-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scheduled weekly dependency update for week 22 #1896
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rehandalal
approved these changes
Jun 3, 2019
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bors r+
bors bot
added a commit
that referenced
this pull request
Jun 3, 2019
1896: Scheduled weekly dependency update for week 22 r=rehandalal a=pyup-bot ### Update [botocore](https://pypi.org/project/botocore) from **1.12.156** to **1.12.159**. <details> <summary>Changelog</summary> ### 1.12.159 ``` ======== * api-change:``iotevents-data``: Update iotevents-data client to latest version * api-change:``iotevents``: Update iotevents client to latest version * api-change:``pinpoint-email``: Update pinpoint-email client to latest version * api-change:``iotanalytics``: Update iotanalytics client to latest version * api-change:``codecommit``: Update codecommit client to latest version * api-change:``rds-data``: Update rds-data client to latest version * api-change:``rds``: Update rds client to latest version * api-change:``servicecatalog``: Update servicecatalog client to latest version * api-change:``kafka``: Update kafka client to latest version ``` ### 1.12.158 ``` ======== * api-change:``ssm``: Update ssm client to latest version * api-change:``securityhub``: Update securityhub client to latest version * api-change:``iotthingsgraph``: Update iotthingsgraph client to latest version * api-change:``dlm``: Update dlm client to latest version * api-change:``rds``: Update rds client to latest version * api-change:``ec2``: Update ec2 client to latest version ``` ### 1.12.157 ``` ======== * api-change:``groundstation``: Update groundstation client to latest version * api-change:``transcribe``: Update transcribe client to latest version * api-change:``chime``: Update chime client to latest version * api-change:``rds``: Update rds client to latest version * api-change:``waf``: Update waf client to latest version * api-change:``pinpoint-email``: Update pinpoint-email client to latest version * api-change:``robomaker``: Update robomaker client to latest version * api-change:``sts``: Update sts client to latest version * api-change:``storagegateway``: Update storagegateway client to latest version ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/botocore - Changelog: https://pyup.io/changelogs/botocore/ - Repo: https://github.com/boto/botocore </details> ### Update [cryptography](https://pypi.org/project/cryptography) from **2.6.1** to **2.7**. <details> <summary>Changelog</summary> ### 2.7 ``` ~~~~~~~~~~~~~~~~ * **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1`` wheels. Continuing to produce them was a maintenance burden. * **BACKWARDS INCOMPATIBLE:** Removed the ``cryptography.hazmat.primitives.mac.MACContext`` interface. The ``CMAC`` and ``HMAC`` APIs have not changed, but they are no longer registered as ``MACContext`` instances. * Removed support for running our tests with ``setup.py test``. Users interested in running our tests can continue to follow the directions in our :doc:`development documentation</development/getting-started>`. * Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305` when using OpenSSL 1.1.1 or newer. * Support serialization with ``Encoding.OpenSSH`` and ``PublicFormat.OpenSSH`` in :meth:`Ed25519PublicKey.public_bytes <cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes>` . * Correctly allow passing a ``SubjectKeyIdentifier`` to :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier` and deprecate passing an ``Extension`` object. The documentation always required ``SubjectKeyIdentifier`` but the implementation previously required an ``Extension``. .. _v2-6-1: ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/cryptography - Changelog: https://pyup.io/changelogs/cryptography/ - Repo: https://github.com/pyca/cryptography </details> ### Update [google-api-core](https://pypi.org/project/google-api-core) from **1.11.0** to **1.11.1**. *The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)* <details> <summary>Links</summary> - PyPI: https://pypi.org/project/google-api-core - Repo: https://github.com/GoogleCloudPlatform/google-cloud-python </details> ### Update [google-cloud-core](https://pypi.org/project/google-cloud-core) from **1.0.0** to **1.0.1**. *The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)* <details> <summary>Links</summary> - PyPI: https://pypi.org/project/google-cloud-core - Repo: https://github.com/GoogleCloudPlatform/google-cloud-python </details> ### Update [pluggy](https://pypi.org/project/pluggy) from **0.11.0** to **0.12.0**. <details> <summary>Changelog</summary> ### 0.12.0 ``` ========================== Features -------- - `215 <https://github.com/pytest-dev/pluggy/issues/215>`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time. This time with ``.egg`` support. ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/pluggy - Changelog: https://pyup.io/changelogs/pluggy/ - Repo: https://github.com/pytest-dev/pluggy </details> ### Update [protobuf](https://pypi.org/project/protobuf) from **3.7.1** to **3.8.0**. *The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)* <details> <summary>Links</summary> - PyPI: https://pypi.org/project/protobuf - Changelog: https://pyup.io/changelogs/protobuf/ - Repo: https://github.com/protocolbuffers/protobuf/releases - Homepage: https://developers.google.com/protocol-buffers/ </details> ### Update [Pygments](https://pypi.org/project/Pygments) from **2.4.1** to **2.4.2**. *The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)* <details> <summary>Links</summary> - PyPI: https://pypi.org/project/pygments - Homepage: http://pygments.org/ </details> ### Update [boto3](https://pypi.org/project/boto3) from **1.9.156** to **1.9.159**. <details> <summary>Changelog</summary> ### 1.9.159 ``` ======= * api-change:``iotevents-data``: [``botocore``] Update iotevents-data client to latest version * api-change:``iotevents``: [``botocore``] Update iotevents client to latest version * api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version * api-change:``iotanalytics``: [``botocore``] Update iotanalytics client to latest version * api-change:``codecommit``: [``botocore``] Update codecommit client to latest version * api-change:``rds-data``: [``botocore``] Update rds-data client to latest version * api-change:``rds``: [``botocore``] Update rds client to latest version * api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version * api-change:``kafka``: [``botocore``] Update kafka client to latest version ``` ### 1.9.158 ``` ======= * api-change:``ssm``: [``botocore``] Update ssm client to latest version * api-change:``securityhub``: [``botocore``] Update securityhub client to latest version * api-change:``iotthingsgraph``: [``botocore``] Update iotthingsgraph client to latest version * api-change:``dlm``: [``botocore``] Update dlm client to latest version * api-change:``rds``: [``botocore``] Update rds client to latest version * api-change:``ec2``: [``botocore``] Update ec2 client to latest version ``` ### 1.9.157 ``` ======= * api-change:``groundstation``: [``botocore``] Update groundstation client to latest version * api-change:``transcribe``: [``botocore``] Update transcribe client to latest version * api-change:``chime``: [``botocore``] Update chime client to latest version * api-change:``rds``: [``botocore``] Update rds client to latest version * api-change:``waf``: [``botocore``] Update waf client to latest version * api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version * api-change:``robomaker``: [``botocore``] Update robomaker client to latest version * api-change:``sts``: [``botocore``] Update sts client to latest version * api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/boto3 - Changelog: https://pyup.io/changelogs/boto3/ - Repo: https://github.com/boto/boto3 </details> ### Update [Django](https://pypi.org/project/Django) from **2.1.8** to **2.1.9**. <details> <summary>Changelog</summary> ### 2.1.9 ``` ============================ *June 3, 2019* Django 2.1.9 fixes security issues in 2.1.8. CVE-2019-12308: AdminURLFieldWidget XSS --------------------------------------- The clickable "Current URL" link generated by ``AdminURLFieldWidget`` displayed the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link. ``AdminURLFieldWidget`` now validates the provided value using :class:`~django.core.validators.URLValidator` before displaying the clickable link. You may customise the validator by passing a ``validator_class`` kwarg to ``AdminURLFieldWidget.__init__()``, e.g. when using :attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`. Patched bundled jQuery for CVE-2019-11358: Prototype pollution -------------------------------------------------------------- jQuery before 3.4.0, mishandles ``jQuery.extend(true, {}, ...)`` because of ``Object.prototype`` pollution. If an unsanitized source object contained an enumerable ``__proto__`` property, it could extend the native ``Object.prototype``. The bundled version of jQuery used by the Django admin has been patched to allow for the ``select2`` library's use of ``jQuery.extend()``. ========================== ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/django - Changelog: https://pyup.io/changelogs/django/ - Homepage: https://www.djangoproject.com/ </details> ### Update [django-cors-headers](https://pypi.org/project/django-cors-headers) from **3.0.1** to **3.0.2**. *The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)* <details> <summary>Links</summary> - PyPI: https://pypi.org/project/django-cors-headers - Changelog: https://pyup.io/changelogs/django-cors-headers/ - Repo: https://github.com/ottoyiu/django-cors-headers </details> ### Update [django-mozilla-product-details](https://pypi.org/project/django-mozilla-product-details) from **0.13.1** to **0.14.1**. *The bot wasn't able to find a changelog for this release. [Got an idea?](https://github.com/pyupio/changelogs/issues/new)* <details> <summary>Links</summary> - PyPI: https://pypi.org/project/django-mozilla-product-details - Repo: https://github.com/mozilla/django-product-details/ </details> ### Update [pytest](https://pypi.org/project/pytest) from **4.5.0** to **4.6.1**. <details> <summary>Changelog</summary> ### 4.6.0 ``` ========================= Important --------- The ``4.6.X`` series will be the last series to support **Python 2 and Python 3.4**. For more details, see our `Python 2.7 and 3.4 support plan <https://docs.pytest.org/en/latest/py27-py34-deprecation.html>`__. Features -------- - `4559 <https://github.com/pytest-dev/pytest/issues/4559>`_: Added the ``junit_log_passing_tests`` ini value which can be used to enable or disable logging of passing test output in the Junit XML file. - `4956 <https://github.com/pytest-dev/pytest/issues/4956>`_: pytester's ``testdir.spawn`` uses ``tmpdir`` as HOME/USERPROFILE directory. - `5062 <https://github.com/pytest-dev/pytest/issues/5062>`_: Unroll calls to ``all`` to full for-loops with assertion rewriting for better failure messages, especially when using Generator Expressions. - `5063 <https://github.com/pytest-dev/pytest/issues/5063>`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time. - `5091 <https://github.com/pytest-dev/pytest/issues/5091>`_: The output for ini options in ``--help`` has been improved. - `5269 <https://github.com/pytest-dev/pytest/issues/5269>`_: ``pytest.importorskip`` includes the ``ImportError`` now in the default ``reason``. - `5311 <https://github.com/pytest-dev/pytest/issues/5311>`_: Captured logs that are output for each failing test are formatted using the ColoredLevelFormatter. - `5312 <https://github.com/pytest-dev/pytest/issues/5312>`_: Improved formatting of multiline log messages in Python 3. Bug Fixes --------- - `2064 <https://github.com/pytest-dev/pytest/issues/2064>`_: The debugging plugin imports the wrapped ``Pdb`` class (``--pdbcls``) on-demand now. - `4908 <https://github.com/pytest-dev/pytest/issues/4908>`_: The ``pytest_enter_pdb`` hook gets called with post-mortem (``--pdb``). - `5036 <https://github.com/pytest-dev/pytest/issues/5036>`_: Fix issue where fixtures dependent on other parametrized fixtures would be erroneously parametrized. - `5256 <https://github.com/pytest-dev/pytest/issues/5256>`_: Handle internal error due to a lone surrogate unicode character not being representable in Jython. - `5257 <https://github.com/pytest-dev/pytest/issues/5257>`_: Ensure that ``sys.stdout.mode`` does not include ``'b'`` as it is a text stream. - `5278 <https://github.com/pytest-dev/pytest/issues/5278>`_: Pytest's internal python plugin can be disabled using ``-p no:python`` again. - `5286 <https://github.com/pytest-dev/pytest/issues/5286>`_: Fix issue with ``disable_test_id_escaping_and_forfeit_all_rights_to_community_support`` option not working when using a list of test IDs in parametrized tests. - `5330 <https://github.com/pytest-dev/pytest/issues/5330>`_: Show the test module being collected when emitting ``PytestCollectionWarning`` messages for test classes with ``__init__`` and ``__new__`` methods to make it easier to pin down the problem. - `5333 <https://github.com/pytest-dev/pytest/issues/5333>`_: Fix regression in 4.5.0 with ``--lf`` not re-running all tests with known failures from non-selected tests. Improved Documentation ---------------------- - `5250 <https://github.com/pytest-dev/pytest/issues/5250>`_: Expand docs on use of ``setenv`` and ``delenv`` with ``monkeypatch``. ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/pytest - Changelog: https://pyup.io/changelogs/pytest/ - Homepage: https://docs.pytest.org/en/latest/ </details> ### Update [pytest-django](https://pypi.org/project/pytest-django) from **3.4.8** to **3.5.0**. <details> <summary>Changelog</summary> ### 3.5.0 ``` ------------------ Features ^^^^^^^^ * Run tests in the same order as Django (223) * Use verbosity=0 with disabled migrations (729, 730) Bugfixes ^^^^^^^^ * django_db_setup: warn instead of crash with teardown errors (726) Misc ^^^^ * tests: fix test_sqlite_database_renamed (739, 741) * tests/conftest.py: move import of db_helpers (737) * Cleanup/improve coverage, mainly with tests (706) * Slightly revisit unittest handling (740) ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/pytest-django - Changelog: https://pyup.io/changelogs/pytest-django/ - Docs: https://pytest-django.readthedocs.io/ </details> ### Update [Sphinx](https://pypi.org/project/Sphinx) from **2.0.1** to **2.1.0**. <details> <summary>Changelog</summary> ### 2.1.0 ``` ===================================== Incompatible changes -------------------- * Ignore filenames without file extension given to ``Builder.build_specific()`` API directly * 6230: The anchor of term in glossary directive is changed if it is consisted by non-ASCII characters * 4550: html: Centering tables by default using CSS * 6239: latex: xelatex and xeCJK are used for Chinese documents by default * ``Sphinx.add_lexer()`` now takes a Lexer class instead of instance. An instance of lexers are still supported until Sphinx-3.x. Deprecated ---------- * ``sphinx.builders.latex.LaTeXBuilder.apply_transforms()`` * ``sphinx.builders._epub_base.EpubBuilder.esc()`` * ``sphinx.directives.Acks`` * ``sphinx.directives.Author`` * ``sphinx.directives.Centered`` * ``sphinx.directives.Class`` * ``sphinx.directives.CodeBlock`` * ``sphinx.directives.Figure`` * ``sphinx.directives.HList`` * ``sphinx.directives.Highlight`` * ``sphinx.directives.Include`` * ``sphinx.directives.Index`` * ``sphinx.directives.LiteralInclude`` * ``sphinx.directives.Meta`` * ``sphinx.directives.Only`` * ``sphinx.directives.SeeAlso`` * ``sphinx.directives.TabularColumns`` * ``sphinx.directives.TocTree`` * ``sphinx.directives.VersionChange`` * ``sphinx.domains.python.PyClassmember`` * ``sphinx.domains.python.PyModulelevel`` * ``sphinx.domains.std.StandardDomain._resolve_citation_xref()`` * ``sphinx.domains.std.StandardDomain.note_citations()`` * ``sphinx.domains.std.StandardDomain.note_citation_refs()`` * ``sphinx.domains.std.StandardDomain.note_labels()`` * ``sphinx.environment.NoUri`` * ``sphinx.ext.apidoc.format_directive()`` * ``sphinx.ext.apidoc.format_heading()`` * ``sphinx.ext.apidoc.makename()`` * ``sphinx.ext.autodoc.importer.MockFinder`` * ``sphinx.ext.autodoc.importer.MockLoader`` * ``sphinx.ext.autodoc.importer.mock()`` * ``sphinx.ext.autosummary.autolink_role()`` * ``sphinx.ext.imgmath.DOC_BODY`` * ``sphinx.ext.imgmath.DOC_BODY_PREVIEW`` * ``sphinx.ext.imgmath.DOC_HEAD`` * ``sphinx.transforms.CitationReferences`` * ``sphinx.transforms.SmartQuotesSkipper`` * ``sphinx.util.docfields.DocFieldTransformer.preprocess_fieldtypes()`` * ``sphinx.util.node.find_source_node()`` * ``sphinx.util.i18n.find_catalog()`` * ``sphinx.util.i18n.find_catalog_files()`` * ``sphinx.util.i18n.find_catalog_source_files()`` For more details, see :ref:`deprecation APIs list <dev-deprecated-apis>`. Features added -------------- * Add a helper class ``sphinx.transforms.post_transforms.SphinxPostTransform`` * Add helper methods - ``PythonDomain.note_module()`` - ``PythonDomain.note_object()`` - ``SphinxDirective.set_source_info()`` * 6180: Support ``--keep-going`` with BuildDoc setup command * ``math`` directive now supports ``:class:`` option * 6310: imgmath: let :confval:`imgmath_use_preview` work also with the SVG format for images rendering inline math * todo: ``todo`` directive now supports ``:name:`` option * Enable override via environment of ``SPHINXOPTS`` and ``SPHINXBUILD`` Makefile variables (refs: 6232, 6303) * 6287: autodoc: Unable to document bound instance methods exported as module functions * 6289: autodoc: :confval:`autodoc_default_options` now supports ``imported-members`` option * 4777: autodoc: Support coroutine * 744: autodoc: Support abstractmethod * 6325: autodoc: Support attributes in __slots__. For dict-style __slots__, autodoc considers values as a docstring of the attribute * 6361: autodoc: Add :confval:`autodoc_typehints` to suppress typehints from signature * 1063: autodoc: ``automodule`` directive now handles undocumented module level variables * 6212 autosummary: Add :confval:`autosummary_imported_members` to display imported members on autosummary * 6271: ``make clean`` is catastrophically broken if building into '.' * 6363: Support ``%O%`` environment variable in make.bat * 4777: py domain: Add ``:async:`` option to :rst:dir:`py:function` directive * py domain: Add new options to :rst:dir:`py:method` directive - ``:abstractmethod:`` - ``:async:`` - ``:classmethod:`` - ``:property:`` - ``:staticmethod:`` * rst domain: Add :rst:dir:`directive:option` directive to describe the option for directive * 6306: html: Add a label to search form for accessability purposes * 4390: html: Consistent and semantic CSS for signatures * 6358: The ``rawsource`` property of ``production`` nodes now contains the full production rule * 6373: autosectionlabel: Allow suppression of warnings * coverage: Support a new ``coverage_ignore_pyobjects`` option * 6239: latex: Support to build Chinese documents Bugs fixed ---------- * 6230: Inappropriate node_id has been generated by glossary directive if term is consisted by non-ASCII characters * 6213: ifconfig: contents after headings are not shown * commented term in glossary directive is wrongly recognized * 6299: rst domain: rst:directive directive generates waste space * 6379: py domain: Module index (py-modindex.html) has duplicate titles * 6331: man: invalid output when doctest follows rubric * 6351: "Hyperlink target is not referenced" message is shown even if referenced * 6165: autodoc: ``tab_width`` setting of docutils has been ignored * 6347: autodoc: crashes with a plain Tuple on Python 3.6 and 3.5 * 6311: autosummary: autosummary table gets confused by complex type hints * 6350: autosummary: confused by an argument having some kind of default value * Generated Makefiles lack a final EOL (refs: 6232) * 6375: extlinks: Cannot escape angle brackets in link caption * 6378: linkcheck: Send commonly used User-Agent * 6387: html search: failed to search document with haiku and scrolls themes * 6408: html search: Fix the ranking of search results * 6406: Wrong year is returned for ``SOURCE_DATE_EPOCH`` * 6402: image directive crashes by unknown image format * 6286: C++, allow 8 and 9 in hexadecimal integer literals. * 6305: Fix the string in quickstart for 'path' argument of parser * LaTeX: Figures in admonitions produced errors (refs: 6364) ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/sphinx - Changelog: https://pyup.io/changelogs/sphinx/ - Homepage: http://sphinx-doc.org/ </details> Co-authored-by: pyup-bot <github-bot@pyup.io> Co-authored-by: Mike Cooper <mythmon@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update botocore from 1.12.156 to 1.12.159.
Changelog
1.12.159
1.12.158
1.12.157
Links
Update cryptography from 2.6.1 to 2.7.
Changelog
2.7
Links
Update google-api-core from 1.11.0 to 1.11.1.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
Update google-cloud-core from 1.0.0 to 1.0.1.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
Update pluggy from 0.11.0 to 0.12.0.
Changelog
0.12.0
Links
Update protobuf from 3.7.1 to 3.8.0.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
Update Pygments from 2.4.1 to 2.4.2.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
Update boto3 from 1.9.156 to 1.9.159.
Changelog
1.9.159
1.9.158
1.9.157
Links
Update Django from 2.1.8 to 2.1.9.
Changelog
2.1.9
Links
Update django-cors-headers from 3.0.1 to 3.0.2.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
Update django-mozilla-product-details from 0.13.1 to 0.14.1.
The bot wasn't able to find a changelog for this release. Got an idea?
Links
Update pytest from 4.5.0 to 4.6.1.
Changelog
4.6.0
Links
Update pytest-django from 3.4.8 to 3.5.0.
Changelog
3.5.0
Links
Update Sphinx from 2.0.1 to 2.1.0.
Changelog
2.1.0
Links