Scheduled weekly dependency update for week 22

[pyup-bot]

Update botocore from 1.12.156 to 1.12.159.

Changelog

1.12.159

========

* api-change:``iotevents-data``: Update iotevents-data client to latest version
* api-change:``iotevents``: Update iotevents client to latest version
* api-change:``pinpoint-email``: Update pinpoint-email client to latest version
* api-change:``iotanalytics``: Update iotanalytics client to latest version
* api-change:``codecommit``: Update codecommit client to latest version
* api-change:``rds-data``: Update rds-data client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``servicecatalog``: Update servicecatalog client to latest version
* api-change:``kafka``: Update kafka client to latest version

1.12.158

========

* api-change:``ssm``: Update ssm client to latest version
* api-change:``securityhub``: Update securityhub client to latest version
* api-change:``iotthingsgraph``: Update iotthingsgraph client to latest version
* api-change:``dlm``: Update dlm client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``ec2``: Update ec2 client to latest version

1.12.157

========

* api-change:``groundstation``: Update groundstation client to latest version
* api-change:``transcribe``: Update transcribe client to latest version
* api-change:``chime``: Update chime client to latest version
* api-change:``rds``: Update rds client to latest version
* api-change:``waf``: Update waf client to latest version
* api-change:``pinpoint-email``: Update pinpoint-email client to latest version
* api-change:``robomaker``: Update robomaker client to latest version
* api-change:``sts``: Update sts client to latest version
* api-change:``storagegateway``: Update storagegateway client to latest version

Links

• PyPI: https://pypi.org/project/botocore
• Changelog: https://pyup.io/changelogs/botocore/
• Repo: https://github.com/boto/botocore

Update cryptography from 2.6.1 to 2.7.

Changelog

2.7

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1``
wheels. Continuing to produce them was a maintenance burden.
* **BACKWARDS INCOMPATIBLE:** Removed the
``cryptography.hazmat.primitives.mac.MACContext`` interface. The ``CMAC`` and
``HMAC`` APIs have not changed, but they are no longer registered as
``MACContext`` instances.
* Removed support for running our tests with ``setup.py test``. Users
interested in running our tests can continue to follow the directions in our
:doc:`development documentation</development/getting-started>`.
* Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305`
when using OpenSSL 1.1.1 or newer.
* Support serialization with ``Encoding.OpenSSH`` and ``PublicFormat.OpenSSH``
in
:meth:`Ed25519PublicKey.public_bytes
<cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes>`
.
* Correctly allow passing a ``SubjectKeyIdentifier`` to
:meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`
and deprecate passing an ``Extension`` object. The documentation always
required ``SubjectKeyIdentifier`` but the implementation previously
required an ``Extension``.

.. _v2-6-1:

Links

• PyPI: https://pypi.org/project/cryptography
• Changelog: https://pyup.io/changelogs/cryptography/
• Repo: https://github.com/pyca/cryptography

Update google-api-core from 1.11.0 to 1.11.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/google-api-core
• Repo: https://github.com/GoogleCloudPlatform/google-cloud-python

Update google-cloud-core from 1.0.0 to 1.0.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/google-cloud-core
• Repo: https://github.com/GoogleCloudPlatform/google-cloud-python

Update pluggy from 0.11.0 to 0.12.0.

Changelog

0.12.0

==========================

Features
--------

- `215 <https://github.com/pytest-dev/pluggy/issues/215>`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time.  This time with ``.egg`` support.

Links

• PyPI: https://pypi.org/project/pluggy
• Changelog: https://pyup.io/changelogs/pluggy/
• Repo: https://github.com/pytest-dev/pluggy

Update protobuf from 3.7.1 to 3.8.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/protobuf
• Changelog: https://pyup.io/changelogs/protobuf/
• Repo: https://github.com/protocolbuffers/protobuf/releases
• Homepage: https://developers.google.com/protocol-buffers/

Update Pygments from 2.4.1 to 2.4.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pygments
• Homepage: http://pygments.org/

Update boto3 from 1.9.156 to 1.9.159.

Changelog

1.9.159

=======

* api-change:``iotevents-data``: [``botocore``] Update iotevents-data client to latest version
* api-change:``iotevents``: [``botocore``] Update iotevents client to latest version
* api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version
* api-change:``iotanalytics``: [``botocore``] Update iotanalytics client to latest version
* api-change:``codecommit``: [``botocore``] Update codecommit client to latest version
* api-change:``rds-data``: [``botocore``] Update rds-data client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``servicecatalog``: [``botocore``] Update servicecatalog client to latest version
* api-change:``kafka``: [``botocore``] Update kafka client to latest version

1.9.158

=======

* api-change:``ssm``: [``botocore``] Update ssm client to latest version
* api-change:``securityhub``: [``botocore``] Update securityhub client to latest version
* api-change:``iotthingsgraph``: [``botocore``] Update iotthingsgraph client to latest version
* api-change:``dlm``: [``botocore``] Update dlm client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``ec2``: [``botocore``] Update ec2 client to latest version

1.9.157

=======

* api-change:``groundstation``: [``botocore``] Update groundstation client to latest version
* api-change:``transcribe``: [``botocore``] Update transcribe client to latest version
* api-change:``chime``: [``botocore``] Update chime client to latest version
* api-change:``rds``: [``botocore``] Update rds client to latest version
* api-change:``waf``: [``botocore``] Update waf client to latest version
* api-change:``pinpoint-email``: [``botocore``] Update pinpoint-email client to latest version
* api-change:``robomaker``: [``botocore``] Update robomaker client to latest version
* api-change:``sts``: [``botocore``] Update sts client to latest version
* api-change:``storagegateway``: [``botocore``] Update storagegateway client to latest version

Links

• PyPI: https://pypi.org/project/boto3
• Changelog: https://pyup.io/changelogs/boto3/
• Repo: https://github.com/boto/boto3

Update Django from 2.1.8 to 2.1.9.

Changelog

2.1.9

============================

*June 3, 2019*

Django 2.1.9 fixes security issues in 2.1.8.

CVE-2019-12308: AdminURLFieldWidget XSS
---------------------------------------

The clickable "Current URL" link generated by ``AdminURLFieldWidget`` displayed
the provided value without validating it as a safe URL. Thus, an unvalidated
value stored in the database, or a value provided as a URL query parameter
payload, could result in an clickable JavaScript link.

``AdminURLFieldWidget`` now validates the provided value using
:class:`~django.core.validators.URLValidator` before displaying the clickable
link. You may customise the validator by passing a ``validator_class`` kwarg to
``AdminURLFieldWidget.__init__()``, e.g. when using
:attr:`~django.contrib.admin.ModelAdmin.formfield_overrides`.

Patched bundled jQuery for CVE-2019-11358: Prototype pollution
--------------------------------------------------------------

jQuery before 3.4.0, mishandles ``jQuery.extend(true, {}, ...)`` because of
``Object.prototype`` pollution. If an unsanitized source object contained an
enumerable ``__proto__`` property, it could extend the native
``Object.prototype``.

The bundled version of jQuery used by the Django admin has been patched to
allow for the ``select2`` library's use of ``jQuery.extend()``.


==========================

Links

• PyPI: https://pypi.org/project/django
• Changelog: https://pyup.io/changelogs/django/
• Homepage: https://www.djangoproject.com/

Update django-cors-headers from 3.0.1 to 3.0.2.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-cors-headers
• Changelog: https://pyup.io/changelogs/django-cors-headers/
• Repo: https://github.com/ottoyiu/django-cors-headers

Update django-mozilla-product-details from 0.13.1 to 0.14.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/django-mozilla-product-details
• Repo: https://github.com/mozilla/django-product-details/

Update pytest from 4.5.0 to 4.6.1.

Changelog

4.6.0

=========================

Important
---------

The ``4.6.X`` series will be the last series to support **Python 2 and Python 3.4**.

For more details, see our `Python 2.7 and 3.4 support plan <https://docs.pytest.org/en/latest/py27-py34-deprecation.html>`__.


Features
--------

- `4559 <https://github.com/pytest-dev/pytest/issues/4559>`_: Added the ``junit_log_passing_tests`` ini value which can be used to enable or disable logging of passing test output in the Junit XML file.


- `4956 <https://github.com/pytest-dev/pytest/issues/4956>`_: pytester's ``testdir.spawn`` uses ``tmpdir`` as HOME/USERPROFILE directory.


- `5062 <https://github.com/pytest-dev/pytest/issues/5062>`_: Unroll calls to ``all`` to full for-loops with assertion rewriting for better failure messages, especially when using Generator Expressions.


- `5063 <https://github.com/pytest-dev/pytest/issues/5063>`_: Switch from ``pkg_resources`` to ``importlib-metadata`` for entrypoint detection for improved performance and import time.


- `5091 <https://github.com/pytest-dev/pytest/issues/5091>`_: The output for ini options in ``--help`` has been improved.


- `5269 <https://github.com/pytest-dev/pytest/issues/5269>`_: ``pytest.importorskip`` includes the ``ImportError`` now in the default ``reason``.


- `5311 <https://github.com/pytest-dev/pytest/issues/5311>`_: Captured logs that are output for each failing test are formatted using the
ColoredLevelFormatter.


- `5312 <https://github.com/pytest-dev/pytest/issues/5312>`_: Improved formatting of multiline log messages in Python 3.



Bug Fixes
---------

- `2064 <https://github.com/pytest-dev/pytest/issues/2064>`_: The debugging plugin imports the wrapped ``Pdb`` class (``--pdbcls``) on-demand now.


- `4908 <https://github.com/pytest-dev/pytest/issues/4908>`_: The ``pytest_enter_pdb`` hook gets called with post-mortem (``--pdb``).


- `5036 <https://github.com/pytest-dev/pytest/issues/5036>`_: Fix issue where fixtures dependent on other parametrized fixtures would be erroneously parametrized.


- `5256 <https://github.com/pytest-dev/pytest/issues/5256>`_: Handle internal error due to a lone surrogate unicode character not being representable in Jython.


- `5257 <https://github.com/pytest-dev/pytest/issues/5257>`_: Ensure that ``sys.stdout.mode`` does not include ``'b'`` as it is a text stream.


- `5278 <https://github.com/pytest-dev/pytest/issues/5278>`_: Pytest's internal python plugin can be disabled using ``-p no:python`` again.


- `5286 <https://github.com/pytest-dev/pytest/issues/5286>`_: Fix issue with ``disable_test_id_escaping_and_forfeit_all_rights_to_community_support`` option not working when using a list of test IDs in parametrized tests.


- `5330 <https://github.com/pytest-dev/pytest/issues/5330>`_: Show the test module being collected when emitting ``PytestCollectionWarning`` messages for
test classes with ``__init__`` and ``__new__`` methods to make it easier to pin down the problem.


- `5333 <https://github.com/pytest-dev/pytest/issues/5333>`_: Fix regression in 4.5.0 with ``--lf`` not re-running all tests with known failures from non-selected tests.



Improved Documentation
----------------------

- `5250 <https://github.com/pytest-dev/pytest/issues/5250>`_: Expand docs on use of ``setenv`` and ``delenv`` with ``monkeypatch``.

Links

• PyPI: https://pypi.org/project/pytest
• Changelog: https://pyup.io/changelogs/pytest/
• Homepage: https://docs.pytest.org/en/latest/

Update pytest-django from 3.4.8 to 3.5.0.

Changelog

3.5.0

------------------

Features
^^^^^^^^

* Run tests in the same order as Django (223)

* Use verbosity=0 with disabled migrations (729, 730)

Bugfixes
^^^^^^^^

* django_db_setup: warn instead of crash with teardown errors (726)

Misc
^^^^
* tests: fix test_sqlite_database_renamed (739, 741)

* tests/conftest.py: move import of db_helpers (737)

* Cleanup/improve coverage, mainly with tests (706)

* Slightly revisit unittest handling (740)

Links

• PyPI: https://pypi.org/project/pytest-django
• Changelog: https://pyup.io/changelogs/pytest-django/
• Docs: https://pytest-django.readthedocs.io/

Update Sphinx from 2.0.1 to 2.1.0.

Changelog

2.1.0

=====================================

Incompatible changes
--------------------

* Ignore filenames without file extension given to ``Builder.build_specific()``
API directly
* 6230: The anchor of term in glossary directive is changed if it is consisted
by non-ASCII characters
* 4550: html: Centering tables by default using CSS
* 6239: latex: xelatex and xeCJK are used for Chinese documents by default
* ``Sphinx.add_lexer()`` now takes a Lexer class instead of instance.  An
instance of lexers are still supported until Sphinx-3.x.

Deprecated
----------

* ``sphinx.builders.latex.LaTeXBuilder.apply_transforms()``
* ``sphinx.builders._epub_base.EpubBuilder.esc()``
* ``sphinx.directives.Acks``
* ``sphinx.directives.Author``
* ``sphinx.directives.Centered``
* ``sphinx.directives.Class``
* ``sphinx.directives.CodeBlock``
* ``sphinx.directives.Figure``
* ``sphinx.directives.HList``
* ``sphinx.directives.Highlight``
* ``sphinx.directives.Include``
* ``sphinx.directives.Index``
* ``sphinx.directives.LiteralInclude``
* ``sphinx.directives.Meta``
* ``sphinx.directives.Only``
* ``sphinx.directives.SeeAlso``
* ``sphinx.directives.TabularColumns``
* ``sphinx.directives.TocTree``
* ``sphinx.directives.VersionChange``
* ``sphinx.domains.python.PyClassmember``
* ``sphinx.domains.python.PyModulelevel``
* ``sphinx.domains.std.StandardDomain._resolve_citation_xref()``
* ``sphinx.domains.std.StandardDomain.note_citations()``
* ``sphinx.domains.std.StandardDomain.note_citation_refs()``
* ``sphinx.domains.std.StandardDomain.note_labels()``
* ``sphinx.environment.NoUri``
* ``sphinx.ext.apidoc.format_directive()``
* ``sphinx.ext.apidoc.format_heading()``
* ``sphinx.ext.apidoc.makename()``
* ``sphinx.ext.autodoc.importer.MockFinder``
* ``sphinx.ext.autodoc.importer.MockLoader``
* ``sphinx.ext.autodoc.importer.mock()``
* ``sphinx.ext.autosummary.autolink_role()``
* ``sphinx.ext.imgmath.DOC_BODY``
* ``sphinx.ext.imgmath.DOC_BODY_PREVIEW``
* ``sphinx.ext.imgmath.DOC_HEAD``
* ``sphinx.transforms.CitationReferences``
* ``sphinx.transforms.SmartQuotesSkipper``
* ``sphinx.util.docfields.DocFieldTransformer.preprocess_fieldtypes()``
* ``sphinx.util.node.find_source_node()``
* ``sphinx.util.i18n.find_catalog()``
* ``sphinx.util.i18n.find_catalog_files()``
* ``sphinx.util.i18n.find_catalog_source_files()``

For more details, see :ref:`deprecation APIs list <dev-deprecated-apis>`.

Features added
--------------

* Add a helper class ``sphinx.transforms.post_transforms.SphinxPostTransform``
* Add helper methods

- ``PythonDomain.note_module()``
- ``PythonDomain.note_object()``
- ``SphinxDirective.set_source_info()``

* 6180: Support ``--keep-going`` with BuildDoc setup command
* ``math`` directive now supports ``:class:`` option
* 6310: imgmath: let :confval:`imgmath_use_preview` work also with the SVG
format for images rendering inline math
* todo: ``todo`` directive now supports ``:name:`` option
* Enable override via environment of ``SPHINXOPTS`` and ``SPHINXBUILD`` Makefile
variables (refs: 6232, 6303)
* 6287: autodoc: Unable to document bound instance methods exported as module
functions
* 6289: autodoc: :confval:`autodoc_default_options` now supports
``imported-members`` option
* 4777: autodoc: Support coroutine
* 744: autodoc: Support abstractmethod
* 6325: autodoc: Support attributes in __slots__.  For dict-style __slots__,
autodoc considers values as a docstring of the attribute
* 6361: autodoc: Add :confval:`autodoc_typehints` to suppress typehints from
signature
* 1063: autodoc: ``automodule`` directive now handles undocumented module level
variables
* 6212 autosummary: Add :confval:`autosummary_imported_members` to display
imported members on autosummary
* 6271: ``make clean`` is catastrophically broken if building into '.'
* 6363: Support ``%O%`` environment variable in make.bat
* 4777: py domain: Add ``:async:`` option to :rst:dir:`py:function` directive
* py domain: Add new options to :rst:dir:`py:method` directive

- ``:abstractmethod:``
- ``:async:``
- ``:classmethod:``
- ``:property:``
- ``:staticmethod:``

* rst domain: Add :rst:dir:`directive:option` directive to describe the option
for directive
* 6306: html: Add a label to search form for accessability purposes
* 4390: html: Consistent and semantic CSS for signatures
* 6358: The ``rawsource`` property of ``production`` nodes now contains the
full production rule
* 6373: autosectionlabel: Allow suppression of warnings
* coverage: Support a new ``coverage_ignore_pyobjects`` option
* 6239: latex: Support to build Chinese documents

Bugs fixed
----------

* 6230: Inappropriate node_id has been generated by glossary directive if term
is consisted by non-ASCII characters
* 6213: ifconfig: contents after headings are not shown
* commented term in glossary directive is wrongly recognized
* 6299: rst domain: rst:directive directive generates waste space
* 6379: py domain: Module index (py-modindex.html) has duplicate titles
* 6331: man: invalid output when doctest follows rubric
* 6351: "Hyperlink target is not referenced" message is shown even if
referenced
* 6165: autodoc: ``tab_width`` setting of docutils has been ignored
* 6347: autodoc: crashes with a plain Tuple on Python 3.6 and 3.5
* 6311: autosummary: autosummary table gets confused by complex type hints
* 6350: autosummary: confused by an argument having some kind of default value
* Generated Makefiles lack a final EOL (refs: 6232)
* 6375: extlinks: Cannot escape angle brackets in link caption
* 6378: linkcheck: Send commonly used User-Agent
* 6387: html search: failed to search document with haiku and scrolls themes
* 6408: html search: Fix the ranking of search results
* 6406: Wrong year is returned for ``SOURCE_DATE_EPOCH``
* 6402: image directive crashes by unknown image format
* 6286: C++, allow 8 and 9 in hexadecimal integer literals.
* 6305: Fix the string in quickstart for 'path' argument of parser
* LaTeX: Figures in admonitions produced errors (refs: 6364)

Links

• PyPI: https://pypi.org/project/sphinx
• Changelog: https://pyup.io/changelogs/sphinx/
• Homepage: http://sphinx-doc.org/

[rehandalal]

bors r+

[bors]

Build succeeded

• ci/circleci: contract-tests
• ci/circleci: docker-image-build-pr
• ci/circleci: docs-build
• ci/circleci: js-tests
• ci/circleci: lint
• ci/circleci: python-tests