Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scheduled monthly dependency update for January #41

Closed
wants to merge 8 commits into from
Closed

Scheduled monthly dependency update for January #41

wants to merge 8 commits into from

Conversation

pyup-bot
Copy link
Contributor

@pyup-bot pyup-bot commented Jan 1, 2021

Update certifi from 2020.11.8 to 2020.12.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update chardet from 3.0.4 to 4.0.0.

Changelog

4.0.0

Benchmarking chardet 4.0.0 on CPython 3.7.5 (default, Sep  8 2020, 12:19:42)
[Clang 11.0.3 (clang-1103.0.32.62)]
--------------------------------------------------------------------------------
.......................................................................................................................................................................................................................................................................................................................................................................
Calls per second for each encoding:
Links

Update cryptography from 3.2.1 to 3.3.1.

Changelog

3.3

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Support for Python 3.5 has been removed due to
low usage and maintenance burden.
* **BACKWARDS INCOMPATIBLE:** The
:class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` and
:class:`~cryptography.hazmat.primitives.ciphers.aead.AESGCM` now require
64-bit to 1024-bit (8 byte to 128 byte) initialization vectors. This change
is to conform with an upcoming OpenSSL release that will no longer support
sizes outside this window.
* **BACKWARDS INCOMPATIBLE:** When deserializing asymmetric keys we now
raise ``ValueError`` rather than ``UnsupportedAlgorithm`` when an
unsupported cipher is used. This change is to conform with an upcoming
OpenSSL release that will no longer distinguish between error types.
* **BACKWARDS INCOMPATIBLE:** We no longer allow loading of finite field
Diffie-Hellman parameters of less than 512 bits in length. This change is to
conform with an upcoming OpenSSL release that no longer supports smaller
sizes. These keys were already wildly insecure and should not have been used
in any application outside of testing.
* Updated Windows, macOS, and ``manylinux`` wheels to be compiled with
OpenSSL 1.1.1i.
* Python 2 support is deprecated in ``cryptography``. This is the last release
that will support Python 2.
* Added the
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey.recover_data_from_signature`
function to
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`
for recovering the signed data from an RSA signature.

.. _v3-2-1:
Links

Update idna from 2.10 to 3.0.

Changelog

3.0

++++++++++++++++

- Python 2 is no longer supported (the 2.x branch supports Python 2,
use "idna<3" in your requirements file if you need Python 2 support)
- Support for V2 UTS 46 test vectors.
Links

Update limnoria from 2020.10.10 to 2020.12.05.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update multidict from 5.0.2 to 5.1.0.

Changelog

5.1.0

==================

Features
--------

- Support ``GenericAliases`` (``MultiDict[str]``) for Python 3.9+
`553 <https://github.com/aio-libs/multidict/issues/553>`_


Bugfixes
--------

- Synchronize the declared supported Python versions in ``setup.py`` with actually supported and tested ones.
`552 <https://github.com/aio-libs/multidict/issues/552>`_


----
Links

Update PyJWT from 1.7.1 to 2.0.0.

Changelog

2.0.0

[109]: https://github.com/jpadilla/pyjwt/pull/109
[110]: https://github.com/jpadilla/pyjwt/pull/110
[100]: https://github.com/jpadilla/pyjwt/pull/100
[101]: https://github.com/jpadilla/pyjwt/pull/101
[103]: https://github.com/jpadilla/pyjwt/pull/103
[85]: https://github.com/jpadilla/pyjwt/pull/85
[882524d]: https://github.com/jpadilla/pyjwt/commit/882524d
[bd57b02]: https://github.com/jpadilla/pyjwt/commit/bd57b02
[131]: https://github.com/jpadilla/pyjwt/pull/131
[132]: https://github.com/jpadilla/pyjwt/pull/132
[128]: https://github.com/jpadilla/pyjwt/pull/128
[141]: https://github.com/jpadilla/pyjwt/pull/141
[158]: https://github.com/jpadilla/pyjwt/pull/158
[163]: https://github.com/jpadilla/pyjwt/pull/163
[174]: https://github.com/jpadilla/pyjwt/pull/174
[182]: https://github.com/jpadilla/pyjwt/pull/182
[183]: https://github.com/jpadilla/pyjwt/pull/183
[190]: https://github.com/jpadilla/pyjwt/pull/190
[213]: https://github.com/jpadilla/pyjwt/pull/214
[244]: https://github.com/jpadilla/pyjwt/pull/244
[202]: https://github.com/jpadilla/pyjwt/pull/202
[252]: https://github.com/jpadilla/pyjwt/pull/252
[225]: https://github.com/jpadilla/pyjwt/pull/225
[219]: https://github.com/jpadilla/pyjwt/pull/219
[196]: https://github.com/jpadilla/pyjwt/pull/196
[187]: https://github.com/jpadilla/pyjwt/pull/187
[230]: https://github.com/jpadilla/pyjwt/pull/230
[238]: https://github.com/jpadilla/pyjwt/pull/238
[262]: https://github.com/jpadilla/pyjwt/pull/262
[264]: https://github.com/jpadilla/pyjwt/pull/264
[270]: https://github.com/jpadilla/pyjwt/pull/270
[271]: https://github.com/jpadilla/pyjwt/pull/271
[277]: https://github.com/jpadilla/pyjwt/pull/277
[281]: https://github.com/jpadilla/pyjwt/pull/281
[301]: https://github.com/jpadilla/pyjwt/pull/301
[304]: https://github.com/jpadilla/pyjwt/pull/304
[306]: https://github.com/jpadilla/pyjwt/pull/306
[315]: https://github.com/jpadilla/pyjwt/pull/315
[316]: https://github.com/jpadilla/pyjwt/pull/316
[336]: https://github.com/jpadilla/pyjwt/pull/336
[337]: https://github.com/jpadilla/pyjwt/pull/337
[340]: https://github.com/jpadilla/pyjwt/pull/340
[344]: https://github.com/jpadilla/pyjwt/pull/344
[350]: https://github.com/jpadilla/pyjwt/pull/350
[352]: https://github.com/jpadilla/pyjwt/pull/352
[353]: https://github.com/jpadilla/pyjwt/pull/353
[360]: https://github.com/jpadilla/pyjwt/pull/360
[375]: https://github.com/jpadilla/pyjwt/pull/375
[379]: https://github.com/jpadilla/pyjwt/pull/379
[384]: https://github.com/jpadilla/pyjwt/pull/384
[7c1e61d]: https://github.com/jpadilla/pyjwt/commit/7c1e61dde27bafe16e7d1bb6e35199e778962742
[7ca41e]: https://github.com/jpadilla/pyjwt/commit/7ca41e53b3d7d9f5cd31bdd8a2b832d192006239

1.41.4.0

-------------------------------------------------------------------------
Fixed
- Exclude Python cache files from PyPI releases.

Added
- Added new options to require certain claims
(require_nbf, require_iat, require_exp) and raise `MissingRequiredClaimError`
if they are not present.
- If `audience=` or `issuer=` is specified but the claim is not present,
`MissingRequiredClaimError` is now raised instead of `InvalidAudienceError`
and `InvalidIssuerError`

1.31.3.0

-------------------------------------------------------------------------
Fixed
- ECDSA (ES256, ES384, ES512) signatures are now being properly serialized [158][158]
- RSA-PSS (PS256, PS384, PS512) signatures now use the proper salt length for PSS padding. [163][163]

Added
- Added a new `jwt.get_unverified_header()` to parse and return the header portion of a token prior to signature verification.

Removed
- Python 3.2 is no longer a supported platform. This version of Python is
rarely used. Users affected by this should upgrade to 3.3+.

1.7.11.7.1

-------------------------------------------------------------------------

Fixed

- Update test dependencies with pinned ranges
- Fix pytest deprecation warnings

1.7.01.7.0

-------------------------------------------------------------------------

Changed

- Remove CRLF line endings [353][353]

Fixed

- Update usage.rst [360][360]

Added

- Support for Python 3.7 [375][375] [379][379] [384][384]
Links

Update sentry-sdk from 0.19.4 to 0.19.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

@pyup-bot
Copy link
Contributor Author

pyup-bot commented Feb 1, 2021

Closing this in favor of #42

@pyup-bot pyup-bot closed this Feb 1, 2021
@TrueBrain TrueBrain deleted the pyup-scheduled-update-2021-01-01 branch February 1, 2021 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@pyup-bot