Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Scheduled weekly dependency update for week 22 #1896

Merged
merged 17 commits into from
Jun 3, 2019

Conversation

pyup-bot
Copy link
Contributor

@pyup-bot pyup-bot commented Jun 3, 2019

Update botocore from 1.12.156 to 1.12.159.

Changelog

1.12.159

========

* api-change:``iotevents-data``: Update iotevents-data client to latest version
* api-change:``iotevents``: Update iotevents client to latest version
* api-change:``pinpoint-email``: Update pinpoint-email client to latest version
* api-change:``iotanalytics``: Update iotanalytics client to latest version
* api-change:``codecommit``: Update codecommit client to latest version
* api-change:``rds-data``: Update rds-data client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``servicecatalog``: Update servicecatalog client to latest version
* api-change:``kafka``: Update kafka client to latest version

1.12.158

========

* api-change:``ssm``: Update ssm client to latest version
* api-change:``securityhub``: Update securityhub client to latest version
* api-change:``iotthingsgraph``: Update iotthingsgraph client to latest version
* api-change:``dlm``: Update dlm client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``ec2``: Update ec2 client to latest version

1.12.157

========

* api-change:``groundstation``: Update groundstation client to latest version
* api-change:``transcribe``: Update transcribe client to latest version
* api-change:``chime``: Update chime client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``waf``: Update waf client to latest version
* api-change:``pinpoint-email``: Update pinpoint-email client to latest version
* api-change:``robomaker``: Update robomaker client to latest version
* api-change:``sts``: Update sts client to latest version
* api-change:``storagegateway``: Update storagegateway client to latest version
Links

Update cryptography from 2.6.1 to 2.7.

Changelog

2.7

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1``
wheels. Continuing to produce them was a maintenance burden.
* **BACKWARDS INCOMPATIBLE:** Removed the
``cryptography.hazmat.primitives.mac.MACContext`` interface. The ``CMAC`` and
``HMAC`` APIs have not changed, but they are no longer registered as
``MACContext`` instances.
* Removed support for running our tests with ``setup.py test``. Users
interested in running our tests can continue to follow the directions in our
:doc:`development documentation</development/getting-started>`.
* Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305`
when using OpenSSL 1.1.1 or newer.
* Support serialization with ``Encoding.OpenSSH`` and ``PublicFormat.OpenSSH``
in
:meth:`Ed25519PublicKey.public_bytes
<cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes>`
.
* Correctly allow passing a ``SubjectKeyIdentifier`` to
:meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`
and deprecate passing an ``Extension`` object. The documentation always
required ``SubjectKeyIdentifier`` but the implementation previously
required an ``Extension``.

.. _v2-6-1:
Links

Update google-api-core from 1.11.0 to 1.11.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update google-cloud-core from 1.0.0 to 1.0.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update pluggy from 0.11.0 to 0.12.0.

Changelog

0.12.0

==========================

Features
--------

- `215 <https://github.com/pytest-dev/pluggy/issues/215>`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time.  This time with ``.egg`` support.
Links

Update protobuf from 3.7.1 to 3.8.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update Pygments from 2.4.1 to 2.4.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update boto3 from 1.9.156 to 1.9.159.

Changelog

1.9.159

=======

* api-change:``iotevents-data``: [``botocore``] Update iotevents-data client to latest version
* api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
* api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version
* api-change:``iotanalytics``: [``botocore``] Update iotanalytics client to latest version
* api-change:``codecommit``: [``botocore``] Update codecommit client to latest version
* api-change:``rds-data``: [``botocore``] Update rds-data client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
* api-change:``kafka``: [``botocore``] Update kafka client to latest version

1.9.158

=======

* api-change:``ssm``: [``botocore``] Update ssm client to latest version
* api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
* api-change:``iotthingsgraph``: [``botocore``] Update iotthingsgraph client to latest version
* api-change:``dlm``: [``botocore``] Update dlm client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``ec2``: [``botocore``] Update ec2 client to latest version

1.9.157

=======

* api-change:``groundstation``: [``botocore``] Update groundstation client to latest version
* api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
* api-change:``chime``: [``botocore``] Update chime client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``waf``: [``botocore``] Update waf client to latest version
* api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version
* api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
* api-change:``sts``: [``botocore``] Update sts client to latest version
* api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
Links

Update Django from 2.1.8 to 2.1.9.

Changelog

2.1.9

============================

*June 3, 2019*

Django 2.1.9 fixes security issues in 2.1.8.

CVE-2019-12308: AdminURLFieldWidget XSS
---------------------------------------

The clickable "Current URL" link generated by ``AdminURLFieldWidget`` displayed
the provided value without validating it as a safe URL. Thus, an unvalidated
value stored in the database, or a value provided as a URL query parameter
payload, could result in an clickable JavaScript link.

``AdminURLFieldWidget`` now validates the provided value using
:class:`~django.core.validators.URLValidator` before displaying the clickable
link. You may customise the validator by passing a ``validator_class`` kwarg to
``AdminURLFieldWidget.__init__()``, e.g. when using
:attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`.

Patched bundled jQuery for CVE-2019-11358: Prototype pollution
--------------------------------------------------------------

jQuery before 3.4.0, mishandles ``jQuery.extend(true, {}, ...)`` because of
``Object.prototype`` pollution. If an unsanitized source object contained an
enumerable ``__proto__`` property, it could extend the native
``Object.prototype``.

The bundled version of jQuery used by the Django admin has been patched to
allow for the ``select2`` library's use of ``jQuery.extend()``.


==========================
Links

Update django-cors-headers from 3.0.1 to 3.0.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update django-mozilla-product-details from 0.13.1 to 0.14.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

Update pytest from 4.5.0 to 4.6.1.

Changelog

4.6.0

=========================

Important
---------

The ``4.6.X`` series will be the last series to support **Python 2 and Python 3.4**.

For more details, see our `Python 2.7 and 3.4 support plan <https://docs.pytest.org/en/latest/py27-py34-deprecation.html>`__.


Features
--------

- `4559 <https://github.com/pytest-dev/pytest/issues/4559>`_: Added the ``junit_log_passing_tests`` ini value which can be used to enable or disable logging of passing test output in the Junit XML file.


- `4956 <https://github.com/pytest-dev/pytest/issues/4956>`_: pytester's ``testdir.spawn`` uses ``tmpdir`` as HOME/USERPROFILE directory.


- `5062 <https://github.com/pytest-dev/pytest/issues/5062>`_: Unroll calls to ``all`` to full for-loops with assertion rewriting for better failure messages, especially when using Generator Expressions.


- `5063 <https://github.com/pytest-dev/pytest/issues/5063>`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time.


- `5091 <https://github.com/pytest-dev/pytest/issues/5091>`_: The output for ini options in ``--help`` has been improved.


- `5269 <https://github.com/pytest-dev/pytest/issues/5269>`_: ``pytest.importorskip`` includes the ``ImportError`` now in the default ``reason``.


- `5311 <https://github.com/pytest-dev/pytest/issues/5311>`_: Captured logs that are output for each failing test are formatted using the
ColoredLevelFormatter.


- `5312 <https://github.com/pytest-dev/pytest/issues/5312>`_: Improved formatting of multiline log messages in Python 3.



Bug Fixes
---------

- `2064 <https://github.com/pytest-dev/pytest/issues/2064>`_: The debugging plugin imports the wrapped ``Pdb`` class (``--pdbcls``) on-demand now.


- `4908 <https://github.com/pytest-dev/pytest/issues/4908>`_: The ``pytest_enter_pdb`` hook gets called with post-mortem (``--pdb``).


- `5036 <https://github.com/pytest-dev/pytest/issues/5036>`_: Fix issue where fixtures dependent on other parametrized fixtures would be erroneously parametrized.


- `5256 <https://github.com/pytest-dev/pytest/issues/5256>`_: Handle internal error due to a lone surrogate unicode character not being representable in Jython.


- `5257 <https://github.com/pytest-dev/pytest/issues/5257>`_: Ensure that ``sys.stdout.mode`` does not include ``'b'`` as it is a text stream.


- `5278 <https://github.com/pytest-dev/pytest/issues/5278>`_: Pytest's internal python plugin can be disabled using ``-p no:python`` again.


- `5286 <https://github.com/pytest-dev/pytest/issues/5286>`_: Fix issue with ``disable_test_id_escaping_and_forfeit_all_rights_to_community_support`` option not working when using a list of test IDs in parametrized tests.


- `5330 <https://github.com/pytest-dev/pytest/issues/5330>`_: Show the test module being collected when emitting ``PytestCollectionWarning`` messages for
test classes with ``__init__`` and ``__new__`` methods to make it easier to pin down the problem.


- `5333 <https://github.com/pytest-dev/pytest/issues/5333>`_: Fix regression in 4.5.0 with ``--lf`` not re-running all tests with known failures from non-selected tests.



Improved Documentation
----------------------

- `5250 <https://github.com/pytest-dev/pytest/issues/5250>`_: Expand docs on use of ``setenv`` and ``delenv`` with ``monkeypatch``.
Links

Update pytest-django from 3.4.8 to 3.5.0.

Changelog

3.5.0

------------------

Features
^^^^^^^^

* Run tests in the same order as Django (223)

* Use verbosity=0 with disabled migrations (729, 730)

Bugfixes
^^^^^^^^

* django_db_setup: warn instead of crash with teardown errors (726)

Misc
^^^^
* tests: fix test_sqlite_database_renamed (739, 741)

* tests/conftest.py: move import of db_helpers (737)

* Cleanup/improve coverage, mainly with tests (706)

* Slightly revisit unittest handling (740)
Links

Update Sphinx from 2.0.1 to 2.1.0.

Changelog

2.1.0

=====================================

Incompatible changes
--------------------

* Ignore filenames without file extension given to ``Builder.build_specific()``
API directly
* 6230: The anchor of term in glossary directive is changed if it is consisted
by non-ASCII characters
* 4550: html: Centering tables by default using CSS
* 6239: latex: xelatex and xeCJK are used for Chinese documents by default
* ``Sphinx.add_lexer()`` now takes a Lexer class instead of instance.  An
instance of lexers are still supported until Sphinx-3.x.

Deprecated
----------

* ``sphinx.builders.latex.LaTeXBuilder.apply_transforms()``
* ``sphinx.builders._epub_base.EpubBuilder.esc()``
* ``sphinx.directives.Acks``
* ``sphinx.directives.Author``
* ``sphinx.directives.Centered``
* ``sphinx.directives.Class``
* ``sphinx.directives.CodeBlock``
* ``sphinx.directives.Figure``
* ``sphinx.directives.HList``
* ``sphinx.directives.Highlight``
* ``sphinx.directives.Include``
* ``sphinx.directives.Index``
* ``sphinx.directives.LiteralInclude``
* ``sphinx.directives.Meta``
* ``sphinx.directives.Only``
* ``sphinx.directives.SeeAlso``
* ``sphinx.directives.TabularColumns``
* ``sphinx.directives.TocTree``
* ``sphinx.directives.VersionChange``
* ``sphinx.domains.python.PyClassmember``
* ``sphinx.domains.python.PyModulelevel``
* ``sphinx.domains.std.StandardDomain._resolve_citation_xref()``
* ``sphinx.domains.std.StandardDomain.note_citations()``
* ``sphinx.domains.std.StandardDomain.note_citation_refs()``
* ``sphinx.domains.std.StandardDomain.note_labels()``
* ``sphinx.environment.NoUri``
* ``sphinx.ext.apidoc.format_directive()``
* ``sphinx.ext.apidoc.format_heading()``
* ``sphinx.ext.apidoc.makename()``
* ``sphinx.ext.autodoc.importer.MockFinder``
* ``sphinx.ext.autodoc.importer.MockLoader``
* ``sphinx.ext.autodoc.importer.mock()``
* ``sphinx.ext.autosummary.autolink_role()``
* ``sphinx.ext.imgmath.DOC_BODY``
* ``sphinx.ext.imgmath.DOC_BODY_PREVIEW``
* ``sphinx.ext.imgmath.DOC_HEAD``
* ``sphinx.transforms.CitationReferences``
* ``sphinx.transforms.SmartQuotesSkipper``
* ``sphinx.util.docfields.DocFieldTransformer.preprocess_fieldtypes()``
* ``sphinx.util.node.find_source_node()``
* ``sphinx.util.i18n.find_catalog()``
* ``sphinx.util.i18n.find_catalog_files()``
* ``sphinx.util.i18n.find_catalog_source_files()``

For more details, see :ref:`deprecation APIs list <dev-deprecated-apis>`.

Features added
--------------

* Add a helper class ``sphinx.transforms.post_transforms.SphinxPostTransform``
* Add helper methods

- ``PythonDomain.note_module()``
- ``PythonDomain.note_object()``
- ``SphinxDirective.set_source_info()``

* 6180: Support ``--keep-going`` with BuildDoc setup command
* ``math`` directive now supports ``:class:`` option
* 6310: imgmath: let :confval:`imgmath_use_preview` work also with the SVG
format for images rendering inline math
* todo: ``todo`` directive now supports ``:name:`` option
* Enable override via environment of ``SPHINXOPTS`` and ``SPHINXBUILD`` Makefile
variables (refs: 6232, 6303)
* 6287: autodoc: Unable to document bound instance methods exported as module
functions
* 6289: autodoc: :confval:`autodoc_default_options` now supports
``imported-members`` option
* 4777: autodoc: Support coroutine
* 744: autodoc: Support abstractmethod
* 6325: autodoc: Support attributes in __slots__.  For dict-style __slots__,
autodoc considers values as a docstring of the attribute
* 6361: autodoc: Add :confval:`autodoc_typehints` to suppress typehints from
signature
* 1063: autodoc: ``automodule`` directive now handles undocumented module level
variables
* 6212 autosummary: Add :confval:`autosummary_imported_members` to display
imported members on autosummary
* 6271: ``make clean`` is catastrophically broken if building into '.'
* 6363: Support ``%O%`` environment variable in make.bat
* 4777: py domain: Add ``:async:`` option to :rst:dir:`py:function` directive
* py domain: Add new options to :rst:dir:`py:method` directive

- ``:abstractmethod:``
- ``:async:``
- ``:classmethod:``
- ``:property:``
- ``:staticmethod:``

* rst domain: Add :rst:dir:`directive:option` directive to describe the option
for directive
* 6306: html: Add a label to search form for accessability purposes
* 4390: html: Consistent and semantic CSS for signatures
* 6358: The ``rawsource`` property of ``production`` nodes now contains the
full production rule
* 6373: autosectionlabel: Allow suppression of warnings
* coverage: Support a new ``coverage_ignore_pyobjects`` option
* 6239: latex: Support to build Chinese documents

Bugs fixed
----------

* 6230: Inappropriate node_id has been generated by glossary directive if term
is consisted by non-ASCII characters
* 6213: ifconfig: contents after headings are not shown
* commented term in glossary directive is wrongly recognized
* 6299: rst domain: rst:directive directive generates waste space
* 6379: py domain: Module index (py-modindex.html) has duplicate titles
* 6331: man: invalid output when doctest follows rubric
* 6351: "Hyperlink target is not referenced" message is shown even if
referenced
* 6165: autodoc: ``tab_width`` setting of docutils has been ignored
* 6347: autodoc: crashes with a plain Tuple on Python 3.6 and 3.5
* 6311: autosummary: autosummary table gets confused by complex type hints
* 6350: autosummary: confused by an argument having some kind of default value
* Generated Makefiles lack a final EOL (refs: 6232)
* 6375: extlinks: Cannot escape angle brackets in link caption
* 6378: linkcheck: Send commonly used User-Agent
* 6387: html search: failed to search document with haiku and scrolls themes
* 6408: html search: Fix the ranking of search results
* 6406: Wrong year is returned for ``SOURCE_DATE_EPOCH``
* 6402: image directive crashes by unknown image format
* 6286: C++, allow 8 and 9 in hexadecimal integer literals.
* 6305: Fix the string in quickstart for 'path' argument of parser
* LaTeX: Figures in admonitions produced errors (refs: 6364)
Links

@mythmon mythmon requested a review from rehandalal June 3, 2019 18:15
Copy link
Contributor

@rehandalal rehandalal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bors r+

bors bot added a commit that referenced this pull request Jun 3, 2019
1896: Scheduled weekly dependency update for week 22 r=rehandalal a=pyup-bot






### Update [botocore](https://pypi.org/project/botocore) from **1.12.156** to **1.12.159**.


<details>
  <summary>Changelog</summary>
  
  
   ### 1.12.159
   ```
   ========

* api-change:``iotevents-data``: Update iotevents-data client to latest version
* api-change:``iotevents``: Update iotevents client to latest version
* api-change:``pinpoint-email``: Update pinpoint-email client to latest version
* api-change:``iotanalytics``: Update iotanalytics client to latest version
* api-change:``codecommit``: Update codecommit client to latest version
* api-change:``rds-data``: Update rds-data client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``servicecatalog``: Update servicecatalog client to latest version
* api-change:``kafka``: Update kafka client to latest version
   ```
   
  
  
   ### 1.12.158
   ```
   ========

* api-change:``ssm``: Update ssm client to latest version
* api-change:``securityhub``: Update securityhub client to latest version
* api-change:``iotthingsgraph``: Update iotthingsgraph client to latest version
* api-change:``dlm``: Update dlm client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``ec2``: Update ec2 client to latest version
   ```
   
  
  
   ### 1.12.157
   ```
   ========

* api-change:``groundstation``: Update groundstation client to latest version
* api-change:``transcribe``: Update transcribe client to latest version
* api-change:``chime``: Update chime client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``waf``: Update waf client to latest version
* api-change:``pinpoint-email``: Update pinpoint-email client to latest version
* api-change:``robomaker``: Update robomaker client to latest version
* api-change:``sts``: Update sts client to latest version
* api-change:``storagegateway``: Update storagegateway client to latest version
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/botocore
  - Changelog: https://pyup.io/changelogs/botocore/
  - Repo: https://github.com/boto/botocore
</details>





### Update [cryptography](https://pypi.org/project/cryptography) from **2.6.1** to **2.7**.


<details>
  <summary>Changelog</summary>
  
  
   ### 2.7
   ```
   ~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1``
  wheels. Continuing to produce them was a maintenance burden.
* **BACKWARDS INCOMPATIBLE:** Removed the
  ``cryptography.hazmat.primitives.mac.MACContext`` interface. The ``CMAC`` and
  ``HMAC`` APIs have not changed, but they are no longer registered as
  ``MACContext`` instances.
* Removed support for running our tests with ``setup.py test``. Users
  interested in running our tests can continue to follow the directions in our
  :doc:`development documentation&lt;/development/getting-started&gt;`.
* Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305`
  when using OpenSSL 1.1.1 or newer.
* Support serialization with ``Encoding.OpenSSH`` and ``PublicFormat.OpenSSH``
  in
  :meth:`Ed25519PublicKey.public_bytes
  &lt;cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes&gt;`
  .
* Correctly allow passing a ``SubjectKeyIdentifier`` to
  :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`
  and deprecate passing an ``Extension`` object. The documentation always
  required ``SubjectKeyIdentifier`` but the implementation previously
  required an ``Extension``.

.. _v2-6-1:
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/cryptography
  - Changelog: https://pyup.io/changelogs/cryptography/
  - Repo: https://github.com/pyca/cryptography
</details>





### Update [google-api-core](https://pypi.org/project/google-api-core) from **1.11.0** to **1.11.1**.


*The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)*

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/google-api-core
  - Repo: https://github.com/GoogleCloudPlatform/google-cloud-python
</details>





### Update [google-cloud-core](https://pypi.org/project/google-cloud-core) from **1.0.0** to **1.0.1**.


*The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)*

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/google-cloud-core
  - Repo: https://github.com/GoogleCloudPlatform/google-cloud-python
</details>





### Update [pluggy](https://pypi.org/project/pluggy) from **0.11.0** to **0.12.0**.


<details>
  <summary>Changelog</summary>
  
  
   ### 0.12.0
   ```
   ==========================

Features
--------

- `215 &lt;https://github.com/pytest-dev/pluggy/issues/215&gt;`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time.  This time with ``.egg`` support.
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pluggy
  - Changelog: https://pyup.io/changelogs/pluggy/
  - Repo: https://github.com/pytest-dev/pluggy
</details>





### Update [protobuf](https://pypi.org/project/protobuf) from **3.7.1** to **3.8.0**.


*The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)*

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/protobuf
  - Changelog: https://pyup.io/changelogs/protobuf/
  - Repo: https://github.com/protocolbuffers/protobuf/releases
  - Homepage: https://developers.google.com/protocol-buffers/
</details>





### Update [Pygments](https://pypi.org/project/Pygments) from **2.4.1** to **2.4.2**.


*The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)*

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pygments
  - Homepage: http://pygments.org/
</details>





### Update [boto3](https://pypi.org/project/boto3) from **1.9.156** to **1.9.159**.


<details>
  <summary>Changelog</summary>
  
  
   ### 1.9.159
   ```
   =======

* api-change:``iotevents-data``: [``botocore``] Update iotevents-data client to latest version
* api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
* api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version
* api-change:``iotanalytics``: [``botocore``] Update iotanalytics client to latest version
* api-change:``codecommit``: [``botocore``] Update codecommit client to latest version
* api-change:``rds-data``: [``botocore``] Update rds-data client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
* api-change:``kafka``: [``botocore``] Update kafka client to latest version
   ```
   
  
  
   ### 1.9.158
   ```
   =======

* api-change:``ssm``: [``botocore``] Update ssm client to latest version
* api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
* api-change:``iotthingsgraph``: [``botocore``] Update iotthingsgraph client to latest version
* api-change:``dlm``: [``botocore``] Update dlm client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``ec2``: [``botocore``] Update ec2 client to latest version
   ```
   
  
  
   ### 1.9.157
   ```
   =======

* api-change:``groundstation``: [``botocore``] Update groundstation client to latest version
* api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
* api-change:``chime``: [``botocore``] Update chime client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``waf``: [``botocore``] Update waf client to latest version
* api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version
* api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
* api-change:``sts``: [``botocore``] Update sts client to latest version
* api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/boto3
  - Changelog: https://pyup.io/changelogs/boto3/
  - Repo: https://github.com/boto/boto3
</details>





### Update [Django](https://pypi.org/project/Django) from **2.1.8** to **2.1.9**.


<details>
  <summary>Changelog</summary>
  
  
   ### 2.1.9
   ```
   ============================

*June 3, 2019*

Django 2.1.9 fixes security issues in 2.1.8.

CVE-2019-12308: AdminURLFieldWidget XSS
---------------------------------------

The clickable &quot;Current URL&quot; link generated by ``AdminURLFieldWidget`` displayed
the provided value without validating it as a safe URL. Thus, an unvalidated
value stored in the database, or a value provided as a URL query parameter
payload, could result in an clickable JavaScript link.

``AdminURLFieldWidget`` now validates the provided value using
:class:`~django.core.validators.URLValidator` before displaying the clickable
link. You may customise the validator by passing a ``validator_class`` kwarg to
``AdminURLFieldWidget.__init__()``, e.g. when using
:attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`.

Patched bundled jQuery for CVE-2019-11358: Prototype pollution
--------------------------------------------------------------

jQuery before 3.4.0, mishandles ``jQuery.extend(true, {}, ...)`` because of
``Object.prototype`` pollution. If an unsanitized source object contained an
enumerable ``__proto__`` property, it could extend the native
``Object.prototype``.

The bundled version of jQuery used by the Django admin has been patched to
allow for the ``select2`` library&#39;s use of ``jQuery.extend()``.


==========================
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/django
  - Changelog: https://pyup.io/changelogs/django/
  - Homepage: https://www.djangoproject.com/
</details>





### Update [django-cors-headers](https://pypi.org/project/django-cors-headers) from **3.0.1** to **3.0.2**.


*The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)*

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/django-cors-headers
  - Changelog: https://pyup.io/changelogs/django-cors-headers/
  - Repo: https://github.com/ottoyiu/django-cors-headers
</details>





### Update [django-mozilla-product-details](https://pypi.org/project/django-mozilla-product-details) from **0.13.1** to **0.14.1**.


*The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)*

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/django-mozilla-product-details
  - Repo: https://github.com/mozilla/django-product-details/
</details>





### Update [pytest](https://pypi.org/project/pytest) from **4.5.0** to **4.6.1**.


<details>
  <summary>Changelog</summary>
  
  
   ### 4.6.0
   ```
   =========================

Important
---------

The ``4.6.X`` series will be the last series to support **Python 2 and Python 3.4**.

For more details, see our `Python 2.7 and 3.4 support plan &lt;https://docs.pytest.org/en/latest/py27-py34-deprecation.html&gt;`__.


Features
--------

- `4559 &lt;https://github.com/pytest-dev/pytest/issues/4559&gt;`_: Added the ``junit_log_passing_tests`` ini value which can be used to enable or disable logging of passing test output in the Junit XML file.


- `4956 &lt;https://github.com/pytest-dev/pytest/issues/4956&gt;`_: pytester&#39;s ``testdir.spawn`` uses ``tmpdir`` as HOME/USERPROFILE directory.


- `5062 &lt;https://github.com/pytest-dev/pytest/issues/5062&gt;`_: Unroll calls to ``all`` to full for-loops with assertion rewriting for better failure messages, especially when using Generator Expressions.


- `5063 &lt;https://github.com/pytest-dev/pytest/issues/5063&gt;`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time.


- `5091 &lt;https://github.com/pytest-dev/pytest/issues/5091&gt;`_: The output for ini options in ``--help`` has been improved.


- `5269 &lt;https://github.com/pytest-dev/pytest/issues/5269&gt;`_: ``pytest.importorskip`` includes the ``ImportError`` now in the default ``reason``.


- `5311 &lt;https://github.com/pytest-dev/pytest/issues/5311&gt;`_: Captured logs that are output for each failing test are formatted using the
  ColoredLevelFormatter.


- `5312 &lt;https://github.com/pytest-dev/pytest/issues/5312&gt;`_: Improved formatting of multiline log messages in Python 3.



Bug Fixes
---------

- `2064 &lt;https://github.com/pytest-dev/pytest/issues/2064&gt;`_: The debugging plugin imports the wrapped ``Pdb`` class (``--pdbcls``) on-demand now.


- `4908 &lt;https://github.com/pytest-dev/pytest/issues/4908&gt;`_: The ``pytest_enter_pdb`` hook gets called with post-mortem (``--pdb``).


- `5036 &lt;https://github.com/pytest-dev/pytest/issues/5036&gt;`_: Fix issue where fixtures dependent on other parametrized fixtures would be erroneously parametrized.


- `5256 &lt;https://github.com/pytest-dev/pytest/issues/5256&gt;`_: Handle internal error due to a lone surrogate unicode character not being representable in Jython.


- `5257 &lt;https://github.com/pytest-dev/pytest/issues/5257&gt;`_: Ensure that ``sys.stdout.mode`` does not include ``&#39;b&#39;`` as it is a text stream.


- `5278 &lt;https://github.com/pytest-dev/pytest/issues/5278&gt;`_: Pytest&#39;s internal python plugin can be disabled using ``-p no:python`` again.


- `5286 &lt;https://github.com/pytest-dev/pytest/issues/5286&gt;`_: Fix issue with ``disable_test_id_escaping_and_forfeit_all_rights_to_community_support`` option not working when using a list of test IDs in parametrized tests.


- `5330 &lt;https://github.com/pytest-dev/pytest/issues/5330&gt;`_: Show the test module being collected when emitting ``PytestCollectionWarning`` messages for
  test classes with ``__init__`` and ``__new__`` methods to make it easier to pin down the problem.


- `5333 &lt;https://github.com/pytest-dev/pytest/issues/5333&gt;`_: Fix regression in 4.5.0 with ``--lf`` not re-running all tests with known failures from non-selected tests.



Improved Documentation
----------------------

- `5250 &lt;https://github.com/pytest-dev/pytest/issues/5250&gt;`_: Expand docs on use of ``setenv`` and ``delenv`` with ``monkeypatch``.
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pytest
  - Changelog: https://pyup.io/changelogs/pytest/
  - Homepage: https://docs.pytest.org/en/latest/
</details>





### Update [pytest-django](https://pypi.org/project/pytest-django) from **3.4.8** to **3.5.0**.


<details>
  <summary>Changelog</summary>
  
  
   ### 3.5.0
   ```
   ------------------

Features
^^^^^^^^

* Run tests in the same order as Django (223)

* Use verbosity=0 with disabled migrations (729, 730)

Bugfixes
^^^^^^^^

* django_db_setup: warn instead of crash with teardown errors (726)

Misc
^^^^
* tests: fix test_sqlite_database_renamed (739, 741)

* tests/conftest.py: move import of db_helpers (737)

* Cleanup/improve coverage, mainly with tests (706)

* Slightly revisit unittest handling (740)
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/pytest-django
  - Changelog: https://pyup.io/changelogs/pytest-django/
  - Docs: https://pytest-django.readthedocs.io/
</details>





### Update [Sphinx](https://pypi.org/project/Sphinx) from **2.0.1** to **2.1.0**.


<details>
  <summary>Changelog</summary>
  
  
   ### 2.1.0
   ```
   =====================================

Incompatible changes
--------------------

* Ignore filenames without file extension given to ``Builder.build_specific()``
  API directly
* 6230: The anchor of term in glossary directive is changed if it is consisted
  by non-ASCII characters
* 4550: html: Centering tables by default using CSS
* 6239: latex: xelatex and xeCJK are used for Chinese documents by default
* ``Sphinx.add_lexer()`` now takes a Lexer class instead of instance.  An
  instance of lexers are still supported until Sphinx-3.x.

Deprecated
----------

* ``sphinx.builders.latex.LaTeXBuilder.apply_transforms()``
* ``sphinx.builders._epub_base.EpubBuilder.esc()``
* ``sphinx.directives.Acks``
* ``sphinx.directives.Author``
* ``sphinx.directives.Centered``
* ``sphinx.directives.Class``
* ``sphinx.directives.CodeBlock``
* ``sphinx.directives.Figure``
* ``sphinx.directives.HList``
* ``sphinx.directives.Highlight``
* ``sphinx.directives.Include``
* ``sphinx.directives.Index``
* ``sphinx.directives.LiteralInclude``
* ``sphinx.directives.Meta``
* ``sphinx.directives.Only``
* ``sphinx.directives.SeeAlso``
* ``sphinx.directives.TabularColumns``
* ``sphinx.directives.TocTree``
* ``sphinx.directives.VersionChange``
* ``sphinx.domains.python.PyClassmember``
* ``sphinx.domains.python.PyModulelevel``
* ``sphinx.domains.std.StandardDomain._resolve_citation_xref()``
* ``sphinx.domains.std.StandardDomain.note_citations()``
* ``sphinx.domains.std.StandardDomain.note_citation_refs()``
* ``sphinx.domains.std.StandardDomain.note_labels()``
* ``sphinx.environment.NoUri``
* ``sphinx.ext.apidoc.format_directive()``
* ``sphinx.ext.apidoc.format_heading()``
* ``sphinx.ext.apidoc.makename()``
* ``sphinx.ext.autodoc.importer.MockFinder``
* ``sphinx.ext.autodoc.importer.MockLoader``
* ``sphinx.ext.autodoc.importer.mock()``
* ``sphinx.ext.autosummary.autolink_role()``
* ``sphinx.ext.imgmath.DOC_BODY``
* ``sphinx.ext.imgmath.DOC_BODY_PREVIEW``
* ``sphinx.ext.imgmath.DOC_HEAD``
* ``sphinx.transforms.CitationReferences``
* ``sphinx.transforms.SmartQuotesSkipper``
* ``sphinx.util.docfields.DocFieldTransformer.preprocess_fieldtypes()``
* ``sphinx.util.node.find_source_node()``
* ``sphinx.util.i18n.find_catalog()``
* ``sphinx.util.i18n.find_catalog_files()``
* ``sphinx.util.i18n.find_catalog_source_files()``

For more details, see :ref:`deprecation APIs list &lt;dev-deprecated-apis&gt;`.

Features added
--------------

* Add a helper class ``sphinx.transforms.post_transforms.SphinxPostTransform``
* Add helper methods

  - ``PythonDomain.note_module()``
  - ``PythonDomain.note_object()``
  - ``SphinxDirective.set_source_info()``

* 6180: Support ``--keep-going`` with BuildDoc setup command
* ``math`` directive now supports ``:class:`` option
* 6310: imgmath: let :confval:`imgmath_use_preview` work also with the SVG
  format for images rendering inline math
* todo: ``todo`` directive now supports ``:name:`` option
* Enable override via environment of ``SPHINXOPTS`` and ``SPHINXBUILD`` Makefile
  variables (refs: 6232, 6303)
* 6287: autodoc: Unable to document bound instance methods exported as module
  functions
* 6289: autodoc: :confval:`autodoc_default_options` now supports
  ``imported-members`` option
* 4777: autodoc: Support coroutine
* 744: autodoc: Support abstractmethod
* 6325: autodoc: Support attributes in __slots__.  For dict-style __slots__,
  autodoc considers values as a docstring of the attribute
* 6361: autodoc: Add :confval:`autodoc_typehints` to suppress typehints from
  signature
* 1063: autodoc: ``automodule`` directive now handles undocumented module level
  variables
* 6212 autosummary: Add :confval:`autosummary_imported_members` to display
  imported members on autosummary
* 6271: ``make clean`` is catastrophically broken if building into &#39;.&#39;
* 6363: Support ``%O%`` environment variable in make.bat
* 4777: py domain: Add ``:async:`` option to :rst:dir:`py:function` directive
* py domain: Add new options to :rst:dir:`py:method` directive

  - ``:abstractmethod:``
  - ``:async:``
  - ``:classmethod:``
  - ``:property:``
  - ``:staticmethod:``

* rst domain: Add :rst:dir:`directive:option` directive to describe the option
  for directive
* 6306: html: Add a label to search form for accessability purposes
* 4390: html: Consistent and semantic CSS for signatures
* 6358: The ``rawsource`` property of ``production`` nodes now contains the
  full production rule
* 6373: autosectionlabel: Allow suppression of warnings
* coverage: Support a new ``coverage_ignore_pyobjects`` option
* 6239: latex: Support to build Chinese documents

Bugs fixed
----------

* 6230: Inappropriate node_id has been generated by glossary directive if term
  is consisted by non-ASCII characters
* 6213: ifconfig: contents after headings are not shown
* commented term in glossary directive is wrongly recognized
* 6299: rst domain: rst:directive directive generates waste space
* 6379: py domain: Module index (py-modindex.html) has duplicate titles
* 6331: man: invalid output when doctest follows rubric
* 6351: &quot;Hyperlink target is not referenced&quot; message is shown even if
  referenced
* 6165: autodoc: ``tab_width`` setting of docutils has been ignored
* 6347: autodoc: crashes with a plain Tuple on Python 3.6 and 3.5
* 6311: autosummary: autosummary table gets confused by complex type hints
* 6350: autosummary: confused by an argument having some kind of default value
* Generated Makefiles lack a final EOL (refs: 6232)
* 6375: extlinks: Cannot escape angle brackets in link caption
* 6378: linkcheck: Send commonly used User-Agent
* 6387: html search: failed to search document with haiku and scrolls themes
* 6408: html search: Fix the ranking of search results
* 6406: Wrong year is returned for ``SOURCE_DATE_EPOCH``
* 6402: image directive crashes by unknown image format
* 6286: C++, allow 8 and 9 in hexadecimal integer literals.
* 6305: Fix the string in quickstart for &#39;path&#39; argument of parser
* LaTeX: Figures in admonitions produced errors (refs: 6364)
   ```
   
  
</details>


 

<details>
  <summary>Links</summary>
  
  - PyPI: https://pypi.org/project/sphinx
  - Changelog: https://pyup.io/changelogs/sphinx/
  - Homepage: http://sphinx-doc.org/
</details>







Co-authored-by: pyup-bot <github-bot@pyup.io>
Co-authored-by: Mike Cooper <mythmon@gmail.com>
@bors bors bot merged commit 1d4af8c into master Jun 3, 2019
@bors bors bot deleted the pyup-scheduled-update-2019-06-03 branch June 3, 2019 19:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants