sentry-sdk` from 1.27.0 to 1.28.1
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@1.27.0...1.28.1)

Updates `urllib3` from 1.26.16 to 2.0.4
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.16...2.0.4)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: botocore
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: charset-normalizer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: click
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: frozenlist
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 27, 2023
@dependabot dependabot bot mentioned this pull request Jul 27, 2023
Closed
@TrueBrain TrueBrain merged commit 8f31b52 into main Jul 27, 2023
@TrueBrain TrueBrain deleted the dependabot/pip/dependencies-2750d625bc branch July 27, 2023 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@TrueBrain