Bump the pip group in /src with 17 updates

[dependabot]

Bumps the pip group in /src with 17 updates:

Package	From	To
ipywidgets	7.7.1	8.1.3
notebook	6.5.6	6.5.7
pymongo	4.7.3	4.8.0
scikit-learn	1.5.0	1.5.1
cryptography	42.0.8	43.0.0
jsonschema	4.16.0	4.23.0
markdown	3.4.1	3.6
markupsafe	2.1.4	2.1.5
pycurl	7.45.1	7.45.3
pyopenssl	24.1.0	24.2.1
setuptools	71.1.0	72.1.0
terminado	0.18.0	0.18.1
ete3	3.1.2	3.1.3
coverage	7.5.3	7.6.0
pytest	8.2.2	8.3.2
pytest-recording	0.13.1	0.13.2
ruff	0.5.5	0.5.6

Updates ipywidgets from 7.7.1 to 8.1.3

Release notes

Sourced from ipywidgets's releases.

8.1.3

Bug fixes

• Add support for widgets in JupyterLab code consoles by @​jtpio in jupyter-widgets/ipywidgets#3004
• Add return to pack_models by @​gjmooney in jupyter-widgets/ipywidgets#3923

Documentation

• Docs: Update jupyterlite by @​martinRenou in jupyter-widgets/ipywidgets#3918
• Docs: Fix jupyterlite deployment by @​martinRenou in jupyter-widgets/ipywidgets#3919

New Contributors

• @​gjmooney made their first contribution in jupyter-widgets/ipywidgets#3923

Full Changelog: jupyter-widgets/ipywidgets@8.1.2...8.1.3

Release 8.1.2

What's Changed

• Bump systeminformation from 5.18.3 to 5.21.8 in /ui-tests by @​dependabot in jupyter-widgets/ipywidgets#3837
• Try to use manager's latexTypesetter if window.MathJax is not defined by @​bollwyvl in jupyter-widgets/ipywidgets#3847
• fix: restoring widgets from saved state is broken since v8 in Lab by @​mariobuikhuizen in jupyter-widgets/ipywidgets#3866

Full Changelog: jupyter-widgets/ipywidgets@8.1.1...8.1.2

Release 8.1.1

What's Changed

Bug fixed

• Raise error when copy method is used on base widget class by @​mmc1718 in jupyter-widgets/ipywidgets#3780
• Reverts #3689 and #3738 back to the original working codebase by @​martinRenou in jupyter-widgets/ipywidgets#3830

Docs

• Update to JupyterLite 0.1.0 by @​jtpio in jupyter-widgets/ipywidgets#3820

New Contributors

• @​mmc1718 made their first contribution in jupyter-widgets/ipywidgets#3780

Full Changelog: jupyter-widgets/ipywidgets@8.1.0...8.1.1

Release 8.1.0

Improvements

• Allow CSS variables to be used as values in the Color trait by @​nurbo in jupyter-widgets/ipywidgets#3796
• Replace ipykernel dependency by the comm dependency by @​martinRenou in jupyter-widgets/ipywidgets#3811

Documentation

• Fix link to "Output widget examples" by @​warrickball in jupyter-widgets/ipywidgets#3801

... (truncated)

Commits

• 06ed868 Merge pull request #3793 from ferdnyc/mappings-work-again
• 31259ca Merge pull request #3801 from warrickball/patch-2
• dd250bf Handle Notebook 7 in dev install script
• a1282ec Fix link to "Output widget examples"
• b6b3051 Revert "Add note on removal of mapping types in documentation"
• 5a2773e fix some sphinx warnings
• 6f6156c docs: Overhaul docs toolchain (#3673)
• 09bf0cf Merge pull request #3611 from jtpio/custom-widget-tutorial
• ec2b8d8 Use the %pip magic
• fb27948 Typo fix
• Additional commits viewable in compare view

Updates notebook from 6.5.6 to 6.5.7

Release notes

Sourced from notebook's releases.

v6.5.7

6.5.7

(Full Changelog)

Maintenance and upkeep improvements

• Ignore check-wheel-content duplicate file error #7343 (@​RRosio)
• 6.5.x: Unpin pyzmq #7305 (@​minrk)

Contributors to this release

(GitHub contributors page for this release)

@​brichet | @​d5423197 | @​github-actions | @​jtpio | @​krassowski | @​minrk | @​RRosio | @​Zsailer

Changelog

Sourced from notebook's changelog.

6.5.7

(Full Changelog)

Maintenance and upkeep improvements

• Ignore check-wheel-content duplicate file error #7343 (@​RRosio)
• 6.5.x: Unpin pyzmq #7305 (@​minrk)

Contributors to this release

(GitHub contributors page for this release)

@​brichet | @​d5423197 | @​github-actions | @​jtpio | @​krassowski | @​minrk | @​RRosio | @​Zsailer

Commits

• 633c5be Publish 6.5.7
• e1723f4 Ignore check-wheel-content duplicate file error (#7343)
• 382a5db remove upper bound on pyzmq (#7305)
• See full diff in compare view

Updates pymongo from 4.7.3 to 4.8.0

Release notes

Sourced from pymongo's releases.

PyMongo 4.8.0

Changes in Version 4.8.0

PyMongo 4.8 brings a number of improvements including:

• The handshake metadata for "os.name" on Windows has been simplified to "Windows" to improve import time.
• The repr of bson.binary.Binary is now redacted when the subtype is SENSITIVE_SUBTYPE(8).
• Secure Software Development Life Cycle automation for release process. GitHub Releases now include a Software Bill of Materials, and signature files corresponding to the distribution files released on PyPI.
• Fixed a bug in change streams where both startAtOperationTime and resumeToken could be added to a retry attempt, which caused the retry to fail.
• Fallback to stdlib ssl module when pyopenssl import fails with AttributeError.
• Improved performance of MongoClient operations, especially when many operations are being run concurrently.

Unavoidable breaking changes

• Since we are now using hatch as our build backend, we no longer have a usable setup.py file and require installation using pip. Attempts to invoke the setup.py file will raise an exception. Additionally, pip >= 21.3 is now required for editable installs.

Issues Resolved

See the PyMongo 4.8 release notes in JIRA for the list of resolved issues in this release.

---

Full Changelog: mongodb/mongo-python-driver@4.7.1...4.8.0

Changelog

Sourced from pymongo's changelog.

Changes in Version 4.8.0

.. warning:: PyMongo 4.8 drops support for Python 3.7 and PyPy 3.8: Python 3.8+ or PyPy 3.9+ is now required.

PyMongo 4.8 brings a number of improvements including:

• The handshake metadata for "os.name" on Windows has been simplified to "Windows" to improve import time.
• The repr of bson.binary.Binary is now redacted when the subtype is SENSITIVE_SUBTYPE(8).
• Secure Software Development Life Cycle automation for release process. GitHub Releases now include a Software Bill of Materials, and signature files corresponding to the distribution files released on PyPI.
• Fixed a bug in change streams where both startAtOperationTime and resumeToken could be added to a retry attempt, which caused the retry to fail.
• Fallback to stdlib ssl module when pyopenssl import fails with AttributeError.
• Improved performance of MongoClient operations, especially when many operations are being run concurrently.

Unavoidable breaking changes ............................

• Since we are now using hatch as our build backend, we no longer have a usable setup.py file and require installation using pip. Attempts to invoke the setup.py file will raise an exception. Additionally, pip >= 21.3 is now required for editable installs.

Issues Resolved ...............

See the PyMongo 4.8 release notes in JIRA_ for the list of resolved issues in this release.

.. _PyMongo 4.8 release notes in JIRA: https://jira.mongodb.org/secure/ReleaseNote.jspa?projectId=10004&version=37057

Commits

• d504d14 BUMP 4.8.0
• ab9e748 PYTHON-4515 Improve 4.8 changelog (#1713)
• 2fdf707 PYTHON-4507 [v4.8] pip>=21.3 is required for editable installs (#1711)
• 5139adb PYTHON-4515 [v4.8] Update changelog for 4.8 (#1710)
• b3c55ff BUMP 4.8.0.dev1
• 113b9da BUMP 4.8.0b0
• 585411a PYTHON-4388 [v4.8] Fix security events handling in release workflow again (#1...
• f1f4938 PYTHON-4388 [v4.8] Fix permissions in release workflow (#1708)
• a0d232b PYTHON-4499 [v4.8] Log pymongo.connection at DEBUG without EventListeners (#1...
• 14ed482 PYTHON-4388 [v4.8] Fix dist handling in SSDLC workflow (#1706)
• Additional commits viewable in compare view

Updates scikit-learn from 1.5.0 to 1.5.1

Release notes

Sourced from scikit-learn's releases.

Scikit-learn 1.5.1

We're happy to announce the 1.5.1 release.

This release contains fixes for a few regressions introduced in 1.5.

You can see the changelog here: https://scikit-learn.org/stable/whats_new/v1.5.html#version-1-5-1

You can upgrade with pip as usual:

pip install -U scikit-learn

The conda-forge builds can be installed using:

conda install -c conda-forge scikit-learn

Thanks to everyone who contributed to this release !

Commits

• 70fdc84 Bump version [cd build]
• b0ec847 DOC Add missing PR number in changelog entry (#29384)
• 8179b8f DOC Set 1.5.1 release month (#29377)
• 851c0d6 FIX: accuracy and zero_loss support for multilabel with Array API (#29336)
• 99d8a32 FIX zero_one_loss breaks with multilabel and Array API (#29269)
• 059070b ENH Add Array API compatibility to cosine_similarity (#29014)
• ada571f Fix a regression in GridSearchCV for parameter grids that have arrays of diff...
• fb26476 🔒 🤖 CI Update lock files for cirrus-arm CI build(s) 🔒 🤖...
• 5a74cc0 Fix performance regression in ColumnTransformer (#29330)
• c3d69b2 MAINT Pin the ruff version on CI linters (#29359)
• Additional commits viewable in compare view

Updates cryptography from 42.0.8 to 43.0.0

Changelog

Sourced from cryptography's changelog.

43.0.0 - 2024-07-20

* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1e has been
  removed.  Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.8.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
* Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
* :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
  now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still
  considered insecure, users should generally use a key size of 2048-bits.
* :func:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`
  now emits ASN.1 that more closely follows the recommendations in :rfc:`2315`.
* Added new :doc:`/hazmat/decrepit/index` module which contains outdated and
  insecure cryptographic primitives.
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish`, which were
  deprecated in 37.0.0, have been added to this module. They will be removed
  from the ``cipher`` module in 45.0.0.
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES`
  and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ARC4` into
  :doc:`/hazmat/decrepit/index` and deprecated them in the ``cipher`` module.
  They will be removed from the ``cipher`` module in 48.0.0.
* Added support for deterministic
  :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` (:rfc:`6979`)
* Added support for client certificate verification to the
  :mod:`X.509 path validation <cryptography.x509.verification>` APIs in the
  form of :class:`~cryptography.x509.verification.ClientVerifier`,
  :class:`~cryptography.x509.verification.VerifiedClient`, and
  ``PolicyBuilder``
  :meth:`~cryptography.x509.verification.PolicyBuilder.build_client_verifier`.
* Added Certificate
  :attr:`~cryptography.x509.Certificate.public_key_algorithm_oid`
  and Certificate Signing Request
  :attr:`~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid`
  to determine the :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
  Object Identifier of the public key found inside the certificate.
* Added :attr:`~cryptography.x509.InvalidityDate.invalidity_date_utc`, a
  timezone-aware alternative to the naïve ``datetime`` attribute
  :attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
* Added support for parsing empty DN string in
  :meth:`~cryptography.x509.Name.from_rfc4514_string`.
* Added the following properties that return timezone-aware ``datetime`` objects:
  :meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_time_utc`,
</tr></table> 

... (truncated)

Commits

• ebf14f2 bump for 43.0.0 and update changelog (#11311)
• 42788a0 Fix exchange with keys that had Q automatically computed (#11309)
• 2dbdfb8 don't assign unused name (#11310)
• ccc66e6 Bump openssl from 0.10.64 to 0.10.65 in /src/rust (#11308)
• 4310c87 Bump sphinxcontrib-qthelp from 1.0.7 to 1.0.8 (#11307)
• f66a9c4 Bump sphinxcontrib-htmlhelp from 2.0.5 to 2.0.6 (#11306)
• a8fcf18 Bump openssl-sys from 0.9.102 to 0.9.103 in /src/rust (#11305)
• 2fe32b2 Bump mypy from 1.10.1 to 1.11.0 (#11303)
• ee24e82 Bump setuptools from 71.0.3 to 71.0.4 in /.github/requirements (#11304)
• 7249ccd Bump portable-atomic from 1.6.0 to 1.7.0 in /src/rust (#11302)
• Additional commits viewable in compare view

Updates jsonschema from 4.16.0 to 4.23.0

Release notes

Sourced from jsonschema's releases.

v4.23.0

What's Changed

• Add some typing to the exceptions.py module by @​DanielNoord in python-jsonschema/jsonschema#1019
• Declare support for 3.13 by @​rominf in python-jsonschema/jsonschema#1282

New Contributors

• @​rominf made their first contribution in python-jsonschema/jsonschema#1282

Full Changelog: python-jsonschema/jsonschema@v4.22.0...v4.23.0

v4.22.0

What's Changed

• Improve best_match (and thereby error messages from jsonschema.validate) in cases where there are multiple sibling errors from applying anyOf / allOf -- i.e. when multiple elements of a JSON array have errors, we now do prefer showing errors from earlier elements rather than simply showing an error for the full array (#1250).
• (Micro-)optimize equality checks when comparing for JSON Schema equality by first checking for object identity, as == would.

New Contributors

• @​shinnar made their first contribution in python-jsonschema/jsonschema#1224

Full Changelog: python-jsonschema/jsonschema@v4.21.1...v4.22.0

v4.21.1

• Slightly speed up the contains keyword by removing some unnecessary validator (re-)creation.

Full Changelog: python-jsonschema/jsonschema@v4.21.0...v4.21.1

v4.21.0

What's Changed

• Fix the behavior of enum in the presence of 0 or 1 to properly consider True and False unequal (#1208).
• Special case the error message for {min,max}{Items,Length,Properties} when they're checking for emptiness rather than true length.

New Contributors

• @​otto-ifak made their first contribution in python-jsonschema/jsonschema#1208

Full Changelog: python-jsonschema/jsonschema@v4.20.0...v4.21.0

v4.20.0

• Properly consider items (and properties) to be evaluated by unevaluatedItems (resp. unevaluatedProperties) when behind a $dynamicRef as specified by the 2020 and 2019 specifications.
• jsonschema.exceptions.ErrorTree.__setitem__ is now deprecated. More broadly, in general users of jsonschema should never be mutating objects owned by the library.

Full Changelog: python-jsonschema/jsonschema@v4.19.2...v4.20.0

... (truncated)

Changelog

Sourced from jsonschema's changelog.

v4.23.0

• Do not reorder dictionaries (schemas, instances) that are printed as part of validation errors.
• Declare support for Py3.13

v4.22.0

• Improve best_match (and thereby error messages from jsonschema.validate) in cases where there are multiple sibling errors from applying anyOf / allOf -- i.e. when multiple elements of a JSON array have errors, we now do prefer showing errors from earlier elements rather than simply showing an error for the full array (#1250).
• (Micro-)optimize equality checks when comparing for JSON Schema equality by first checking for object identity, as == would.

v4.21.1

• Slightly speed up the contains keyword by removing some unnecessary validator (re-)creation.

v4.21.0

• Fix the behavior of enum in the presence of 0 or 1 to properly consider True and False unequal (#1208).
• Special case the error message for {min,max}{Items,Length,Properties} when they're checking for emptiness rather than true length.

v4.20.0

• Properly consider items (and properties) to be evaluated by unevaluatedItems (resp. unevaluatedProperties) when behind a $dynamicRef as specified by the 2020 and 2019 specifications.
• jsonschema.exceptions.ErrorTree.__setitem__ is now deprecated. More broadly, in general users of jsonschema should never be mutating objects owned by the library.

v4.19.2

• Fix the error message for additional items when used with heterogeneous arrays.
• Don't leak the additionalItems keyword into JSON Schema draft 2020-12, where it was replaced by items.

v4.19.1

• Single label hostnames are now properly considered valid according to the hostname format. This is the behavior specified by the relevant RFC (1123). IDN hostname behavior was already correct.

v4.19.0

• Importing the Validator protocol directly from the package root is deprecated. Import it from jsonschema.protocols.Validator instead.
• Automatic retrieval of remote references (which is still deprecated) now properly succeeds even if the retrieved resource does not declare which version of JSON Schema it uses. Such resources are assumed to be 2020-12 schemas.

... (truncated)

Commits

• cfe8a40 Document the other change, and call this 4.23.0.
• 25127a1 Merge pull request #1282 from rominf/rominf-python3.13
• 40410c4 Declare support for 3.13
• 3a44b4b Merge pull request #1276 from python-jsonschema/pre-commit-ci-update-config
• 6a00e35 [pre-commit.ci] pre-commit autoupdate
• 84fee43 Merge pull request #1273 from python-jsonschema/pre-commit-ci-update-config
• a90d6e2 [pre-commit.ci] pre-commit autoupdate
• c3a8641 Merge pull request #1272 from python-jsonschema/pre-commit-ci-update-config
• deb5398 [pre-commit.ci] pre-commit autoupdate
• 7fd28c3 Update the (ancient draft3) color format for newer webcolors.
• Additional commits viewable in compare view

Updates markdown from 3.4.1 to 3.6

Release notes

Sourced from markdown's releases.

Release 3.6

Changed

Refactor TOC Sanitation

• All postprocessors are now run on heading content.
• Footnote references are now stripped from heading content. Fixes #660.
• A more robust striptags is provided to convert headings to plain text. Unlike, the markupsafe implementation, HTML entities are not unescaped.
• The plain text name, rich html, and unescaped raw data-toc-label are saved to toc_tokens, allowing users to access the full rich text content of the headings directly from toc_tokens.
• The value of data-toc-label is sanitized separate from heading content before being written to name. This fixes a bug which allowed markup through in certain circumstances. To access the raw unsanitized data, retrieve the value from token['data-toc-label'] directly.
• An html.unescape call is made just prior to calling slugify so that slugify only operates on Unicode characters. Note that html.unescape is not run on name, html, or data-toc-label.
• The functions get_name and stashedHTML2text defined in the toc extension are both deprecated. Instead, third party extensions should use some combination of the new functions run_postprocessors, render_inner_html and striptags.

Fixed

• Include scripts/*.py in the generated source tarballs (#1430).
• Ensure lines after heading in loose list are properly detabbed (#1443).
• Give smarty tree processor higher priority than toc (#1440).
• Permit carets (^) and square brackets (]) but explicitly exclude backslashes (\) from abbreviations (#1444).
• In attribute lists (attr_list, fenced_code), quoted attribute values are now allowed to contain curly braces (}) (#1414).

Release 3.5.2

Fixed

• Fix type annotations for convertFile - it accepts only bytes-based buffers. Also remove legacy checks from Python 2 (#1400)
• Remove legacy import needed only in Python 2 (#1403)
• Fix typo that left the attribute AdmonitionProcessor.content_indent unset (#1404)
• Fix edge-case crash in InlineProcessor with AtomicString (#1406).
• Fix edge-case crash in codehilite with an empty code tag (#1405).
• Improve and expand type annotations in the code base (#1401).
• Fix handling of bogus comments (#1425).

Release 3.5.1

Fixed

... (truncated)

Changelog

Sourced from markdown's changelog.

[3.6] -- 2024-03-14

Changed

Refactor TOC Sanitation

• All postprocessors are now run on heading content.
• Footnote references are now stripped from heading content. Fixes #660.
• A more robust striptags is provided to convert headings to plain text. Unlike, the markupsafe implementation, HTML entities are not unescaped.
• The plain text name, rich html, and unescaped raw data-toc-label are saved to toc_tokens, allowing users to access the full rich text content of the headings directly from toc_tokens.
• The value of data-toc-label is sanitized separate from heading content before being written to name. This fixes a bug which allowed markup through in certain circumstances. To access the raw unsanitized data, retrieve the value from token['data-toc-label'] directly.
• An html.unescape call is made just prior to calling slugify so that slugify only operates on Unicode characters. Note that html.unescape is not run on name, html, or data-toc-label.
• The functions get_name and stashedHTML2text defined in the toc extension are both deprecated. Instead, third party extensions should use some combination of the new functions run_postprocessors, render_inner_html and striptags.

Fixed

• Include scripts/*.py in the generated source tarballs (#1430).
• Ensure lines after heading in loose list are properly detabbed (#1443).
• Give smarty tree processor higher priority than toc (#1440).
• Permit carets (^) and square brackets (]) but explicitly exclude backslashes (\) from abbreviations (#1444).
• In attribute lists (attr_list, fenced_code), quoted attribute values are now allowed to contain curly braces (}) (#1414).

[3.5.2] -- 2024-01-10

Fixed

• Fix type annotations for convertFile - it accepts only bytes-based buffers. Also remove legacy checks from Python 2 (#1400)
• Remove legacy import needed only in Python 2 (#1403)
• Fix typo that left the attribute AdmonitionProcessor.content_indent unset (#1404)
• Fix edge-case crash in InlineProcessor with AtomicString (#1406).
• Fix edge-case crash in codehilite with an empty code tag (#1405).
• Improve and expand type annotations in the code base (#1401).
• Fix handling of bogus comments (#1425).

[3.5.1] -- 2023-10-31

... (truncated)

Commits

• e524b8f Bump version to 3.6
• 3d8afc6 Allow attr_list quoted values to contain curly braces
• 9edba85 Refactor abbr escaping
• e4ab4a6 Refactor TOC sanitation
• a18765c Explicitly omit carot and backslash from abbr
• 421f1e8 Give smarty tree processor higher priority than toc
• c334a3e Ensure lines after heading in loose list are properly detabbed
• ea92856 Update the license template so GitHub can detect it
• a2effd6 Disable mkdocstrings show_symbol_type_toc option to work around searching iss...
• 91f9a12 Restore Attribute symbol type in mkdocstrings template
• Additional commits viewable in compare view

Updates markupsafe from 2.1.4 to 2.1.5

Release notes

Sourced from markupsafe's releases.

2.1.5

This is a fix release for the 2.1.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

Fixes a regression in striptags behavior from 2.14. Spaces are now collapsed correctly.

• Changes: https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-5
• Milestone: https://github.com/pallets/markupsafe/milestone/12?closed=1
• PyPI: https://pypi.org/project/MarkupSafe/2.1.5/

Changelog

Sourced from markupsafe's changelog.

Version 2.1.5

Released 2024-02-02

• Fix striptags not collapsing spaces. :issue:417

Commits

• fbba4ac release version 2.1.5
• c5fa23b update publish actions
• 60a6512 striptags collapses spaces correctly (#418)
• 0b6bee0 collapse spaces after stripping tags
• 73e6a48 start version 2.1.5
• d704bf4 use pip-compile, dependabot updates (#419)
• 1f82932 use pip-compile, dependabot updates
• 25a640f release version 2.1.4 (#414)
• See full diff in compare view

Updates pycurl from 7.45.1 to 7.45.3

Changelog

Sourced from pycurl's changelog.

Version 7.45.3 [requires libcurl-7.19.0 or better] - 2024-02-17

    * Add CURLOPT_REQUEST_TARGET option (patch by Marcel Brouwers).
    * Add missing 2nd parameters to METH_NOARGS functions
      (patch by Scott Talbert).
    * Add CURLOPT_AWS_SIGV4 option (patch by Scott Talbert).
    * Add consistent names for newer Curl version constants
      (patch by Scott Talbert).
    * Only run HTTP version 3 option constant test if curl supported
      (patch by Scott Talbert).
    * Expose COMPILE_SSL_LIB in Python and use for test filtering
      (patch by Scott Talbert).
    * Filter tests based on *compile* libcurl version not runtime version
      (patch by Scott Talbert).
    * Use print function in callbacks documentation
      (patch by Scott Talbert).
    * Add missing shebang to tests/ext/test-suite.sh
      (patch by Scott Talbert).
    * Officially declare support for Python 3.12
      (patch by Scott Talbert).
    * Fix curl_multi_info_read flow that loses messages
      (patch by Dom Sekotill).
    * Support using environment variables for setup on Windows
      (patch by Scott Talbert).
    * Add support for Schannel SSL backend (patch by Scott Talbert)
    * Skip HTTP2 tests based on a curl support check
      (patch by Scott Talbert).
    * Fix fake-curl tests so they work when run out of tree
      (patch by Scott Talbert).
    * xfail test_easy_pause_unpause unconditionally
      (patch by Scott Talbert).
    * Provide generic error strings in pycurl.error objects
      (patch by Scott Talbert).
    * Change URLs to new curl mailing list (patch by Michael C).
    * Add missing HTTPS proxy options (patch by Jean Hominal).
    * Add support for setting CURLOPT_SSLCERT_BLOB
      (patch by Vesa Jääskeläinen).
    * Add support for setting rest of CURLOPTTYPE_BLOB fields
      (patch by Vesa Jääskeläinen).
    * Build wheels on Linux/macOS/Windows (patch by Scott Talbert).

Version 7.45.2 [requires libcurl-7.19.0 or better] - 2022-12-16

    * Python 3.9 compatibility for Py_TRASHCAN_SAFE_BEGIN
      (patch by Scott Talbert).
    * Add support for CURL_HTTP_VERSION_3 (patch by Scott Talbert).
    * Add CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS options
      (patch by Scott Talbert).

... (truncated)

Commits

• See full diff in compare view

Updates pyopenssl from 24.1.0 to 24.2.1

Changelog

Sourced from pyopenssl's changelog.

24.2.1 (2024-07-20)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

• Fixed changelog to remove sphinx specific restructured text strings.

24.2.0 (2024-07-20)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

• Deprecated OpenSSL.crypto.X509Req, OpenSSL.crypto.load_certificate_request, OpenSSL.crypto.dump_certificate_request. Instead, cryptography.x509.CertificateSigningRequest, cryptography.x509.CertificateSigningRequestBuilder, cryptography.x509.load_der_x509_csr, or cryptography.x509.load_pem_x509_csr should be used.

Changes: ^^^^^^^^

• Added type hints for the SSL module. [#1308](https://github.com/pyca/pyopenssl/issues/1308) <https://github.com/pyca/pyopenssl/pull/1308>_.
• Changed OpenSSL.crypto.PKey.from_cryptography_key to accept public and private EC, ED25519, ED448 keys. [#1310](https://github.com/pyca/pyopenssl/issues/1310) <https://github.com/pyca/pyopenssl/pull/1310>_.

Commits

• 8dd9457 24.2.1 (#1320)
• 19f093e make changelog vanilla rst (#1319)
• e265b28 Prepare for 24.2.0 release (#1318)
• 6943ee5 Deprecate CSR support in pyOpenSSL (#1316)
• 01b9b56 Add more type definitions for SSL module, check with mypy (#1313)
• cdcb48b Prune redundant :rtype: from SSL module (#1315)
• b86914d Fix ruff invocation (#1314)
• caa1ab3 Update changelog for PR #1308 and #1310 (#1311)
• 9a21055 Allow loading EC, ED25519, ED448 public keys from cryptography (#1310)
• 9eaa107 Add type annotations for the SSL module (#1308)
• Additional commits viewable in compare view

Updates setuptools from 71.1.0 to 72.1.0

Changelog

Sourced from setuptools's changelog.

v72.1.0

Features

• Restore the tests command and deprecate access to the module. (#4519) (#4520)

v72.0.0

Deprecations and Removals

• The test command has been removed. Users relying on 'setup.py test' will need to migrate to another test runner or pin setuptools before this version. (#931)

Commits

• 441799f Bump version: 72.0.0 → 72.1.0
• 59aff44 Merge pull request #4522 from pypa/feature/graceful-drop-tests
• c437aaa Restore the tests command and deprecate access to the module.
• a6726b9 Add celery and requests to the packages that test integration. Ref #4520
• 5e1b3c4 Bump version: 71.1.0 → 72.0.0
• 4c0b9f3 Merge pull request #4458 from pypa/debt/remove-test-command
• be8e3a0 Merge pull request #4507 from pypa/docs/4483-install-core-extra
• 99d2c72 Add documentation clarifying how to reliably install setuptools with its depe...
• 63c89f9 👹 Feed the hobgoblins (delint).
• c405ac1 Merge branch 'main' into debt/remove-test-command
• See full diff in compare view

Updates terminado from 0.18.0 to 0.18.1

Release notes

Sourced from terminado's releases.

v0.18.1

0.18.1

(Full Changelog)

Maintenance and upkeep improvements

• Update Release Scripts #238 (@​blink1073)
• chore: update pre-commit hooks #237 (@​pre-commit-ci)
• Update pre-commit and ruff config #235 (@​blink1073)

Contributors to t...

Description has been truncated

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.