Skip to content

Bump the pip group across 1 directory with 12 updates#1

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/lexpredict_openedgar/requirements/pip-20269cdf91
Open

Bump the pip group across 1 directory with 12 updates#1
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/lexpredict_openedgar/requirements/pip-20269cdf91

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 22, 2025

Bumps the pip group with 12 updates in the /lexpredict_openedgar/requirements directory:

Package From To
django 2.0.8 4.2.20
pillow 5.0.0 10.3.0
celery 3.1.25 5.3.6
requests 2.20.0 2.32.2
notebook 5.7.1 6.4.12
urllib3 1.23 1.26.19
lxml 4.1.1 4.9.1
numpy 1.14.3 1.16.1
werkzeug 0.14.1 3.0.6
django-debug-toolbar 1.9.1 5.1.0
gevent 1.2.2 23.9.0
gunicorn 19.7.1 23.0.0

Updates django from 2.0.8 to 4.2.20

Commits
  • 35c58a7 [4.2.x] Bumped version for 4.2.20 release.
  • e88f737 [4.2.x] Fixed CVE-2025-26699 -- Mitigated potential DoS in wordwrap template ...
  • 348e46a [4.2.x] Added stub release notes and release date for 4.2.20.
  • 73e2107 [4.2.x] Post-release version bump.
  • db89d2f [4.2.x] Bumped version for 4.2.19 release.
  • 83231cc [4.2.x] Added release date for 4.2.19.
  • 7bd1ddf [4.2.x] Refs #34060 -- Adjusted CVE-2024-53908 regression test for psycopg2.
  • 57b0229 [4.2.x] Refs #36098 -- Fixed validate_ipv4_address() crash for non-string val...
  • 043dfad [4.2.x] Fixed #36098 -- Fixed validate_ipv6_address()/validate_ipv46_address(...
  • 8769b44 [4.2.x] Added CVE-2024-56374 to security archive.
  • Additional commits viewable in compare view

Updates pillow from 5.0.0 to 10.3.0

Release notes

Sourced from pillow's releases.

10.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html

Deprecations

  • Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927 [@​hugovk]
  • Deprecate ImageCms constants and versions() function #7702 [@​nulano]

Changes

... (truncated)

Changelog

Sourced from pillow's changelog.

10.3.0 (2024-04-01)

  • CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [radarhere, hugovk]

  • Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927 [radarhere, hugovk]

  • Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [radarhere]

  • Add --report argument to __main__.py to omit supported formats #7818 [nulano, radarhere, hugovk]

  • Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, #7920 [radarhere]

  • Fix editable installation with custom build backend and configuration options #7658 [nulano, radarhere]

  • Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk, radarhere]

  • Determine MPO size from markers, not EXIF data #7884 [radarhere]

  • Improved conversion from RGB to RGBa, LA and La #7888 [radarhere]

  • Support FITS images with GZIP_1 compression #7894 [radarhere]

  • Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion, radarhere]

  • Raise ValueError if kmeans is negative #7891 [radarhere]

  • Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [radarhere]

  • Raise ValueError for negative values when loading P1-P3 PPM images #7882 [radarhere]

  • Added reading of JPEG2000 palettes #7870 [radarhere]

  • Added alpha_quality argument when saving WebP images #7872 [radarhere]

... (truncated)

Commits
  • 5c89d88 10.3.0 version bump
  • 63cbfcf Update CHANGES.rst [ci skip]
  • 2776126 Merge pull request #7928 from python-pillow/lcms
  • aeb51cb Merge branch 'main' into lcms
  • 5beb0b6 Update CHANGES.rst [ci skip]
  • cac6ffa Merge pull request #7927 from python-pillow/imagemath
  • f5eeeac Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval
  • facf3af Added release notes
  • 2a93aba Use strncpy to avoid buffer overflow
  • a670597 Update CHANGES.rst [ci skip]
  • Additional commits viewable in compare view

Updates celery from 3.1.25 to 5.3.6

Release notes

Sourced from celery's releases.

v5.3.6

This release is focused mainly to fix AWS SQS new feature compatibility issue and old regressions. The code changes are mostly fix for regressions. More details can be found below.

What's Changed

New Contributors

Full Changelog: celery/celery@v5.3.5...v5.3.6

v5.3.5

Main theme of this release is adding Python 3.12 compatibility support all through the projects dependencies. Also lots of bugs were squashed. Dependencies upgraded and docs improved.

What's Changed

... (truncated)

Changelog

Sourced from celery's changelog.

5.3.6

:release-date: 2023-11-22 9:15 P.M GMT+6 :release-by: Asif Saif Uddin

This release is focused mainly to fix AWS SQS new feature comatibility issue and old regressions. The code changes are mostly fix for regressions. More details can be found below.

  • Increased docker-build CI job timeout from 30m -> 60m (#8635)
  • Incredibly minor spelling fix. (#8649)
  • Fix non-zero exit code when receiving remote shutdown (#8650)
  • Update task.py get_custom_headers missing 'compression' key (#8633)
  • Update kombu>=5.3.4 to fix SQS request compatibility with boto JSON serializer (#8646)
  • test requirements version update (#8655)
  • Update elasticsearch version (#8656)
  • Propagates more ImportErrors during autodiscovery (#8632)

.. _version-5.3.5:

5.3.5

:release-date: 2023-11-10 7:15 P.M GMT+6 :release-by: Asif Saif Uddin

  • Update test.txt versions (#8481)
  • fix os.getcwd() FileNotFoundError (#8448)
  • Fix typo in CONTRIBUTING.rst (#8494)
  • typo(doc): configuration.rst (#8484)
  • assert before raise (#8495)
  • Update GHA checkout version (#8496)
  • Fixed replaced_task_nesting (#8500)
  • Fix code indentation for route_task() example (#8502)
  • support redis 5.x (#8504)
  • Fix typos in test_canvas.py (#8498)
  • Marked flaky tests (#8508)
  • Fix typos in calling.rst (#8506)
  • Added support for replaced_task_nesting in chains (#8501)
  • Fix typos in canvas.rst (#8509)
  • Patch Version Release Checklist (#8488)
  • Added Python 3.11 support to Dockerfile (#8511)
  • Dependabot (Celery) (#8510)
  • Bump actions/checkout from 3 to 4 (#8512)
  • Update ETA example to include timezone (#8516)
  • Replaces datetime.fromisoformat with the more lenient dateutil parser (#8507)
  • Fixed indentation in Dockerfile for Python 3.11 (#8527)
  • Fix git bug in Dockerfile (#8528)
  • Tox lint upgrade from Python 3.9 to Python 3.11 (#8526)
  • Document gevent concurrency (#8520)

... (truncated)

Commits

Updates requests from 2.20.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits
  • 88dce9d v2.32.2
  • c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
  • 92075b3 Add deprecation warning
  • aa1461b Move _get_connection to get_connection_with_tls_context
  • 970e8ce v2.32.1
  • d6ebc4a v2.32.0
  • 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
  • 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
  • 555b870 Allow character detection dependencies to be optional in post-packaging steps
  • d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
  • Additional commits viewable in compare view

Updates notebook from 5.7.1 to 6.4.12

Release notes

Sourced from notebook's releases.

6.4.12

What's Changed

Full Changelog: jupyter/notebook@v6.4.11...6.4.12

v6.4.11

6.4.11

(Full Changelog)

Bugs fixed

Maintenance and upkeep improvements

Contributors to this release

(GitHub contributors page for this release)

@​blink1073 | @​echarles | @​fcollonval | @​github-actions | @​jtpio | @​penguinolog

v6.4.8

6.4.8

(Full Changelog)

Bugs fixed

Contributors to this release

(GitHub contributors page for this release)

@​Vishwajeet0510

v6.4.7

... (truncated)

Changelog

Sourced from notebook's changelog.

Changelog

A summary of changes in the Jupyter notebook. For more detailed information, see GitHub.

Use pip install notebook --upgrade or conda upgrade notebook to upgrade to the latest release.

We strongly recommend that you upgrade pip to version 9+ of pip before upgrading notebook.

Use pip install pip --upgrade to upgrade pip. Check pip version with pip --version.

7.4

Jupyter Notebook 7.4 is based on JupyterLab 4.4, and includes a number of new features, bug fixes, and enhancements for extension developers. This release is compatible with extensions supporting JupyterLab 4.0. Extension authors are recommended to consult the Extension Migration Guide which lists deprecations and changes to the public API.

Below are a few highlights for this new release. Most of the new features and improvements come from the update to JupyterLab 4.4, although they may not all be supported in Notebook 7.4.

For reference you may have a look at the JupyterLab 4.4 changelog to learn more.

Code console improvements

The code console prompt can now be positioned on the top, left, or right side of the console, in addition to the default bottom placement. The placement is persisted in the Prompt Cell Position setting.

The console toolbar now includes buttons to:

  • Execute code
  • Restart the kernel
  • Clear the cells
  • Switch the kernel

Additional settings for console behavior have been added:

  • Clear Code Content on Execute (enabled by default) – When disabled, the code submitted for execution remains in the code editor, allowing for further edits.
  • Hide Code Input – When enabled, only the execution output is shown in the console.
  • Clear Cells on Execute – When enabled, only the last cell is displayed.

Toggling all the three new settings transforms the console into an interactive editor resembling an ephemeral notebook with a single cell.

Settings import and export

Settings can now be exported to overrides.json from the Settings Editor, which can be used to pre-configure defaults in deployments or to restore settings.

... (truncated)

Commits
  • aee4535 Release 6.4.12
  • a161ffa Merge pull request from GHSA-v7vq-3x77-87vg
  • b79702c updated error messages to not mention hidden files
  • cb3dc22 Update notebook/services/contents/filemanager.py
  • 1c3d7a6 added hidden checks on handlers.py and accompanying tests
  • f69eb96 added hidden checks on FileContentsManager and accompanying tests
  • 2a76184 add checks for hidden file or path on file get
  • 920c5cc Merge pull request #6421 from RRosio/update-version
  • d4eb85d updating version to show dev
  • 8109251 Publish 6.4.11
  • Additional commits viewable in compare view

Updates urllib3 from 1.23 to 1.26.19

Release notes

Sourced from urllib3's releases.

1.26.19

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.

Full Changelog: urllib3/urllib3@1.26.18...1.26.19

Note that due to an issue with our release automation, no multiple.intoto.jsonl file is available for this release.

1.26.18

  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)

1.26.17

  • Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (GHSA-v845-jxx5-vc9f)

1.26.16

  • Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954)

1.26.15

1.26.14

  • Fixed parsing of port 0 (zero) returning None, instead of 0 (#2850)
  • Removed deprecated HTTPResponse.getheaders() calls in urllib3.contrib module.

1.26.13

  • Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
  • Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.
  • Fixed a deprecation warning when using cryptography v39.0.0.
  • Removed the <4 in the Requires-Python packaging metadata field.

1.26.12

  • Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module. Both will be removed in v2.x. See this GitHub issue for justification and info on how to migrate.

1.26.11

If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors.

⚠️ urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap

  • Fixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.

... (truncated)

Changelog

Sourced from urllib3's changelog.

1.26.19 (2024-06-17)

  • Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.
  • Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. ([#3405](https://github.com/urllib3/urllib3/issues/3405) <https://github.com/urllib3/urllib3/issues/3405>__)

1.26.18 (2023-10-17)

  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

1.26.17 (2023-10-02)

  • Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. ([#3139](https://github.com/urllib3/urllib3/issues/3139) <https://github.com/urllib3/urllib3/pull/3139>_)

1.26.16 (2023-05-23)

  • Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress ([#2954](https://github.com/urllib3/urllib3/issues/2954) <https://github.com/urllib3/urllib3/pull/2954>_)

1.26.15 (2023-03-10)

  • Fix socket timeout value when HTTPConnection is reused ([#2645](https://github.com/urllib3/urllib3/issues/2645) <https://github.com/urllib3/urllib3/issues/2645>__)
  • Remove "!" character from the unreserved characters in IPv6 Zone ID parsing ([#2899](https://github.com/urllib3/urllib3/issues/2899) <https://github.com/urllib3/urllib3/issues/2899>__)
  • Fix IDNA handling of '\x80' byte ([#2901](https://github.com/urllib3/urllib3/issues/2901) <https://github.com/urllib3/urllib3/issues/2901>__)

1.26.14 (2023-01-11)

  • Fixed parsing of port 0 (zero) returning None, instead of 0. ([#2850](https://github.com/urllib3/urllib3/issues/2850) <https://github.com/urllib3/urllib3/issues/2850>__)
  • Removed deprecated getheaders() calls in contrib module. Fixed the type hint of PoolKey.key_retries by adding bool to the union. ([#2865](https://github.com/urllib3/urllib3/issues/2865) <https://github.com/urllib3/urllib3/issues/2865>__)

1.26.13 (2022-11-23)

  • Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
  • Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.
  • Fixed a deprecation warning when using cryptography v39.0.0.
  • Removed the <4 in the Requires-Python packaging metadata field.

1.26.12 (2022-08-22)

  • Deprecated the urllib3[secure] extra and the urllib3.contrib.pyopenssl module. Both will be removed in v2.x. See this GitHub issue <https://github.com/urllib3/urllib3/issues/2680>_

... (truncated)

Commits

Updates lxml from 4.1.1 to 4.9.1

Changelog

Sourced from lxml's changelog.

4.9.1 (2022-07-01)

Bugs fixed

  • A crash was resolved when using iterwalk() (or canonicalize()) after parsing certain incorrect input. Note that iterwalk() can crash on valid input parsed with the same parser after failing to parse the incorrect input.

4.9.0 (2022-06-01)

Bugs fixed

  • GH#341: The mixin inheritance order in lxml.html was corrected. Patch by xmo-odoo.

Other changes

  • Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12.

  • Wheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35 (libxml2 2.9.12+ and libxslt 1.1.34 on Windows).

  • GH#343: Windows-AArch64 build support in Visual Studio. Patch by Steve Dower.

4.8.0 (2022-02-17)

Features added

  • GH#337: Path-like objects are now supported throughout the API instead of just strings. Patch by Henning Janssen.

  • The ElementMaker now supports QName values as tags, which always override the default namespace of the factory.

Bugs fixed

  • GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively.

... (truncated)

Commits
  • d01872c Prevent parse failure in new test from leaking into later test runs.
  • d65e632 Prepare release of lxml 4.9.1.
  • 86368e9 Fix a crash when incorrect parser input occurs together with usages of iterwa...
  • 50c2764 Delete unused Travis CI config and reference in docs (GH-345)
  • 8f0bf2d Try to speed up the musllinux AArch64 build by splitting the different CPytho...
  • b9f7074 Remove debug print from test.
  • b224e0f Try to install 'xz' in wheel builds, if available, since it's now needed to e...
  • 897ebfa Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts...
  • 853c9e9 Prepare release of 4.9.0.
  • d3f77e6 Add a test for https://bugs.launchpad.net/lxml/+bug/1965070 leaving out the a...
  • Additional commits viewable in compare view

Updates numpy from 1.14.3 to 1.16.1

Release notes

Sourced from numpy's releases.

v1.16.1

========================== NumPy 1.16.1 Release Notes

The NumPy 1.16.1 release fixes bugs reported against the 1.16.0 release, and also backports several enhancements from master that seem appropriate for a release series that is the last to support Python 2.7. The wheels on PyPI are linked with OpenBLAS v0.3.4+, which should fix the known threading issues found in previous OpenBLAS versions.

Downstream developers building this release should use Cython >= 0.29.2 and, if using OpenBLAS, OpenBLAS > v0.3.4.

If you are installing using pip, you may encounter a problem with older installed versions of NumPy that pip did not delete becoming mixed with the current version, resulting in an ImportError. That ...

Description has been truncated

@dependabot
Bump the pip group across 1 directory with 12 updates
d20f448 
Bumps the pip group with 12 updates in the /lexpredict_openedgar/requirements directory:

| Package | From | To |
| --- | --- | --- |
| [django](https://github.com/django/django) | `2.0.8` | `4.2.20` |
| [pillow](https://github.com/python-pillow/Pillow) | `5.0.0` | `10.3.0` |
| [celery](https://github.com/celery/celery) | `3.1.25` | `5.3.6` |
| [requests](https://github.com/psf/requests) | `2.20.0` | `2.32.2` |
| [notebook](https://github.com/jupyter/notebook) | `5.7.1` | `6.4.12` |
| [urllib3](https://github.com/urllib3/urllib3) | `1.23` | `1.26.19` |
| [lxml](https://github.com/lxml/lxml) | `4.1.1` | `4.9.1` |
| [numpy](https://github.com/numpy/numpy) | `1.14.3` | `1.16.1` |
| [werkzeug](https://github.com/pallets/werkzeug) | `0.14.1` | `3.0.6` |
| [django-debug-toolbar](https://github.com/django-commons/django-debug-toolbar) | `1.9.1` | `5.1.0` |
| [gevent](https://github.com/gevent/gevent) | `1.2.2` | `23.9.0` |
| [gunicorn](https://github.com/benoitc/gunicorn) | `19.7.1` | `23.0.0` |



Updates `django` from 2.0.8 to 4.2.20
- [Commits](django/django@2.0.8...4.2.20)

Updates `pillow` from 5.0.0 to 10.3.0
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@5.0.0...10.3.0)

Updates `celery` from 3.1.25 to 5.3.6
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/main/Changelog.rst)
- [Commits](celery/celery@v3.1.25...v5.3.6)

Updates `requests` from 2.20.0 to 2.32.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.20.0...v2.32.2)

Updates `notebook` from 5.7.1 to 6.4.12
- [Release notes](https://github.com/jupyter/notebook/releases)
- [Changelog](https://github.com/jupyter/notebook/blob/main/CHANGELOG.md)
- [Commits](jupyter/notebook@5.7.1...6.4.12)

Updates `urllib3` from 1.23 to 1.26.19
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.23...1.26.19)

Updates `lxml` from 4.1.1 to 4.9.1
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](lxml/lxml@lxml-4.1.1...lxml-4.9.1)

Updates `numpy` from 1.14.3 to 1.16.1
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v1.14.3...v1.16.1)

Updates `werkzeug` from 0.14.1 to 3.0.6
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@0.14.1...3.0.6)

Updates `django-debug-toolbar` from 1.9.1 to 5.1.0
- [Release notes](https://github.com/django-commons/django-debug-toolbar/releases)
- [Changelog](https://github.com/django-commons/django-debug-toolbar/blob/main/docs/changes.rst)
- [Commits](django-commons/django-debug-toolbar@1.9.1...5.1.0)

Updates `gevent` from 1.2.2 to 23.9.0
- [Release notes](https://github.com/gevent/gevent/releases)
- [Changelog](https://github.com/gevent/gevent/blob/master/docs/changelog_1_2.rst)
- [Commits](gevent/gevent@1.2.2...23.9.0)

Updates `gunicorn` from 19.7.1 to 23.0.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@19.7.1...23.0.0)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pillow
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: celery
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: requests
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: notebook
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: urllib3
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: lxml
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: numpy
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: werkzeug
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: django-debug-toolbar
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: gevent
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: gunicorn
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 22, 2025
@coderabbitai
Copy link

coderabbitai bot commented Mar 22, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants