Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Bump the github-actions group with 5 updates #548

Closed
wants to merge 1 commit into from
Closed

chore(deps): Bump the github-actions group with 5 updates #548

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 8, 2024
edited
Loading

Bumps the github-actions group with 5 updates:

Package From To
numpy 2.1.2 2.1.3
protobuf 5.28.2 5.28.3
werkzeug 3.0.4 3.1.2
boto3 1.35.43 1.35.56
pymarkdownlnt 0.9.22 0.9.24

Updates numpy from 2.1.2 to 2.1.3

Release notes

Sourced from numpy's releases.

2.1.3 (Nov 2, 2024)

NumPy 2.1.3 Release Notes

NumPy 2.1.3 is a maintenance release that fixes bugs and regressions discovered after the 2.1.2 release. This release also adds support for free threaded Python 3.13 on Windows.

The Python versions supported by this release are 3.10-3.13.

Improvements

  • Fixed a number of issues around promotion for string ufuncs with StringDType arguments. Mixing StringDType and the fixed-width DTypes using the string ufuncs should now generate much more uniform results.

    (gh-27636)

Changes

  • numpy.fix now won't perform casting to a floating data-type for integer and boolean data-type input arrays.

    (gh-26766)

Contributors

A total of 15 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

  • Abhishek Kumar +
  • Austin +
  • Benjamin A. Beasley +
  • Charles Harris
  • Christian Lorentzen
  • Marcel Telka +
  • Matti Picus
  • Michael Davidsaver +
  • Nathan Goldbaum
  • Peter Hawkins
  • Raghuveer Devulapalli
  • Ralf Gommers
  • Sebastian Berg
  • dependabot[bot]
  • kp2pml30 +

Pull requests merged

A total of 21 pull requests were merged for this release.

... (truncated)

Commits
  • 98464cc Merge pull request #27690 from charris/prepare-2.1.3
  • cbda85b REL: Prepare for the NumPy 2.1.3 release [wheel build]
  • daa8699 Merge pull request #27672 from charris/backport-27666
  • 614ca19 Merge pull request #27673 from charris/backport-27636
  • e6b02d7 DOC: add release note
  • 54fd729 BUG: substantially simplify and fix issue with justification promoter
  • a90fe7c BUG: fix more issues with string ufunc promotion
  • a121864 BUG: fixes for StringDType/unicode promoters
  • f055fb9 BUG: Fix a reference count leak in npy_find_descr_for_scalar.
  • 5895c02 Merge pull request #27669 from charris/backport-27663
  • Additional commits viewable in compare view

Updates protobuf from 5.28.2 to 5.28.3

Commits

Updates werkzeug from 3.0.4 to 3.1.2

Release notes

Sourced from werkzeug's releases.

3.1.2

This is the Werkzeug 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.

PyPI: https://pypi.org/project/Werkzeug/3.1.2/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2 Milestone: https://github.com/pallets/werkzeug/milestone/40?closed=1

  • Improve type annotation for TypeConversionDict.get to allow the type parameter to be a callable. #2988
  • Headers does not inherit from MutableMapping, as it is does not exactly match that interface. #2989

3.1.1

This is the Werkzeug 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.

PyPI: https://pypi.org/project/Werkzeug/3.1.1/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-1 Milestone: https://github.com/pallets/werkzeug/milestone/38?closed=1

  • Fix an issue that caused str(Request.headers) to always appear empty. #2985

3.1.0

This is the Werkzeug 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/Werkzeug/3.1.0/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-0 Milestone: https://github.com/pallets/werkzeug/milestone/34?closed=1

  • Drop support for Python 3.8. #2966
  • Remove previously deprecated code. #2967
  • Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. #2964
  • OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. #2968
  • Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.
    • Dict values are always str | None. Setting properties will convert the value to a string. Setting a property to False is equivalent to setting it to None. Getting typed properties will return None if conversion raises ValueError, rather than the string. #2980
    • max_age is None if present without a value, rather than -1. #2980
    • no_cache is a boolean for requests, it is True instead of "*" when present. It remains a string for responses. #2980
    • max_stale is True if present without a value, rather than "*". #2980
    • no_transform is a boolean. Previously it was mistakenly always None. #2881
    • min_fresh is None if present without a value, rather than "*". #2881
    • private is True if present without a value, rather than "*". #2980
    • Added the must_understand property. #2881
    • Added the stale_while_revalidate, and stale_if_error properties. #2948
    • Type annotations more accurately reflect the values. #2881
  • Support Cookie CHIPS (Partitioned Cookies). #2797
  • Add 421 MisdirectedRequest HTTP exception. #2850
  • Increase default work factor for PBKDF2 to 1,000,000 iterations. #2969
  • Inline annotations for datastructures, removing stub files. #2970
  • MultiDict.getlist catches TypeError in addition to ValueError when doing type conversion. #2976
  • Implement | and |= operators for MultiDict, Headers, and CallbackDict, and disallow |= on immutable types. #2977

3.0.6

This is the Werkzeug 3.0.6 security fix release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes.

... (truncated)

Changelog

Sourced from werkzeug's changelog.

Version 3.1.2

Released 2024-11-04

  • Improve type annotation for TypeConversionDict.get to allow the type parameter to be a callable. :issue:2988
  • Headers does not inherit from MutableMapping, as it is does not exactly match that interface. :issue:2989

Version 3.1.1

Released 2024-11-01

  • Fix an issue that caused str(Request.headers) to always appear empty. :issue:2985

Version 3.1.0

Released 2024-10-31

  • Drop support for Python 3.8. :pr:2966

  • Remove previously deprecated code. :pr:2967

  • Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. :issue:2964

  • OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. :issue:2968

  • Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.

    • Dict values are always str | None. Setting properties will convert the value to a string. Setting a property to False is equivalent to setting it to None. Getting typed properties will return None if conversion raises ValueError, rather than the string. :issue:2980
    • max_age is None if present without a value, rather than -1. :issue:2980
    • no_cache is a boolean for requests, it is True instead of "*" when present. It remains a string for responses. :issue:2980
    • max_stale is True if present without a value, rather than "*". :issue:2980
    • no_transform is a boolean. Previously it was mistakenly always None. :issue:2881
    • min_fresh is None if present without a value, rather than "*". :issue:2881
    • private is True if present without a value, rather than "*".

... (truncated)

Commits

Updates boto3 from 1.35.43 to 1.35.56

Commits
  • 7376423 Merge branch 'release-1.35.56'
  • aa17d21 Bumping version to 1.35.56
  • 7d746c6 Add changelog entries from botocore
  • a48a256 Merge branch 'release-1.35.55'
  • 90f444e Merge branch 'release-1.35.55' into develop
  • 66576f6 Bumping version to 1.35.55
  • eb1aaf6 Add changelog entries from botocore
  • 014f592 Update credentials documentation (#4271)
  • 9e12dfd Update bucket names in examples (#4325)
  • fdb78d3 Merge branch 'release-1.35.54'
  • Additional commits viewable in compare view

Updates pymarkdownlnt from 0.9.22 to 0.9.24

Release notes

Sourced from pymarkdownlnt's releases.

Version 0.9.24 - Date: 2024-10-06

This release continued our focus on enabling fixing for Rule Md031 and uncovering any issues with the more deeply nested container cases. This has meant introducing a new helper class to assist in the tracking of a given line to the container tokens used to provide container-based indenting for that line. This is very important for Rule Md031, and has already proveded to be useful in a partial rewrite of some of the logic for Md027.

While we find the odd parsing error, those issues are now rare to find in container nesting of three container or less, especially compared to finding issues with our new fix logic. Still, we continue to try different combinations of containers elements and leaf elements, verifying that PyMarkdown creates the correct HTML and correct Markdown from our parsed format.

That is where we still need our users to help us out. If you are scanning any Markdown documents and the results seem off, please file an issue. If you are starting to use our fix mode on your Markdown documents and there are issues, please file an issue. We appreciate any help that we can get to improve the project for everyone!

Added

  • Issue 1212
    • added cases to Md031 for SetExt
    • added extra test cases and resolution to other cases

Fixed

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the github-actions group with 5 updates
10101f6 
Bumps the github-actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [numpy](https://github.com/numpy/numpy) | `2.1.2` | `2.1.3` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `5.28.2` | `5.28.3` |
| [werkzeug](https://github.com/pallets/werkzeug) | `3.0.4` | `3.1.2` |
| [boto3](https://github.com/boto/boto3) | `1.35.43` | `1.35.56` |
| [pymarkdownlnt](https://github.com/jackdewinter/pymarkdown) | `0.9.22` | `0.9.24` |


Updates `numpy` from 2.1.2 to 2.1.3
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.1.2...v2.1.3)

Updates `protobuf` from 5.28.2 to 5.28.3
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](protocolbuffers/protobuf@v5.28.2...v5.28.3)

Updates `werkzeug` from 3.0.4 to 3.1.2
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@3.0.4...3.1.2)

Updates `boto3` from 1.35.43 to 1.35.56
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.35.43...1.35.56)

Updates `pymarkdownlnt` from 0.9.22 to 0.9.24
- [Release notes](https://github.com/jackdewinter/pymarkdown/releases)
- [Changelog](https://github.com/jackdewinter/pymarkdown/blob/main/changelog.md)
- [Commits](jackdewinter/pymarkdown@v0.9.22...v0.9.24)

---
updated-dependencies:
- dependency-name: numpy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: werkzeug
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: pymarkdownlnt
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 8, 2024
This was referenced Nov 8, 2024
Closed
Closed
Closed
Closed
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 11, 2024

Superseded by #550.

@dependabot dependabot bot closed this Nov 11, 2024
@dependabot dependabot bot deleted the dependabot/pip/github-actions-b2aebf6567 branch November 11, 2024 11:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants