Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the pip group across 2 directories with 5 updates #1542

Merged
merged 1 commit into from
Sep 4, 2024
Merged

Bump the pip group across 2 directories with 5 updates #1542

merged 1 commit into from
Sep 4, 2024
+128 −140

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 4, 2024

Bumps the pip group with 4 updates in the / directory: certifi, idna, numpy and zipp.
Bumps the pip group with 4 updates in the /turbinia/api/cli directory: urllib3, certifi, idna and numpy.

Updates certifi from 2024.7.4 to 2024.8.30

Commits

Updates idna from 3.7 to 3.8

Release notes

Sourced from idna's releases.

v3.8

What's Changed

  • Fix regression where IDNAError exception was not being produced for certain inputs.
  • Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
  • Documentation improvements
  • Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Full Changelog: kjd/idna@v3.7...v3.8

Changelog

Sourced from idna's changelog.

3.8 (2024-08-23) ++++++++++++++++

  • Fix regression where IDNAError exception was not being produced for certain inputs.
  • Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
  • Documentation improvements
  • Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Commits
  • 784c6f4 Release v3.8
  • 28c7c9e Typo fix
  • a2b41c3 Pin remainder of Github Actions flagged in code scanning
  • 1f613c5 More Github Action dependency pinning
  • a87e2b6 Update OSSF scorecard to latest version
  • 12d4dd1 Merge pull request #182 from kjd/github-pypi-actions
  • e1a1541 Pin Github Actions dependencies
  • c109d3a Merge branch 'master' into github-pypi-actions
  • f8a8de4 Do not try to build/send packages to TestPyPI for now
  • 613bdde Update regexp to move global flag to start of expression
  • Additional commits viewable in compare view

Updates numpy from 2.1.0 to 2.1.1

Release notes

Sourced from numpy's releases.

2.1.1 (Sep 3, 2024)

NumPy 2.1.1 Release Notes

NumPy 2.1.1 is a maintenance release that fixes bugs and regressions discovered after the 2.1.0 release.

The Python versions supported by this release are 3.10-3.13.

Contributors

A total of 7 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

  • Andrew Nelson
  • Charles Harris
  • Mateusz Sokół
  • Maximilian Weigand +
  • Nathan Goldbaum
  • Pieter Eendebak
  • Sebastian Berg

Pull requests merged

A total of 10 pull requests were merged for this release.

  • #27236: REL: Prepare for the NumPy 2.1.0 release [wheel build]
  • #27252: MAINT: prepare 2.1.x for further development
  • #27259: BUG: revert unintended change in the return value of set_printoptions
  • #27266: BUG: fix reference counting bug in __array_interface__ implementation...
  • #27267: TST: Add regression test for missing descr in array-interface
  • #27276: BUG: Fix #27256 and #27257
  • #27278: BUG: Fix array_equal for numeric and non-numeric scalar types
  • #27287: MAINT: Update maintenance/2.1.x after the 2.0.2 release
  • #27303: BLD: cp311- macosx_arm64 wheels [wheel build]
  • #27304: BUG: f2py: better handle filtering of public/private subroutines

Checksums

MD5

3053a97400db800b7377749e691eb39e  numpy-2.1.1-cp310-cp310-macosx_10_9_x86_64.whl
84b752a2220dce7c96ff89eef4f4aec3  numpy-2.1.1-cp310-cp310-macosx_11_0_arm64.whl
47ed4f704a64261f07ca24ef2e674524  numpy-2.1.1-cp310-cp310-macosx_14_0_arm64.whl
b8a45caa870aee980c298053cf064d28  numpy-2.1.1-cp310-cp310-macosx_14_0_x86_64.whl
e097ad5eee572b791b4a25eedad6df4a  numpy-2.1.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
ae502c99315884cda7f0236a07c035c4  numpy-2.1.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
841a859d975c55090c0b60b72aab93a3  numpy-2.1.1-cp310-cp310-musllinux_1_1_x86_64.whl
d51be2b17f5b87aac64ab80fdfafc85e  numpy-2.1.1-cp310-cp310-musllinux_1_2_aarch64.whl
1f8249bd725397c6233fe6a0e8ad18b1  numpy-2.1.1-cp310-cp310-win32.whl
d38d6f06589c1ec104a6a31ff6035781  numpy-2.1.1-cp310-cp310-win_amd64.whl

... (truncated)

Commits
  • 48606ab Merge pull request #27328 from charris/prepare-2.1.1
  • a7cb4c4 REL: Prepare for the NumPy 2.1.1 release [wheel build]
  • 884c92b Merge pull request #27303 from charris/backport-27284
  • ca7f5c1 Merge pull request #27304 from charris/backport-27049
  • 2a49507 BUG: f2py: better handle filtering of public/private subroutines
  • d4306dd TST: Add regression test for gh-26920
  • db9668d BLD: cp311- macosx_arm64 wheels [wheel build]
  • c6ff254 Merge pull request #27287 from charris/post-2.0.2-release-update
  • 326bc17 MAINT: Update main after the 2.0.2 release
  • 8164b7c Merge pull request #27278 from charris/backport-27275
  • Additional commits viewable in compare view

Updates zipp from 3.20.0 to 3.20.1

Changelog

Sourced from zipp's changelog.

v3.20.1

Bugfixes

  • python/cpython#123270
Commits
  • c23e549 Finalize
  • c2b9015 Merge pull request #124 from jaraco/bugfix/gh-123270-supported-names
  • 774a3ac Add TODO to consolidate this behavior in CPython.
  • cc61e61 Prefer simpler path.rstrip to consolidate checks for empty or only paths.
  • bec712f Mark unused code as uncovered.
  • fde82dc Add news fragment.
  • a421f7e Invent DirtyZipInfo to create an unsanitized zipfile with backslashes.
  • 0a3a7b4 Refine expectation that paths with leading slashes are simply not visible.
  • f89b93f Address infinite loop when zipfile begins with more than one leading slash.
  • 3cb5609 Removed SanitizedNames.
  • Additional commits viewable in compare view

Updates urllib3 from 1.26.19 to 1.26.20

Release notes

Sourced from urllib3's releases.

1.26.20

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Fixed a crash where certain standard library hash functions were absent in FIPS-compliant environments. (#3432)
  • Replaced deprecated dash-separated setuptools entries in setup.cfg. (#3461)
  • Took into account macOS setting ECONNRESET instead of EPROTOTYPE in its newer versions. (#3416)
  • Backported changes to our tests and CI configuration from v2.x to support testing with CPython 3.12 and 3.13. (#3436)

Full Changelog: urllib3/urllib3@1.26.19...1.26.20

Changelog

Sourced from urllib3's changelog.

1.26.20 (2024-08-29)

  • Fixed a crash where certain standard library hash functions were absent in FIPS-compliant environments. ([#3432](https://github.com/urllib3/urllib3/issues/3432) <https://github.com/urllib3/urllib3/issues/3432>__)
  • Replaced deprecated dash-separated setuptools entries in setup.cfg. ([#3461](https://github.com/urllib3/urllib3/issues/3461) <https://github.com/urllib3/urllib3/pull/3461>__)
  • Took into account macOS setting ECONNRESET instead of EPROTOTYPE in its newer versions. ([#3416](https://github.com/urllib3/urllib3/issues/3416) <https://github.com/urllib3/urllib3/pull/3416>__)
  • Backported changes to our tests and CI configuration from v2.x to support testing with CPython 3.12 and 3.13. ([#3436](https://github.com/urllib3/urllib3/issues/3436) <https://github.com/urllib3/urllib3/pull/3436>__)
Commits
  • 6f2ad7c Release 1.26.20
  • 7f925b0 Backport changes to the publish workflow
  • 3d9b2d3 Replace deprecated dash-separated setuptools entries in setup.cfg (#3461)
  • e9ac9bc Upgrade actions (#3437)
  • 0b42b01 Do not limit runs with 3.13 to Ubuntu
  • d135b54 Backport a part of 5d93c9c6c01efc469200044027c21c6e661f2a99
  • 8c13ec8 Backport test_eintr_zero_timeout fix
  • df09e8c Move verbosity flag to noxfile
  • ac96f20 Test test_requesting_large_resources_via_ssl separately
  • 3f1806c Try using same PyPy 3.9 version as in main to fix timeouts
  • Additional commits viewable in compare view

Updates certifi from 2024.7.4 to 2024.8.30

Commits

Updates idna from 3.7 to 3.8

Release notes

Sourced from idna's releases.

v3.8

What's Changed

  • Fix regression where IDNAError exception was not being produced for certain inputs.
  • Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
  • Documentation improvements
  • Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Full Changelog: kjd/idna@v3.7...v3.8

Changelog

Sourced from idna's changelog.

3.8 (2024-08-23) ++++++++++++++++

  • Fix regression where IDNAError exception was not being produced for certain inputs.
  • Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
  • Documentation improvements
  • Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Commits
  • 784c6f4 Release v3.8
  • 28c7c9e Typo fix
  • a2b41c3 Pin remainder of Github Actions flagged in code scanning
  • 1f613c5 More Github Action dependency pinning
  • a87e2b6 Update OSSF scorecard to latest version
  • 12d4dd1 Merge pull request #182 from kjd/github-pypi-actions
  • e1a1541 Pin Github Actions dependencies
  • c109d3a Merge branch 'master' into github-pypi-actions
  • f8a8de4 Do not try to build/send packages to TestPyPI for now
  • 613bdde Update regexp to move global flag to start of expression
  • Additional commits viewable in compare view

Updates numpy from 2.0.1 to 2.0.2

Release notes

Sourced from numpy's releases.

2.1.1 (Sep 3, 2024)

NumPy 2.1.1 Release Notes

NumPy 2.1.1 is a maintenance release that fixes bugs and regressions discovered after the 2.1.0 release.

The Python versions supported by this release are 3.10-3.13.

Contributors

A total of 7 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

  • Andrew Nelson
  • Charles Harris
  • Mateusz Sokół
  • Maximilian Weigand +
  • Nathan Goldbaum
  • Pieter Eendebak
  • Sebastian Berg

Pull requests merged

A total of 10 pull requests were merged for this release.

  • #27236: REL: Prepare for the NumPy 2.1.0 release [wheel build]
  • #27252: MAINT: prepare 2.1.x for further development
  • #27259: BUG: revert unintended change in the return value of set_printoptions
  • #27266: BUG: fix reference counting bug in __array_interface__ implementation...
  • #27267: TST: Add regression test for missing descr in array-interface
  • #27276: BUG: Fix #27256 and #27257
  • #27278: BUG: Fix array_equal for numeric and non-numeric scalar types
  • #27287: MAINT: Update maintenance/2.1.x after the 2.0.2 release
  • #27303: BLD: cp311- macosx_arm64 wheels [wheel build]
  • #27304: BUG: f2py: better handle filtering of public/private subroutines

Checksums

MD5

3053a97400db800b7377749e691eb39e  numpy-2.1.1-cp310-cp310-macosx_10_9_x86_64.whl
84b752a2220dce7c96ff89eef4f4aec3  numpy-2.1.1-cp310-cp310-macosx_11_0_arm64.whl
47ed4f704a64261f07ca24ef2e674524  numpy-2.1.1-cp310-cp310-macosx_14_0_arm64.whl
b8a45caa870aee980c298053cf064d28  numpy-2.1.1-cp310-cp310-macosx_14_0_x86_64.whl
e097ad5eee572b791b4a25eedad6df4a  numpy-2.1.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
ae502c99315884cda7f0236a07c035c4  numpy-2.1.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
841a859d975c55090c0b60b72aab93a3  numpy-2.1.1-cp310-cp310-musllinux_1_1_x86_64.whl
d51be2b17f5b87aac64ab80fdfafc85e  numpy-2.1.1-cp310-cp310-musllinux_1_2_aarch64.whl
1f8249bd725397c6233fe6a0e8ad18b1  numpy-2.1.1-cp310-cp310-win32.whl
d38d6f06589c1ec104a6a31ff6035781  numpy-2.1.1-cp310-cp310-win_amd64.whl

... (truncated)

Commits
  • 48606ab Merge pull request #27328 from charris/prepare-2.1.1
  • a7cb4c4 REL: Prepare for the NumPy 2.1.1 release [wheel build]
  • 884c92b Merge pull request #27303 from charris/backport-27284
  • ca7f5c1 Merge pull request #27304 from charris/backport-27049
  • 2a49507 BUG: f2py: better handle filtering of public/private subroutines
  • d4306dd TST: Add regression test for gh-26920
  • db9668d BLD: cp311- macosx_arm64 wheels [wheel build]
  • c6ff254 Merge pull request #27287 from charris/post-2.0.2-release-update
  • 326bc17 MAINT: Update main after the 2.0.2 release
  • 8164b7c Merge pull request #27278 from charris/backport-27275
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the pip group across 2 directories with 5 updates
6d59c41 
Bumps the pip group with 4 updates in the / directory: [certifi](https://github.com/certifi/python-certifi), [idna](https://github.com/kjd/idna), [numpy](https://github.com/numpy/numpy) and [zipp](https://github.com/jaraco/zipp).
Bumps the pip group with 4 updates in the /turbinia/api/cli directory: [urllib3](https://github.com/urllib3/urllib3), [certifi](https://github.com/certifi/python-certifi), [idna](https://github.com/kjd/idna) and [numpy](https://github.com/numpy/numpy).


Updates `certifi` from 2024.7.4 to 2024.8.30
- [Commits](certifi/python-certifi@2024.07.04...2024.08.30)

Updates `idna` from 3.7 to 3.8
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.7...v3.8)

Updates `numpy` from 2.1.0 to 2.1.1
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.1.0...v2.1.1)

Updates `zipp` from 3.20.0 to 3.20.1
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](jaraco/zipp@v3.20.0...v3.20.1)

Updates `urllib3` from 1.26.19 to 1.26.20
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.19...1.26.20)

Updates `certifi` from 2024.7.4 to 2024.8.30
- [Commits](certifi/python-certifi@2024.07.04...2024.08.30)

Updates `idna` from 3.7 to 3.8
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.7...v3.8)

Updates `numpy` from 2.0.1 to 2.0.2
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.1.0...v2.1.1)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
  dependency-group: pip
- dependency-name: idna
  dependency-type: indirect
  dependency-group: pip
- dependency-name: numpy
  dependency-type: indirect
  dependency-group: pip
- dependency-name: zipp
  dependency-type: indirect
  dependency-group: pip
- dependency-name: urllib3
  dependency-type: indirect
  dependency-group: pip
- dependency-name: certifi
  dependency-type: indirect
  dependency-group: pip
- dependency-name: idna
  dependency-type: indirect
  dependency-group: pip
- dependency-name: numpy
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Sep 4, 2024
@aarontp aarontp merged commit 5b99874 into master Sep 4, 2024
10 checks passed
@dependabot dependabot bot deleted the dependabot/pip/pip-b843508cb3 branch September 4, 2024 18:32
jleaniz pushed a commit to jleaniz/turbinia that referenced this pull request Sep 18, 2024
@dependabot @jleaniz
Bump the pip group across 2 directories with 5 updates (google#1542)
e061d9f 
Bumps the pip group with 4 updates in the / directory: [certifi](https://github.com/certifi/python-certifi), [idna](https://github.com/kjd/idna), [numpy](https://github.com/numpy/numpy) and [zipp](https://github.com/jaraco/zipp).
Bumps the pip group with 4 updates in the /turbinia/api/cli directory: [urllib3](https://github.com/urllib3/urllib3), [certifi](https://github.com/certifi/python-certifi), [idna](https://github.com/kjd/idna) and [numpy](https://github.com/numpy/numpy).


Updates `certifi` from 2024.7.4 to 2024.8.30
- [Commits](certifi/python-certifi@2024.07.04...2024.08.30)

Updates `idna` from 3.7 to 3.8
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.7...v3.8)

Updates `numpy` from 2.1.0 to 2.1.1
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.1.0...v2.1.1)

Updates `zipp` from 3.20.0 to 3.20.1
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](jaraco/zipp@v3.20.0...v3.20.1)

Updates `urllib3` from 1.26.19 to 1.26.20
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.19...1.26.20)

Updates `certifi` from 2024.7.4 to 2024.8.30
- [Commits](certifi/python-certifi@2024.07.04...2024.08.30)

Updates `idna` from 3.7 to 3.8
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.7...v3.8)

Updates `numpy` from 2.0.1 to 2.0.2
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.1.0...v2.1.1)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
  dependency-group: pip
- dependency-name: idna
  dependency-type: indirect
  dependency-group: pip
- dependency-name: numpy
  dependency-type: indirect
  dependency-group: pip
- dependency-name: zipp
  dependency-type: indirect
  dependency-group: pip
- dependency-name: urllib3
  dependency-type: indirect
  dependency-group: pip
- dependency-name: certifi
  dependency-type: indirect
  dependency-group: pip
- dependency-name: idna
  dependency-type: indirect
  dependency-group: pip
- dependency-name: numpy
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aarontp aarontp aarontp approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aarontp