Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scheduled monthly dependency update for March #18

Merged
merged 1 commit into from Mar 3, 2021
Merged

Scheduled monthly dependency update for March #18

merged 1 commit into from Mar 3, 2021

Conversation

pyup-bot
Copy link
Contributor

@pyup-bot pyup-bot commented Mar 1, 2021

Update aiohttp from 3.7.3 to 3.7.4.

Changelog

3.7.4

==================

Bugfixes
--------

- **(SECURITY BUG)** Started preventing open redirects in the
``aiohttp.web.normalize_path_middleware`` middleware. For
more details, see
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg.

Thanks to `Beast Glatisant <https://github.com/g147>`__ for
finding the first instance of this issue and `Jelmer Vernooij
<https://jelmer.uk/>`__ for reporting and tracking it down
in aiohttp.
`5497 <https://github.com/aio-libs/aiohttp/issues/5497>`_
- Fix interpretation difference of the pure-Python and the Cython-based
HTTP parsers construct a ``yarl.URL`` object for HTTP request-target.

Before this fix, the Python parser would turn the URI's absolute-path
for ``//some-path`` into ``/`` while the Cython code preserved it as
``//some-path``. Now, both do the latter.
`5498 <https://github.com/aio-libs/aiohttp/issues/5498>`_


----
Links

Update certifi from 2020.11.8 to 2020.12.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update chardet from 3.0.4 to 4.0.0.

Changelog

4.0.0

Benchmarking chardet 4.0.0 on CPython 3.7.5 (default, Sep  8 2020, 12:19:42)
[Clang 11.0.3 (clang-1103.0.32.62)]
--------------------------------------------------------------------------------
.......................................................................................................................................................................................................................................................................................................................................................................
Calls per second for each encoding:
Links

Update idna from 2.10 to 3.1.

Changelog

3.1

++++++++++++++++

- Ensure license is included in package (Thanks, Julien Schueller)
- No longer mark wheel has universal (Thanks, Matthieu Darbois)
- Test on PowerPC using Travis CI

3.0

++++++++++++++++

- Python 2 is no longer supported (the 2.x branch supports Python 2,
use "idna<3" in your requirements file if you need Python 2 support)
- Support for V2 UTS 46 test vectors.
Links

Update multidict from 5.0.2 to 5.1.0.

Changelog

5.1.0

==================

Features
--------

- Support ``GenericAliases`` (``MultiDict[str]``) for Python 3.9+
`553 <https://github.com/aio-libs/multidict/issues/553>`_


Bugfixes
--------

- Synchronize the declared supported Python versions in ``setup.py`` with actually supported and tested ones.
`552 <https://github.com/aio-libs/multidict/issues/552>`_


----
Links

Update requests from 2.25.0 to 2.25.1.

Changelog

2.25.1

-------------------

**Bugfixes**

- Requests now treats `application/json` as `utf8` by default. Resolving
inconsistencies between `r.text` and `r.json` output. (5673)

**Dependencies**

- Requests now supports chardet v4.x.
Links

Update tinydb from 4.3.0 to 4.4.0.

Changelog

4.4.0

^^^^^^^^^^^^^^^^^^^

- Feature: Add operation for searching for all documents that match a ``dict``
fragment (see `issue 300 <https://github.com/msiemens/tinydb/issues/300>`_)
- Fix: Correctly handle queries that use fields that are also Query methods,
e.g. ``Query()['test']`` for searching for documents with a ``test`` field
(see `issue 373 <https://github.com/msiemens/tinydb/issues/373>`_)
Links

Update urllib3 from 1.26.2 to 1.26.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

@pyup-bot pyup-bot mentioned this pull request Mar 1, 2021
Closed
@TrueBrain TrueBrain force-pushed the pyup-scheduled-update-2021-03-01 branch from cb06cec to 6a31c2a Compare March 3, 2021 12:42
@TrueBrain
Update: dependencies update
5dff916 
* Update aiohttp from 3.7.3 to 3.7.4
* Update certifi from 2020.11.8 to 2020.12.5
* Update multidict from 5.0.2 to 5.1.0
* Update requests from 2.25.0 to 2.25.1
* Update tinydb from 4.3.0 to 4.4.0
* Update urllib3 from 1.26.2 to 1.26.3
@TrueBrain TrueBrain force-pushed the pyup-scheduled-update-2021-03-01 branch from 6a31c2a to 5dff916 Compare March 3, 2021 12:45
@TrueBrain TrueBrain merged commit a0273ac into master Mar 3, 2021
@TrueBrain TrueBrain deleted the pyup-scheduled-update-2021-03-01 branch March 3, 2021 15:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TrueBrain TrueBrain TrueBrain approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@pyup-bot @TrueBrain