Bump the dependencies group across 1 directory with 15 updates

[dependabot]

Bumps the dependencies group with 15 updates in the / directory:

Package	From	To
coverage[toml]	7.4.3	7.5.1
packaging	23.2	24.0
pluggy	1.4.0	1.5.0
pyasn1-modules	0.3.0	0.4.0
pycparser	2.21	2.22
pyopenssl	24.0.0	24.1.0
pytest	8.0.2	8.2.1
babel	2.14.0	2.15.0
pygments	2.17.2	2.18.0
requests	2.31.0	2.32.2
sphinx	7.2.6	7.3.7
black	24.2.0	24.4.2
platformdirs	4.2.0	4.2.2
types-pyopenssl	24.0.0.20240228	24.1.0.20240425
typing-extensions	4.10.0	4.12.0

Updates coverage[toml] from 7.4.3 to 7.5.1

Release notes

Sourced from coverage[toml]'s releases.

7.5.1

• Fix: a pragma comment on the continuation lines of a multi-line statement now excludes the statement and its body, the same as if the pragma is on the first line. This closes issue 754. The fix was contributed by Daniel Diniz.
• Fix: very complex source files like this one could cause a maximum recursion error when creating an HTML report. This is now fixed, closing issue 1774.
• HTML report improvements:
  • Support files (JavaScript and CSS) referenced by the HTML report now have hashes added to their names to ensure updated files are used instead of stale cached copies.
  • Missing branch coverage explanations that said "the condition was never false" now read "the condition was always true" because it's easier to understand.
  • Column sort order is remembered better as you move between the index pages, fixing issue 1766. Thanks, Daniel Diniz.

➡️  PyPI page: coverage 7.5.1. :arrow_right:  To install: python3 -m pip install coverage==7.5.1

7.5.0

• Added initial support for function and class reporting in the HTML report. There are now three index pages which link to each other: files, functions, and classes. Other reports don't yet have this information, but it will be added in the future where it makes sense. Feedback gladly accepted! Finishes issue 780.
• Other HTML report improvements:
  • There is now a "hide covered" checkbox to filter out 100% files, finishing issue 1384.
  • The index page is always sorted by one of its columns, with clearer indications of the sorting.
  • The "previous file" shortcut key didn't work on the index page, but now it does, fixing issue 1765.
• The debug output showing which configuration files were tried now shows absolute paths to help diagnose problems where settings aren't taking effect, and is renamed from "attempted_config_files" to the more logical "config_files_attempted."
• Python 3.13.0a6 is supported.

➡️  PyPI page: coverage 7.5.0. :arrow_right:  To install: python3 -m pip install coverage==7.5.0

7.4.4

• Fix: in some cases, even with [run] relative_files=True, a data file could be created with absolute path names. When combined with other relative data files, it was random whether the absolute file names would be made relative or not. If they weren't, then a file would be listed twice in reports, as detailed in issue 1752. This is now fixed: absolute file names are always made relative when combining. Thanks to Bruno Rodrigues dos Santos for support.
• Fix: the last case of a match/case statement had an incorrect message if the branch was missed. It said the pattern never matched, when actually the branch is missed if the last case always matched.
• Fix: clicking a line number in the HTML report now positions more accurately.
• Fix: the report:format setting was defined as a boolean, but should be a string. Thanks, Tanaydin Sirin. It is also now documented on the configuration page <config_report_format>.

➡️  PyPI page: coverage 7.4.4. :arrow_right:  To install: python3 -m pip install coverage==7.4.4

Changelog

Sourced from coverage[toml]'s changelog.

Version 7.5.1 — 2024-05-04

• Fix: a pragma comment on the continuation lines of a multi-line statement now excludes the statement and its body, the same as if the pragma is on the first line. This closes issue 754. The fix was contributed by Daniel Diniz <pull 1773_>.

• Fix: very complex source files like this one <resolvent_lookup_>_ could cause a maximum recursion error when creating an HTML report. This is now fixed, closing issue 1774_.

• HTML report improvements:

  • Support files (JavaScript and CSS) referenced by the HTML report now have hashes added to their names to ensure updated files are used instead of stale cached copies.

  • Missing branch coverage explanations that said "the condition was never false" now read "the condition was always true" because it's easier to understand.

  • Column sort order is remembered better as you move between the index pages, fixing issue 1766. Thanks, Daniel Diniz <pull 1768_>.

.. _resolvent_lookup: https://github.com/sympy/sympy/blob/130950f3e6b3f97fcc17f4599ac08f70fdd2e9d4/sympy/polys/numberfields/resolvent_lookup.py .. _issue 754: nedbat/coveragepy#754 .. _issue 1766: nedbat/coveragepy#1766 .. _pull 1768: nedbat/coveragepy#1768 .. _pull 1773: nedbat/coveragepy#1773 .. _issue 1774: nedbat/coveragepy#1774

.. _changes_7-5-0:

Version 7.5.0 — 2024-04-23

• Added initial support for function and class reporting in the HTML report. There are now three index pages which link to each other: files, functions, and classes. Other reports don't yet have this information, but it will be added in the future where it makes sense. Feedback gladly accepted! Finishes issue 780_.

• Other HTML report improvements:

  • There is now a "hide covered" checkbox to filter out 100% files, finishing issue 1384_.

... (truncated)

Commits

• be938ea docs: sample HTML for 7.5.1
• 02c66d7 docs: prep for 7.5.1
• 5fa9f67 fix: avoid max recursion errors in ast code. #1774
• 34af01d build: easier to run metasmoke on desired python version
• 6b0cac5 perf: cache _human_key to speed html report by about 10%
• fdc0ee8 docs: oops, typo
• 60e6cb4 docs: changelog for #754 and #1773
• 277c8c4 fix: '# pragma: no branch' in multiline if statements. #754 (#1773)
• 34d3eb7 docs: update changelog for #1786. Thanks, Daniel Diniz
• 2bb5ef2 fix(html): make HTML column sorting consistent across index pages (fix #1766)...
• Additional commits viewable in compare view

Updates packaging from 23.2 to 24.0

Release notes

Sourced from packaging's releases.

24.0

What's Changed

• Fix specifier matching when the specifier is long and has an epoch by @​SpecLad in pypa/packaging#712
• Clarify version split/join usage by @​uranusjr in pypa/packaging#725
• Default optional metadata values to None by @​dstufft in pypa/packaging#734
• Stop using deprecated/removed keys by @​dstufft in pypa/packaging#739
• Correctly use the ExceptionGroup shim only when needed by @​dstufft in pypa/packaging#736
• Update CHANGELOG entry about validate kwarg by @​pradyunsg in pypa/packaging#731
• Support --disable-gil builds (PEP 703) in packaging.tags by @​colesbury in pypa/packaging#728
• Skip test_glibc_version_string_ctypes_raise_oserror if ctypes is unavailable by @​kevinchang96 in pypa/packaging#741
• Enable CodeQL by @​joycebrum in pypa/packaging#743
• PEP 703: Rename Py_NOGIL to Py_GIL_DISABLED by @​hugovk in pypa/packaging#747
• Replace PEP references with PUG links by @​jeanas in pypa/packaging#750
• Remove coverage ignore for non-existent file by @​shenanigansd in pypa/packaging#752
• Update URLs by @​DimitriPapadopoulos in pypa/packaging#764
• Configure dependabot by @​joycebrum in pypa/packaging#757
• Hash pin github actions by @​joycebrum in pypa/packaging#758
• Apply some refurb suggestions by @​DimitriPapadopoulos in pypa/packaging#763
• Appply some bugbear suggestions by @​DimitriPapadopoulos in pypa/packaging#761
• Apply some ruff suggestions by @​DimitriPapadopoulos in pypa/packaging#772
• Add riscv64 as a supported manylinux architecture by @​markdryan in pypa/packaging#751

New Contributors

• @​colesbury made their first contribution in pypa/packaging#728
• @​kevinchang96 made their first contribution in pypa/packaging#741
• @​jeanas made their first contribution in pypa/packaging#750
• @​shenanigansd made their first contribution in pypa/packaging#752
• @​markdryan made their first contribution in pypa/packaging#751

Full Changelog: pypa/packaging@23.2...24.0

Changelog

Sourced from packaging's changelog.

24.0 - 2024-03-10

* Do specifier matching correctly when the specifier contains an epoch number
  and has more components than the version (:issue:`683`)
* Support the experimental ``--disable-gil`` builds in packaging.tags
  (:issue:`727`)
* BREAKING: Make optional ``metadata.Metadata`` attributes default to ``None`` (:issue:`733`)
* Fix errors when trying to access the ``description_content_type``, ``keywords``,
  and ``requires_python`` attributes on ``metadata.Metadata`` when those values
  have not been provided (:issue:`733`)
* Fix a bug preventing the use of the built in ``ExceptionGroup`` on versions of
  Python that support it (:issue:`725`)

Commits

• 7a983f7 Bump for release
• 4d85340 Add riscv64 as a supported manylinux architecture (#751)
• 4dce761 Apply some ruff suggestions (#772)
• 57a6a7f Appply some bugbear suggestions (#761)
• 7bcd6d8 Apply some refurb suggestions (#763)
• d0067e9 [StepSecurity] ci: Harden GitHub Actions (#1) (#758)
• eae70dd feat: Create dependabot.yml (#757)
• 241bb35 Update URLs (#764)
• 7698237 Remove coverage ignore for non-existent file (#752)
• b271d2b Replace PEP references with PUG links (#750)
• Additional commits viewable in compare view

Updates pluggy from 1.4.0 to 1.5.0

Changelog

Sourced from pluggy's changelog.

pluggy 1.5.0 (2024-04-19)

Features

• [#178](https://github.com/pytest-dev/pluggy/issues/178) <https://github.com/pytest-dev/pluggy/issues/178>_: Add support for deprecating specific hook parameters, or more generally, for issuing a warning whenever a hook implementation requests certain parameters.

  See :ref:warn_on_impl for details.

Bug Fixes

• [#481](https://github.com/pytest-dev/pluggy/issues/481) <https://github.com/pytest-dev/pluggy/issues/481>_: PluginManager.get_plugins() no longer returns None for blocked plugins.

Commits

• f8aa4a0 Preparing release 1.5.0
• b4a8c92 Merge pull request #495 from bluetech/warn-on-impl-args
• 6f6ea68 Add support deprecating hook parameters
• 91f88d2 Merge pull request #496 from bluetech/codecov-action
• 89ce829 ci: replace upload-coverage script with codecov github action
• 29f104d Lift pluggy (#493)
• c2b36b4 Merge pull request #491 from pytest-dev/pre-commit-ci-update-config
• 2b533c9 [pre-commit.ci] pre-commit autoupdate
• 04d1bcd [pre-commit.ci] pre-commit autoupdate (#490)
• f74e94b [pre-commit.ci] pre-commit autoupdate (#489)
• Additional commits viewable in compare view

Updates pyasn1-modules from 0.3.0 to 0.4.0

Release notes

Sourced from pyasn1-modules's releases.

Release 0.4.0

It's a major release where we drop Python 2 support entirely. The most significant changes are:

• Added support for Python 3.11, 3.12
• Removed support for EOL Pythons 2.7, 3.6, 3.7

A full list of changes can be seen in the CHANGELOG.

Changelog

Sourced from pyasn1-modules's changelog.

Revision 0.4.0, released 26-03-2024

• Added support for Python 3.11, 3.12
• Removed support for EOL Pythons 2.7, 3.6, 3.7

Commits

• 98b1e26 Prepare release 0.4.0
• 0339532 Drop support for EOL Python 3.6 and 3.7 (#14)
• 9ec5409 Drop support for EOL Python 2.7 (#12)
• 252ac00 Add support for Python 3.12 (#11)
• See full diff in compare view

Updates pycparser from 2.21 to 2.22

Release notes

Sourced from pycparser's releases.

release_v2.22

What's Changed

• Add missing SCHAR limit defines by @​matamegger in eliben/pycparser#449
• Use proper SPDX identifier by @​Shortfinga in eliben/pycparser#474
• Add Python 3.11 as a supported version by @​erlend-aasland in eliben/pycparser#469
• Fix multi-pragma/single statement blocks (#479) by @​ldore in eliben/pycparser#480
• Add an encoding parameter to parse_file by @​jordr in eliben/pycparser#486
• Feature/add pragma support by @​jordr in eliben/pycparser#487
• Set up permissions to ci.yml by @​joycebrum in eliben/pycparser#492
• _build_tables: Invalidate cache before importing generated modules by @​mgorny in eliben/pycparser#494
• Upgrade GitHub Actions by @​cclauss in eliben/pycparser#500
• Create a Security Policy by @​joycebrum in eliben/pycparser#499
• New example to generate AST from scratch by @​Andree37 in eliben/pycparser#507
• Add support for Python 3.12 by @​hugovk in eliben/pycparser#515
• ply: Make generated lextab.py deterministic by @​jackrosenthal in eliben/pycparser#531

New Contributors

• @​matamegger made their first contribution in eliben/pycparser#449
• @​Shortfinga made their first contribution in eliben/pycparser#474
• @​erlend-aasland made their first contribution in eliben/pycparser#469
• @​jordr made their first contribution in eliben/pycparser#486
• @​joycebrum made their first contribution in eliben/pycparser#492
• @​mgorny made their first contribution in eliben/pycparser#494
• @​cclauss made their first contribution in eliben/pycparser#500
• @​Andree37 made their first contribution in eliben/pycparser#507
• @​jackrosenthal made their first contribution in eliben/pycparser#531

Full Changelog: eliben/pycparser@release_v2.21...release_v2.22

Changelog

Sourced from pycparser's changelog.

• Starting with version 2.22, please use the GitHub UI at https://github.com/eliben/pycparser/tags to compare tags in order to find out what changed.

Commits

• 129d32e Prepare for release 2.22
• c3e2644 update CHANGES file for future changes
• c500fb6 ply: Make generated lextab.py deterministic (#531)
• f740995 Add support for Python 3.12 (#515)
• 6cf69df New example to generate AST from scratch (#507)
• 50a26ac Remove unneeded import in an example
• d86a9e5 Remove from future imports from all files in this repo
• a9f073e Remove from future imports in examples
• 670979b Update SECURITY.md
• 9e8cd29 Create a Security Policy (#499)
• Additional commits viewable in compare view

Updates pyopenssl from 24.0.0 to 24.1.0

Changelog

Sourced from pyopenssl's changelog.

24.1.0 (2024-03-09)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Removed the deprecated OpenSSL.crypto.PKCS12 and OpenSSL.crypto.NetscapeSPKI. OpenSSL.crypto.PKCS12 may be replaced by the PKCS#12 APIs in the cryptography package.

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

Commits

• d9f2c46 Bump version for 24.1.0 release (#1297)
• cea1f2e Remove deprecated PKCS12 and NetscapeSPKI classes (#1288)
• 510b0e5 Stop using flaky lib, use pytest-rerunfailures instead (#1296)
• a972ea4 Fixed typos in CHANGELOG.rst (#1293)
• 482b95e Removed redundant code in SSL.py that depended on old version of cryptography...
• 1508c4b fix for E721 errors raised by flake8 (#1289)
• See full diff in compare view

Updates pytest from 8.0.2 to 8.2.1

Release notes

Sourced from pytest's releases.

8.2.1

pytest 8.2.1 (2024-05-19)

Improvements

• #12334: Support for Python 3.13 (beta1 at the time of writing).

Bug Fixes

• #12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
• #12191: Keyboard interrupts and system exits are now properly handled during the test collection.
• #12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
• #12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.

Trivial/Internal Changes

• #12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.

8.2.0

pytest 8.2.0 (2024-04-27)

Deprecations

• #12069: A deprecation warning is now raised when implementations of one of the following hooks request a deprecated py.path.local parameter instead of the pathlib.Path parameter which replaced it:

  • pytest_ignore_collect{.interpreted-text role="hook"} - the path parameter - use collection_path instead.
  • pytest_collect_file{.interpreted-text role="hook"} - the path parameter - use file_path instead.
  • pytest_pycollect_makemodule{.interpreted-text role="hook"} - the path parameter - use module_path instead.
  • pytest_report_header{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.
  • pytest_report_collectionfinish{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.

  The replacement parameters are available since pytest 7.0.0. The old parameters will be removed in pytest 9.0.0.

  See legacy-path-hooks-deprecated{.interpreted-text role="ref"} for more details.

Features

• #11871: Added support for reading command line arguments from a file using the prefix character @, like e.g.: pytest @tests.txt. The file must have one argument per line.

  See Read arguments from file <args-from-file>{.interpreted-text role="ref"} for details.

Improvements

... (truncated)

Commits

• 66ff8df Prepare release version 8.2.1
• 3ffcfd1 Merge pull request #12340 from pytest-dev/backport-12334-to-8.2.x
• 0b28313 [8.2.x] Add Python 3.13 (beta) support
• f3dd93a [8.2.x] Attest package provenance (#12335)
• bb5a125 [8.2.x] Spelling (#12331)
• f179bf2 Merge pull request #12327 from pytest-dev/backport-12325-to-8.2.x
• 2b671b5 [8.2.x] cacheprovider: fix .pytest_cache not being world-readable
• 65ab7cb Merge pull request #12324 from pytest-dev/backport-12320-to-8.2.x
• 4d5fb7d Merge pull request #12319 from pytest-dev/backport-12311-to-8.2.x
• cbe5996 [8.2.x] changelog: document unittest 8.2 change as breaking
• Additional commits viewable in compare view

Updates babel from 2.14.0 to 2.15.0

Release notes

Sourced from babel's releases.

v2.15.0

The changelog below is auto-generated by GitHub.

The binary artifacts attached to this GitHub release were generated by the GitHub Actions workflow.

Please see CHANGELOG.rst for additional details.

---

What's Changed

• Drop support for Python 3.7 (EOL since June 2023) by @​akx in python-babel/babel#1048
• Upgrade GitHub Actions by @​cclauss in python-babel/babel#1054
• Improve .po IO by @​akx in python-babel/babel#1068
• Use CLDR 44 by @​akx in python-babel/babel#1071
• Allow alternative space characters as group separator when parsing numbers by @​ronnix in python-babel/babel#1007
• Include Unicode license in locale-data and in documentation by @​akx in python-babel/babel#1074
• Encode support for the "fall back to short format" logic for time delta formatting by @​akx in python-babel/babel#1075
• Prepare for 2.15.0 release by @​akx in python-babel/babel#1079

New Contributors

• @​cclauss made their first contribution in python-babel/babel#1054
• @​ronnix made their first contribution in python-babel/babel#1007

Full Changelog: python-babel/babel@v2.14.0...v2.15.0

Changelog

Sourced from babel's changelog.

Version 2.15.0

Python version support

* Babel 2.15.0 will require Python 3.8 or newer. (:gh:`1048`)
Features

* CLDR: Upgrade to CLDR 44 (:gh:`1071`) (@akx)
* Dates: Support for the "fall back to short format" logic for time delta formatting (:gh:`1075`) (@akx)
* Message: More versatile .po IO functions (:gh:`1068`) (@akx)
* Numbers: Improved support for alternate spaces when parsing numbers (:gh:`1007`) (@ronnix's first contribution)
Infrastructure



Upgrade GitHub Actions (:gh:1054) (@​cclauss's first contribution)
The Unicode license is now included in locale-data and in the documentation (:gh:1074) (@​akx)

Commits

• 40b194f Prepare for 2.15.0 release (#1079)
• c2e6c6e Encode support for the "fall back to short format" logic for time delta forma...
• 1a03526 Include Unicode license in locale-data and in documentation (#1074)
• c0fb56e Allow alternative space characters as group separator when parsing numbers (#...
• fe82fbc Use CLDR 44 and adjust tests to match new data (#1071)
• e0d1018 Improve .po IO (#1068)
• 40e60a1 Upgrade GitHub Actions (#1054)
• 2a1709a Drop support for Python 3.7 (EOL since June 2023) (#1048)
• See full diff in compare view

Updates pygments from 2.17.2 to 2.18.0

Release notes

Sourced from pygments's releases.

2.18.0

• New lexers:

  • Janet (#2557)
  • Lean 4 (#2618, #2626)
  • Luau (#2605)
  • Mojo (#2691, #2515)
  • org-mode (#2628, #2636)
  • Promela (#2620)
  • Soong / Android.bp (#2659)
  • Tact (#2571)
  • Typst (#2596)

• Updated lexers:

  • Awk: recognize ternary operator (#2687)
  • Bash: add openrc alias (#2599, #2371)
  • Coq: add keywords, lex more vernacular command arguments, produce fewer tokens on heading comments (#2678)
  • DNS zone files: Fix comment parsing (#2595)
  • Hy: Support unicode literals (#1126)
  • Inform6: Update to Inform 6.42 (#2644)
  • lean: Fix name handling (#2614)
  • Logtalk: add uninstantiation keyword and recognize escape sequences (#2619)
  • Macaulay2: Update to 1.23 (#2655)
  • Python: fix highlighting of soft keywords before None/True/False
  • reStructuredText: use Token.Comment for comments instead of Comment.Preproc (#2598)
  • Rust: highlight :, :: and -> as Punctuation and whitespace as Whitespace, instead of Text in both cases (#2631)
  • Spice: Add keywords (#2621)
  • SQL Explain: allow negative numbers (#2610)
  • Swift: Support multiline strings (#2681)
  • ThingsDB: add constants and new functions; support template strings (#2624)
  • UL4: support nested <?doc?> and <?note?> tags (#2597)
  • VHDL: support multi-line comments of VHDL-2008 (#2622)
  • Wikitext: Remove kk-* in variant_langs (#2647)
  • Xtend: Add val and var (#2602)

• New styles:

  • Coffee (#2609)

• Make background colors in the image formatter work with Pillow 10.0 (#2623)

• Require Python 3.8. As a result, the importlib-metadata package is no longer needed for fast plugin discovery on Python 3.7. The plugins extra (used as, e.g., pip install pygments[plugins])

... (truncated)

Changelog

Sourced from pygments's changelog.

Version 2.18.0

(released May 4th, 2024)

• New lexers:

  • Janet (#2557)
  • Lean 4 (#2618, #2626)
  • Luau (#2605)
  • Mojo (#2691, #2515)
  • org-mode (#2628, #2636)
  • Promela (#2620)
  • Soong / Android.bp (#2659)
  • Tact (#2571)
  • Typst (#2596)

• Updated lexers:

  • Awk: recognize ternary operator (#2687)
  • Bash: add openrc alias (#2599, #2371)
  • Coq: add keywords, lex more vernacular command arguments, produce fewer tokens on heading comments (#2678)
  • DNS zone files: Fix comment parsing (#2595)
  • Hy: Support unicode literals (#1126)
  • Inform6: Update to Inform 6.42 (#2644)
  • lean: Fix name handling (#2614)
  • Logtalk: add uninstantiation keyword and recognize escape sequences (#2619)
  • Macaulay2: Update to 1.23 (#2655)
  • Python: fix highlighting of soft keywords before None/True/False
  • reStructuredText: use Token.Comment for comments instead of Comment.Preproc (#2598)
  • Rust: highlight :, :: and -> as Punctuation and whitespace as Whitespace, instead of Text in both cases (#2631)
  • Spice: Add keywords (#2621)
  • SQL Explain: allow negative numbers (#2610)
  • Swift: Support multiline strings (#2681)
  • ThingsDB: add constants and new functions; support template strings (#2624)
  • UL4: support nested <?doc?> and <?note?> tags (#2597)
  • VHDL: support multi-line comments of VHDL-2008 (#2622)
  • Wikitext: Remove kk-* in variant_langs (#2647)
  • Xtend: Add val and var (#2602)

• New styles:

  • Coffee (#2609)

• Make background colors in the image formatter work with Pillow 10.0 (#2623)

... (truncated)

Commits

• d7d11f6 Last steps for 2.18 release.
• ec7bfd2 Fix Janet version_added.
• ea9c823 Update CHANGES.
• 338d366 Merge pull request #2670 from Kodiologist/hylex
• 4d1371b Lock down the pytest version.
• 8dd97e0 Improve docs.
• 26179d6 Fix deprecated variable usage in tests.
• ad125ca Prepare 2.18 release.
• 24deeb9 Lock the ruff version in tox.ini.
• c9165cf Fix format string usage.
• Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.