chore: bump the dependencies group with 3 updates #41

dependabot · 2024-04-01T17:26:03Z

Bumps the dependencies group with 3 updates: django-celery-beat, djangorestframework and pillow.

Updates django-celery-beat from 2.5.0 to 2.6.0

Release notes

Sourced from django-celery-beat's releases.

v2.6.0

This release adds support for Django v5.0 and Python 3.12.

What's Changed

Avoid crash when can not get human readable description by @nijel in celery/django-celery-beat#648

Update codeql-analysis.yml by @auvipy in celery/django-celery-beat#653

Fix CI: Change assert self.app.timezone.zone to assert self.app.timezone.key by @stasfilin in celery/django-celery-beat#664

drop django 4.0 from CI to avoid security issues by @auvipy in celery/django-celery-beat#662

Fix Issue #388: Celery Beat scheduled tasks may be executed repeatedly by @BaiJiangJie in celery/django-celery-beat#660

Update README.rst by @math-a3k in celery/django-celery-beat#670

Update runtime.txt to include Django 5.0 by @auvipy in celery/django-celery-beat#681

Replace case.patching fixture with mockeypatch + MagicMock by @foarsitter in celery/django-celery-beat#692

Update README.rst - Crontab effect description by @AlexanderNeilson in celery/django-celery-beat#689

Update supported Python & Django version in setup.py by @auvipy in celery/django-celery-beat#672

Add Python 3.12 to test matrix and add classifier by @foarsitter in celery/django-celery-beat#690

Django v5.0: django.utils.timezone.utc alias --> datetime.timezone.utc by @cclauss in celery/django-celery-beat#703

Upgrade GitHub Actions and PyPy 3.10 and Django 5.0 by @cclauss in celery/django-celery-beat#699

Testing Django v5.0 on pypy-3.10-v7.3.14 passes by @cclauss in celery/django-celery-beat#705

Prepare for release v2.6.0 to support Py3.12 and Dj5.0 by @cclauss in celery/django-celery-beat#712

GitHub Actions: Do not hardcode an out-of-date version of PyPy by @cclauss in celery/django-celery-beat#715

Use the same order in the admin as in the cron schedule expression by @kviktor in celery/django-celery-beat#716

Upgrade pip and GitHub Actions dependencies with dependabot by @cclauss in celery/django-celery-beat#721

Bump github/codeql-action from 2 to 3 by @dependabot in celery/django-celery-beat#722

Bump actions/checkout from 3 to 4 by @dependabot in celery/django-celery-beat#723

Update pytest requirement from =6.2.5,<9.0 by @dependabot in celery/django-celery-beat#724

Remove requirements/test-djangoXY.txt by @cclauss in celery/django-celery-beat#728

Remove code for unsupported django.VERSION < (3, 2) by @cclauss in celery/django-celery-beat#729

added sphinxcontrib-django to extensions by @mfosterw in celery/django-celery-beat#736

Update Changelog for v2.6.0 by @cclauss in celery/django-celery-beat#739

New Contributors

@stasfilin made their first contribution in celery/django-celery-beat#664

@BaiJiangJie made their first contribution in celery/django-celery-beat#660

@math-a3k made their first contribution in celery/django-celery-beat#670

@foarsitter made their first contribution in celery/django-celery-beat#692

@AlexanderNeilson made their first contribution in celery/django-celery-beat#689

@cclauss made their first contribution in celery/django-celery-beat#703

@kviktor made their first contribution in celery/django-celery-beat#716

@dependabot made their first contribution in celery/django-celery-beat#722

@mfosterw made their first contribution in celery/django-celery-beat#736

Full Changelog: celery/django-celery-beat@v2.5.0...v2.6.0

Changelog

Sourced from django-celery-beat's changelog.

2.6.0

:release-date: 2024-03-03 :release-by: Christian Clauss

Avoid crash when can not get human readable description (#648).

Update codeql-analysis.yml (#653).

Fix CI: Change assert self.app.timezone.zone to assert self.app.timezone.key (#664).

Drop Django 4.0 from CI to avoid security issues (#662).

Fix Issue #388: Celery Beat scheduled tasks may be executed repeatedly (#660).

Update README.rst (#670).

Update runtime.txt to include Django 5.0 (#681).

Replace case.patching fixture with mockeypatch + MagicMock (#692).

Update README.rst - Crontab effect description (#689).

Update supported Python & Django version in setup.py (#672).

Add Python 3.12 to test matrix and add classifier (#690).

Django v5.0: django.utils.timezone.utc alias --> datetime.timezone.utc (#703).

Upgrade GitHub Actions and PyPy 3.10 and Django 5.0 (#699).

Testing Django v5.0 on pypy-3.10-v7.3.14 passes (#705).

Prepare for release v2.6.0 to support Py3.12 and Dj5.0 (#712).

GitHub Actions: Do not hardcode an out-of-date version of PyPy (#715).

Use the same order in the admin as in the cron schedule expression (#716).

Upgrade pip and GitHub Actions dependencies with dependabot (#721).

Bump github/codeql-action from 2 to 3 (#722).

Bump actions/checkout from 3 to 4 (#723).

Update pytest requirement from =6.2.5,<9.0 (#724).

Remove requirements/test-djangoXY.txt (#728).

Remove code for unsupported django.VERSION < (3, 2) (#729).

Added sphinxcontrib-django to extensions (#736).

.. _version-2.5.0:

Commits

f5eb928 Update Changelog for v2.6.0 (#739)
3d82c8a added sphinxcontrib-django to extensions (#736)
cd41f68 [pre-commit.ci] pre-commit autoupdate (#734)
ee3b500 Remove code for unsupported django.VERSION < (3, 2) (#729)
acd10a3 Remove requirements//test-djangoXY.txt (#728)
875ae4c Update pytest requirement from <8.0,>=6.2.5 to >=6.2.5,<9.0 (#724)
5bb1cd9 Bump actions/checkout from 3 to 4 (#723)
b68bebb Bump github/codeql-action from 2 to 3 (#722)
1db65fc [pre-commit.ci] pre-commit autoupdate (#710)
d47d178 Upgrade pip and GitHub Actions dependencies with dependabot (#721)
Additional commits viewable in compare view

Updates djangorestframework from 3.14.0 to 3.15.1

Commits

3285916 Version 3.15.1 (#9339)
eb361d2 SearchFilter.get_search_terms returns list. (#9338)
400b4c5 Revert "Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespac...
4ef3aaf Revert #9030 (#9333)
4f10c4e Revert "Fix Respect can_read_model permission in DjangoModelPermissions (#8...
a4d5807 Revert "feat: Add some changes to ValidationError to support django style vad...
da78a14 Revert "Re-prefetch related objects after updating (#8043)" (#9327)
0e4ed81 Revert "feat: Add some changes to ValidationError to support django style vad...
56a5b35 Add drf-sendables to third-party-packages.md (#9261)
d7c8dcf Revert PR that adds autocomplete_fields to TokenAdmin, as this break some use...
Additional commits viewable in compare view

Updates pillow from 10.2.0 to 10.3.0

Release notes

Sourced from pillow's releases.

10.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html

Changes

CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [@hugovk]

Use functools.lru_cache for hopper() #7912 [@hugovk]

Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [@radarhere]

Improve speed of loading QOI images #7925 [@radarhere]

Added RGB to I;16N conversion #7920 [@radarhere]

Add --report argument to main.py to omit supported formats #7818 [@nulano]

Added RGB to I;16, I;16L and I;16B conversion #7918 [@radarhere]

Fix editable installation with custom build backend and configuration options #7658 [@nulano]

Fix putdata() for I;16N on big-endian #7209 [@Yay295]

Determine MPO size from markers, not EXIF data #7884 [@radarhere]

Improved conversion from RGB to RGBa, LA and La #7888 [@radarhere]

Support FITS images with GZIP_1 compression #7894 [@radarhere]

Use I;16 mode for 9-bit JPEG 2000 images #7900 [@scaramallion]

Raise ValueError if kmeans is negative #7891 [@radarhere]

Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [@radarhere]

Raise ValueError for negative values when loading P1-P3 PPM images #7882 [@radarhere]

Added reading of JPEG2000 palettes #7870 [@radarhere]

Added alpha_quality argument when saving WebP images #7872 [@radarhere]

Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions #7881 [@radarhere]

Removed Python and NumPy pinning on Cygwin #7880 [@radarhere]

Update UnidentifiedImageError and version imports #7644 [@radarhere]

Stop reading EPS image at EOF marker #7753 [@radarhere]

PSD layer co-ordinates may be negative #7706 [@radarhere]

Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer #7791 [@radarhere]

When saving GIF frame that restores to background color, do not fill identical pixels #7788 [@radarhere]

Fixed reading PNG iCCP compression method #7823 [@radarhere]

Allow writing IFDRational to UNDEFINED tag #7840 [@radarhere]

Fix logged tag name when loading Exif data #7842 [@radarhere]

Use maximum frame size in IHDR chunk when saving APNG images #7821 [@radarhere]

Prevent opening P TGA images without a palette #7797 [@radarhere]

Use palette when loading ICO images #7798 [@radarhere]

Use consistent arguments for load_read and load_seek #7713 [@radarhere]

Turn off nullability warnings for macOS SDK #7827 [@radarhere]

Fix shift-sign issue in Convert.c #7838 [@r-barnes]

winbuild: Refactor dependency versions into constants #7843 [@hugovk]

Build macOS arm64 wheels natively #7852 [@radarhere]

Fixed typo #7855 [@radarhere]

Open 16-bit grayscale PNGs as I;16 #7849 [@radarhere]

Handle truncated chunks at the end of PNG images #7709 [@lajiyuan]

Match mask size to pasted image size in GifImagePlugin #7779 [@radarhere]

Changed SupportsGetMesh protocol to be public #7841 [@radarhere]

Release GIL while calling WebPAnimDecoderGetNext #7782 [@evanmiller]

Fixed reading FLI/FLC images with a prefix chunk #7804 [@twolife]

Updated package name for Tidelift #7810 [@radarhere]

Removed unused code #7744 [@radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

10.3.0 (2024-04-01)

CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [radarhere, hugovk]

Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927 [radarhere, hugovk]

Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [radarhere]

Add --report argument to __main__.py to omit supported formats #7818 [nulano, radarhere, hugovk]

Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, #7920 [radarhere]

Fix editable installation with custom build backend and configuration options #7658 [nulano, radarhere]

Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk, radarhere]

Determine MPO size from markers, not EXIF data #7884 [radarhere]

Improved conversion from RGB to RGBa, LA and La #7888 [radarhere]

Support FITS images with GZIP_1 compression #7894 [radarhere]

Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion, radarhere]

Raise ValueError if kmeans is negative #7891 [radarhere]

Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [radarhere]

Raise ValueError for negative values when loading P1-P3 PPM images #7882 [radarhere]

Added reading of JPEG2000 palettes #7870 [radarhere]

Added alpha_quality argument when saving WebP images #7872 [radarhere]

... (truncated)

Commits

5c89d88 10.3.0 version bump
63cbfcf Update CHANGES.rst [ci skip]
2776126 Merge pull request #7928 from python-pillow/lcms
aeb51cb Merge branch 'main' into lcms
5beb0b6 Update CHANGES.rst [ci skip]
cac6ffa Merge pull request #7927 from python-pillow/imagemath
f5eeeac Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval
facf3af Added release notes
2a93aba Use strncpy to avoid buffer overflow
a670597 Update CHANGES.rst [ci skip]
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 3 updates: [django-celery-beat](https://github.com/celery/django-celery-beat), [djangorestframework](https://github.com/encode/django-rest-framework) and [pillow](https://github.com/python-pillow/Pillow). Updates `django-celery-beat` from 2.5.0 to 2.6.0 - [Release notes](https://github.com/celery/django-celery-beat/releases) - [Changelog](https://github.com/celery/django-celery-beat/blob/main/Changelog) - [Commits](celery/django-celery-beat@v2.5.0...v2.6.0) Updates `djangorestframework` from 3.14.0 to 3.15.1 - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](encode/django-rest-framework@3.14.0...3.15.1) Updates `pillow` from 10.2.0 to 10.3.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.2.0...10.3.0) --- updated-dependencies: - dependency-name: django-celery-beat dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: djangorestframework dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 1, 2024

Iipin merged commit 9b86db9 into master Apr 1, 2024
2 checks passed

dependabot bot deleted the dependabot/pip/dependencies-4d8292625a branch April 1, 2024 17:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: bump the dependencies group with 3 updates #41

chore: bump the dependencies group with 3 updates #41

dependabot bot commented on behalf of github Apr 1, 2024

chore: bump the dependencies group with 3 updates #41

chore: bump the dependencies group with 3 updates #41

Conversation

dependabot bot commented on behalf of github Apr 1, 2024

v2.6.0

What's Changed

New Contributors

2.6.0

10.3.0

Changes

10.3.0 (2024-04-01)