Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the pip group across 1 directory with 8 updates #4

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 17, 2024

Bumps the pip group with 8 updates in the / directory:

Package From To
lxml 3.6.0 4.9.1
flask 0.10.1 2.2.5
flask-admin 1.4.0 1.5.3
scrapy 1.1.0 2.11.2
numpy 1.11.0 1.22.0
scikit-learn 0.17.1 1.5.0
scrapy-splash 0.7 0.8.0
requests 2.10.0 2.32.2

Updates lxml from 3.6.0 to 4.9.1

Changelog

Sourced from lxml's changelog.

4.9.1 (2022-07-01)

Bugs fixed

  • A crash was resolved when using iterwalk() (or canonicalize()) after parsing certain incorrect input. Note that iterwalk() can crash on valid input parsed with the same parser after failing to parse the incorrect input.

4.9.0 (2022-06-01)

Bugs fixed

  • GH#341: The mixin inheritance order in lxml.html was corrected. Patch by xmo-odoo.

Other changes

  • Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12.

  • Wheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35 (libxml2 2.9.12+ and libxslt 1.1.34 on Windows).

  • GH#343: Windows-AArch64 build support in Visual Studio. Patch by Steve Dower.

4.8.0 (2022-02-17)

Features added

  • GH#337: Path-like objects are now supported throughout the API instead of just strings. Patch by Henning Janssen.

  • The ElementMaker now supports QName values as tags, which always override the default namespace of the factory.

Bugs fixed

  • GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively.

... (truncated)

Commits
  • d01872c Prevent parse failure in new test from leaking into later test runs.
  • d65e632 Prepare release of lxml 4.9.1.
  • 86368e9 Fix a crash when incorrect parser input occurs together with usages of iterwa...
  • 50c2764 Delete unused Travis CI config and reference in docs (GH-345)
  • 8f0bf2d Try to speed up the musllinux AArch64 build by splitting the different CPytho...
  • b9f7074 Remove debug print from test.
  • b224e0f Try to install 'xz' in wheel builds, if available, since it's now needed to e...
  • 897ebfa Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts...
  • 853c9e9 Prepare release of 4.9.0.
  • d3f77e6 Add a test for https://bugs.launchpad.net/lxml/+bug/1965070 leaving out the a...
  • Additional commits viewable in compare view

Updates flask from 0.10.1 to 2.2.5

Release notes

Sourced from flask's releases.

2.2.5

This is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.

2.2.4

This is a fix release for the 2.2.x release branch.

2.2.3

This is a fix release for the 2.2.x release branch.

2.2.2

This is a fix release for the 2.2.0 feature release.

2.2.1

This is a fix release for the 2.2.0 feature release.

2.2.0

This is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

2.1.3

2.1.2

This is a fix release for the 2.1.0 feature release.

2.1.1

This is a fix release for the 2.1.0 feature release.

... (truncated)

Changelog

Sourced from flask's changelog.

Version 2.2.5

Released 2023-05-02

  • Update for compatibility with Werkzeug 2.3.3.
  • Set Vary: Cookie header when the session is accessed, modified, or refreshed.

Version 2.2.4

Released 2023-04-25

  • Update for compatibility with Werkzeug 2.3.

Version 2.2.3

Released 2023-02-15

  • Autoescape is enabled by default for .svg template files. :issue:4831
  • Fix the type of template_folder to accept pathlib.Path. :issue:4892
  • Add --debug option to the flask run command. :issue:4777

Version 2.2.2

Released 2022-08-08

  • Update Werkzeug dependency to >= 2.2.2. This includes fixes related to the new faster router, header parsing, and the development server. :pr:4754
  • Fix the default value for app.env to be "production". This attribute remains deprecated. :issue:4740

Version 2.2.1

Released 2022-08-03

  • Setting or accessing json_encoder or json_decoder raises a deprecation warning. :issue:4732

Version 2.2.0

... (truncated)

Commits

Updates flask-admin from 1.4.0 to 1.5.3

Release notes

Sourced from flask-admin's releases.

v1.5.3

  • Fixed XSS vulnerability
  • Support nested categories in the navbar menu
  • SQLAlchemy
    • sort on multiple columns with column_default_sort
    • sort on related models in column_sortable_list
    • fix: inline model forms can now also be used for models with multiple primary keys
    • support for using mapped column_property
  • Upgrade Leaflet and Leaflet.draw plugins, used for geoalchemy integration
  • Specify minimum_input_length for ajax widget
  • Peewee: support composite keys
  • MongoEngine: when searching/filtering the input is now regarded as case-insensitive by default
  • FileAdmin
    • handle special characters in filename
    • fix a bug with listing directories on Windows
    • avoid raising an exception when unknown sort parameter is encountered
  • WTForms 3 support

1.5.2

  • Fixed XSS vulnerability
  • Fixed Peewee support
  • Added detail view column formatters
  • Updated Flask-Login example to work with the newer version of the library
  • Various SQLAlchemy-related fixes
  • Various Windows related fixes for the file admin

v1.5.0

  • Fixed CSRF generation logic for multi-process deployments
  • Added WTForms >= 3.0 support
  • Flask-Admin would not recursively save inline models, allowing arbitrary nesting
  • Added configuration properties that allow injection of additional CSS and JS dependencies into templates without overriding them
  • SQLAlchemy backend
    • Updated hybrid property detection using new SQLAlchemy APIs
    • Added support for association proxies
    • Added support for remote hybrid properties filters
    • Added support for ARRAY column type
  • Localization-related fixes
  • MongoEngine backend is now properly formats model labels
  • Improved Google App Engine support:
    • Added TextProperty, KeyProperty and SelectField support
    • Added support for form_args, excluded_columns, page_size and after_model_update
  • Fixed URL generation with localized named filters
  • FileAdmin has Bootstrap 2 support now
  • Geoalchemy support fixes
    • Use Google Places (by default) for place search
  • Updated translations
  • Bug fixes

... (truncated)

Changelog

Sourced from flask-admin's changelog.

1.5.3

  • Fixed XSS vulnerability
  • Support nested categories in the navbar menu
  • SQLAlchemy
    • sort on multiple columns with column_default_sort
    • sort on related models in column_sortable_list
    • show searchable fields in search input's placeholder text
    • fix: inline model forms can now also be used for models with multiple primary keys
    • support for using mapped column_property
  • Upgrade Leaflet and Leaflet.draw plugins, used for geoalchemy integration
  • Specify minimum_input_length for ajax widget
  • Peewee: support composite keys
  • MongoEngine: when searching/filtering the input is now regarded as case-insensitive by default
  • FileAdmin
    • handle special characters in filename
    • fix a bug with listing directories on Windows
    • avoid raising an exception when unknown sort parameter is encountered
  • WTForms 3 support

1.5.2

  • Fixed XSS vulnerability
  • Fixed Peewee support
  • Added detail view column formatters
  • Updated Flask-Login example to work with the newer version of the library
  • Various SQLAlchemy-related fixes
  • Various Windows related fixes for the file admin

1.5.1

  • Dropped Python 2.6 support
  • Fixed SQLAlchemy >= 1.2 compatibility
  • Fixed Pewee 3.0 compatibility
  • Fixed max year for a combo date inline editor
  • Lots of small bug fixes

1.5.0

  • Fixed CSRF generation logic for multi-process deployments
  • Added WTForms >= 3.0 support
  • Flask-Admin would not recursively save inline models, allowing arbitrary nesting
  • Added configuration properties that allow injection of additional CSS and JS dependencies into templates without overriding them
  • SQLAlchemy backend
    • Updated hybrid property detection using new SQLAlchemy APIs
    • Added support for association proxies

... (truncated)

Commits
  • 0528221 Bumped version, updated changelog
  • 8af10e0 Merge pull request #1699 from lbhsot/master
  • 1939762 Merge pull request #1779 from alanhamlett/master
  • c4715f0 fix flake8
  • 402e9a7 use Markupsafe to support WTForms 3
  • 829c24d Merge pull request #1751 from nurockplayer/master
  • 801a50b Merge pull request #1756 from GrayAn/checkboxlist
  • ff861de escape_html function was removed as non-existent in the too old and
  • dddfca9 SQLA fields API is now shown in the documentation
  • 2d6f7dd Alternative field for many-to-many relationship, appears as list of
  • Additional commits viewable in compare view

Updates scrapy from 1.1.0 to 2.11.2

Release notes

Sourced from scrapy's releases.

2.11.2

Mostly bug fixes, including security bug fixes.

See the full changelog.

2.11.1

  • Security bug fixes.
  • Support for Twisted >= 23.8.0.
  • Documentation improvements.

See the full changelog.

2.11.0

  • Spiders can now modify settings in their from_crawler methods, e.g. based on spider arguments.
  • Periodic logging of stats.
  • Bug fixes.

See the full changelog.

2.10.1

Marked Twisted >= 23.8.0 as unsupported.

2.10.0

  • Added Python 3.12 support, dropped Python 3.7 support.
  • The new add-ons framework simplifies configuring 3rd-party components that support it.
  • Exceptions to retry can now be configured.
  • Many fixes and improvements for feed exports.

See the full changelog.

2.9.0

  • Per-domain download settings.
  • Compatibility with new cryptography and new parsel.
  • JMESPath selectors from the new parsel.
  • Bug fixes.

See the full changelog.

2.8.0

This is a maintenance release, with minor features, bug fixes, and cleanups.

See the full changelog.

2.7.1

  • Relaxed the restriction introduced in 2.6.2 so that the Proxy-Authentication header can again be set explicitly in certain cases, restoring compatibility with scrapy-zyte-smartproxy 2.1.0 and older
  • Bug fixes

See the full changelog

2.7.0

... (truncated)

Changelog

Sourced from scrapy's changelog.

Scrapy 2.11.2 (2024-05-14)

Security bug fixes


-   Redirects to non-HTTP protocols are no longer followed. Please, see the
    `23j4-mw76-5v7h security advisory`_ for more information. (:issue:`457`)
.. _23j4-mw76-5v7h security advisory: https://github.com/scrapy/scrapy/security/advisories/GHSA-23j4-mw76-5v7h
  • The Authorization header is now dropped on redirects to a different scheme (http:// or https://) or port, even if the domain is the same. Please, see the 4qqq-9vqf-3h3f security advisory_ for more information.

    .. _4qqq-9vqf-3h3f security advisory: https://github.com/scrapy/scrapy/security/advisories/GHSA-4qqq-9vqf-3h3f

  • When using system proxy settings that are different for http:// and https://, redirects to a different URL scheme will now also trigger the corresponding change in proxy settings for the redirected request. Please, see the jm3v-qxmh-hxwv security advisory_ for more information. (:issue:767)

    .. _jm3v-qxmh-hxwv security advisory: https://github.com/scrapy/scrapy/security/advisories/GHSA-jm3v-qxmh-hxwv

  • :attr:Spider.allowed_domains <scrapy.Spider.allowed_domains> is now enforced for all requests, and not only requests from spider callbacks. (:issue:1042, :issue:2241, :issue:6358)

  • :func:~scrapy.utils.iterators.xmliter_lxml no longer resolves XML entities. (:issue:6265)

  • defusedxml_ is now used to make :class:scrapy.http.request.rpc.XmlRpcRequest more secure. (:issue:6250, :issue:6251)

    .. _defusedxml: https://github.com/tiran/defusedxml

Bug fixes


-   Restored support for brotlipy_, which had been dropped in Scrapy 2.11.1 in
    favor of brotli_. (:issue:`6261`)
.. _brotli: https://github.com/google/brotli

.. note:: brotlipy is deprecated, both in Scrapy and upstream. Use brotli
    instead if you can.

</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>

<ul>
<li><a href="https://github.com/scrapy/scrapy/commit/e8cb5a03b382b98f2c8945355076390f708b918d&quot;&gt;&lt;code&gt;e8cb5a0&lt;/code&gt;&lt;/a> Bump version: 2.11.1 → 2.11.2</li>
<li><a href="https://github.com/scrapy/scrapy/commit/2c031f4061ae9bf486cc9e2a699355450638e8c2&quot;&gt;&lt;code&gt;2c031f4&lt;/code&gt;&lt;/a> Set the release date of 2.11.2</li>
<li><a href="https://github.com/scrapy/scrapy/commit/3ffa17c0204deb3bdf2c7c60f5a56c9f777698c6&quot;&gt;&lt;code&gt;3ffa17c&lt;/code&gt;&lt;/a> Use posargs for pypy3-pinned</li>
<li><a href="https://github.com/scrapy/scrapy/commit/c6a8f0e4d945622a7e71adf635e272b66eddbbd0&quot;&gt;&lt;code&gt;c6a8f0e&lt;/code&gt;&lt;/a> Update VERSION references</li>
<li><a href="https://github.com/scrapy/scrapy/commit/60d2577284128cd0cf4af54745730da4a9005177&quot;&gt;&lt;code&gt;60d2577&lt;/code&gt;&lt;/a> Merge remote-tracking branch '23j4/2.11.2-release-notes' into 2.11</li>
<li><a href="https://github.com/scrapy/scrapy/commit/36287cb665ab4b0c65fd53181c9a0ef04990ada6&quot;&gt;&lt;code&gt;36287cb&lt;/code&gt;&lt;/a> Merge branch 'redirect-protocols' into 2.11</li>
<li><a href="https://github.com/scrapy/scrapy/commit/f138d5d1450ef38ee077c2472c136c70d8d673e8&quot;&gt;&lt;code&gt;f138d5d&lt;/code&gt;&lt;/a> Merge branch 'environ-proxy-protocol' into 2.11</li>
<li><a href="https://github.com/scrapy/scrapy/commit/1d0502f25bbe55a22899af915623fda1aaeb9dd8&quot;&gt;&lt;code&gt;1d0502f&lt;/code&gt;&lt;/a> Merge branch 'advisory-fix' into 2.11</li>
<li><a href="https://github.com/scrapy/scrapy/commit/bb948af00babe545a7fb52700f4ba1424d206677&quot;&gt;&lt;code&gt;bb948af&lt;/code&gt;&lt;/a> Release notes for 2.11.2 (<a href="https://redirect.github.com/scrapy/scrapy/issues/6359&quot;&gt;#6359&lt;/a&gt;)&lt;/li>
<li><a href="https://github.com/scrapy/scrapy/commit/5ad9433dd59cd8436ce33bf2c44796516eef4c3c&quot;&gt;&lt;code&gt;5ad9433&lt;/code&gt;&lt;/a> Merge remote-tracking branch 'scrapy/2.11' into 2.11</li>
<li>Additional commits viewable in <a href="https://github.com/scrapy/scrapy/compare/1.1.0...2.11.2&quot;&gt;compare view</a></li>
</ul>
</details>

<br />

Updates numpy from 1.11.0 to 1.22.0

Release notes

Sourced from numpy's releases.

v1.22.0

NumPy 1.22.0 Release Notes

NumPy 1.22.0 is a big release featuring the work of 153 contributors spread over 609 pull requests. There have been many improvements, highlights are:

  • Annotations of the main namespace are essentially complete. Upstream is a moving target, so there will likely be further improvements, but the major work is done. This is probably the most user visible enhancement in this release.
  • A preliminary version of the proposed Array-API is provided. This is a step in creating a standard collection of functions that can be used across application such as CuPy and JAX.
  • NumPy now has a DLPack backend. DLPack provides a common interchange format for array (tensor) data.
  • New methods for quantile, percentile, and related functions. The new methods provide a complete set of the methods commonly found in the literature.
  • A new configurable allocator for use by downstream projects.

These are in addition to the ongoing work to provide SIMD support for commonly used functions, improvements to F2PY, and better documentation.

The Python versions supported in this release are 3.8-3.10, Python 3.7 has been dropped. Note that 32 bit wheels are only provided for Python 3.8 and 3.9 on Windows, all other wheels are 64 bits on account of Ubuntu, Fedora, and other Linux distributions dropping 32 bit support. All 64 bit wheels are also linked with 64 bit integer OpenBLAS, which should fix the occasional problems encountered by folks using truly huge arrays.

Expired deprecations

Deprecated numeric style dtype strings have been removed

Using the strings "Bytes0", "Datetime64", "Str0", "Uint32", and "Uint64" as a dtype will now raise a TypeError.

(gh-19539)

Expired deprecations for loads, ndfromtxt, and mafromtxt in npyio

numpy.loads was deprecated in v1.15, with the recommendation that users use pickle.loads instead. ndfromtxt and mafromtxt were both deprecated in v1.17 - users should use numpy.genfromtxt instead with the appropriate value for the usemask parameter.

(gh-19615)

... (truncated)

Commits

Updates scikit-learn from 0.17.1 to 1.5.0

Release notes

Sourced from scikit-learn's releases.

Scikit-learn 1.5.0

We're happy to announce the 1.5.0 release.

You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.5.html

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:

pip install -U scikit-learn

The conda-forge builds can be installed using:

conda install -c conda-forge scikit-learn

Scikit-learn 1.4.2

We're happy to announce the 1.4.2 release.

This release only includes support for numpy 2.

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:

pip install -U scikit-learn

Scikit-learn 1.4.1.post1

We're happy to announce the 1.4.1.post1 release.

You can see the changelog here: https://scikit-learn.org/stable/whats_new/v1.4.html#version-1-4-1-post1

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:

pip install -U scikit-learn

The conda-forge builds can be installed using:

conda install -c conda-forge scikit-learn

... (truncated)

Commits

Updates scrapy-splash from 0.7 to 0.8.0

Release notes

Sourced from scrapy-splash's releases.

0.8.0

  • Security bug fix:

    If you use HttpAuthMiddleware (i.e. the http_user and http_pass spider attributes) for Splash authentication, any non-Splash request will expose your credentials to the request target. This includes robots.txt requests sent by Scrapy when the ROBOTSTXT_OBEY setting is set to True.

    Use the new SPLASH_USER and SPLASH_PASS settings instead to set your Splash authentication credentials safely.

  • Responses now expose the HTTP status code and headers from Splash as response.splash_response_status and response.splash_response_headers (#158)

  • The meta argument passed to the scrapy_splash.request.SplashRequest constructor is no longer modified (#164)

  • Website responses with 400 or 498 as HTTP status code are no longer handled as the equivalent Splash responses (#158)

  • Cookies are no longer sent to Splash itself (#156)

  • scrapy_splash.utils.dict_hash now also works with obj=None (225793b)

  • Our test suite now includes integration tests (#156) and tests can be run in parallel (6fb8c41)

  • There’s a new ‘Getting help’ section in the README.rst file (#161, #162), the documentation about SPLASH_SLOT_POLICY has been improved (#157) and a typo as been fixed (#121)

  • Made some internal improvements (ee5000d, 25de545, 2aaa79d)

Changelog

Sourced from scrapy-splash's changelog.

0.8.0 (2021-10-05)

  • Security bug fix:

    If you use HttpAuthMiddleware_ (i.e. the http_user and http_pass spider attributes) for Splash authentication, any non-Splash request will expose your credentials to the request target. This includes robots.txt requests sent by Scrapy when the ROBOTSTXT_OBEY setting is set to True.

    Use the new SPLASH_USER and SPLASH_PASS settings instead to set your Splash authentication credentials safely.

    .. _HttpAuthMiddleware: http://doc.scrapy.org/en/latest/topics/downloader-middleware.html#module-scrapy.downloadermiddlewares.httpauth

  • Responses now expose the HTTP status code and headers from Splash as response.splash_response_status and response.splash_response_headers (#158)

  • The meta argument passed to the scrapy_splash.request.SplashRequest constructor is no longer modified (#164)

  • Website responses with 400 or 498 as HTTP status code are no longer handled as the equivalent Splash responses (#158)

  • Cookies are no longer sent to Splash itself (#156)

  • scrapy_splash.utils.dict_hash now also works with obj=None (225793b)

  • Our test suite now includes integration tests (#156) and tests can be run in parallel (6fb8c41)

  • There’s a new ‘Getting help’ section in the README.rst file (#161, #162), the documentation about SPLASH_SLOT_POLICY has been improved (#157) and a typo as been fixed (#121)

  • Made some internal improvements (ee5000d, 25de545, 2aaa79d)

0.7.2 (2017-03-30)

  • fixed issue with response type detection.

0.7.1 (2016-12-20)

  • Scrapy 1.0.x support is back;

... (truncated)

Commits

Updates requests from 2.10.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits
  • 88dce9d v2.32.2
  • c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
  • 92075b3 Add deprecation warning
  • aa1461b Move _get_connection to get_connection_with_tls_context
  • 970e8ce v2.32.1
  • d6ebc4a v2.32.0
  • 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
  • 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
  • 555b870 Allow character detection dependencies to be optional in post-packaging steps
  • d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the pip group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [lxml](https://github.com/lxml/lxml) | `3.6.0` | `4.9.1` |
| [flask](https://github.com/pallets/flask) | `0.10.1` | `2.2.5` |
| [flask-admin](https://github.com/flask-admin/flask-admin) | `1.4.0` | `1.5.3` |
| [scrapy](https://github.com/scrapy/scrapy) | `1.1.0` | `2.11.2` |
| [numpy](https://github.com/numpy/numpy) | `1.11.0` | `1.22.0` |
| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `0.17.1` | `1.5.0` |
| [scrapy-splash](https://github.com/scrapy-plugins/scrapy-splash) | `0.7` | `0.8.0` |
| [requests](https://github.com/psf/requests) | `2.10.0` | `2.32.2` |



Updates `lxml` from 3.6.0 to 4.9.1
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](lxml/lxml@lxml-3.6.0...lxml-4.9.1)

Updates `flask` from 0.10.1 to 2.2.5
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@0.10.1...2.2.5)

Updates `flask-admin` from 1.4.0 to 1.5.3
- [Release notes](https://github.com/flask-admin/flask-admin/releases)
- [Changelog](https://github.com/flask-admin/flask-admin/blob/master/doc/changelog.rst)
- [Commits](pallets-eco/flask-admin@v1.4.0...v1.5.3)

Updates `scrapy` from 1.1.0 to 2.11.2
- [Release notes](https://github.com/scrapy/scrapy/releases)
- [Changelog](https://github.com/scrapy/scrapy/blob/master/docs/news.rst)
- [Commits](scrapy/scrapy@1.1.0...2.11.2)

Updates `numpy` from 1.11.0 to 1.22.0
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v1.11.0...v1.22.0)

Updates `scikit-learn` from 0.17.1 to 1.5.0
- [Release notes](https://github.com/scikit-learn/scikit-learn/releases)
- [Commits](scikit-learn/scikit-learn@0.17.1...1.5.0)

Updates `scrapy-splash` from 0.7 to 0.8.0
- [Release notes](https://github.com/scrapy-plugins/scrapy-splash/releases)
- [Changelog](https://github.com/scrapy-plugins/scrapy-splash/blob/master/CHANGES.rst)
- [Commits](scrapy-plugins/scrapy-splash@0.7...0.8.0)

Updates `requests` from 2.10.0 to 2.32.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.10.0...v2.32.2)

---
updated-dependencies:
- dependency-name: lxml
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: flask
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: flask-admin
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: scrapy
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: numpy
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: scikit-learn
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: scrapy-splash
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: requests
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants