Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump jinja2 from 2.8 to 2.10.1 #1809

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 14, 2020

Bumps jinja2 from 2.8 to 2.10.1.

Release notes

Sourced from jinja2's releases.

2.10.1

2.10

Primary changes

Install or upgrade

Install from PyPI with pip:

pip install -U Jinja2

Changelog

  • Added a new extension node called OverlayScope which can be used to create an unoptimized scope that will look up all variables from a derived context.
  • Added an in test that works like the in operator. This can be used in combination with reject and select.
  • Added previtem and nextitem to loop contexts, providing access to the previous/next item in the loop. If such an item does not exist, the value is undefined.
  • Added changed(*values) to loop contexts, providing an easy way of checking whether a value has changed since the last iteration (or rather since the last call of the method)
  • Added a namespace function that creates a special object which allows attribute assignment using the set tag. This can be used to carry data across scopes, e.g. from a loop body to code that comes after the loop.
  • Added a trimmed modifier to {% trans %} to strip linebreaks and surrounding whitespace. Also added a new policy to enable this for all trans blocks.
  • The random filter is no longer incorrectly constant folded and will produce a new random choice each time the template is rendered. (#478)
  • Added a unique filter. (#469)
  • Added min and max filters. (#475)
  • Added tests for all comparison operators: eq, ne, lt, le, gt, ge. (#665)
  • import statement cannot end with a trailing comma. (#617, #618)
  • indent filter will not indent blank lines by default. (#685)
  • Add reverse argument for dictsort filter. (#692)
  • Add a NativeEnvironment that renders templates to native Python types instead of strings. (#708)
  • Added filter support to the block set tag. (#489)
  • tojson filter marks output as safe to match documented behavior. (#718)
  • Resolved a bug where getting debug locals for tracebacks could modify template context.
  • Fixed a bug where having many {% elif ... %} blocks resulted in a "too many levels of indentation" error. These blocks now compile to native elif ..: instead of else: if ..: (#759)
Changelog

Sourced from jinja2's changelog.

Version 2.10.1

Released 2019-04-06

  • SandboxedEnvironment securely handles str.format_map in order to prevent code execution through untrusted format strings. The sandbox already handled str.format.

Version 2.10

Released 2017-11-08

  • Added a new extension node called OverlayScope which can be used to create an unoptimized scope that will look up all variables from a derived context.
  • Added an in test that works like the in operator. This can be used in combination with reject and select.
  • Added previtem and nextitem to loop contexts, providing access to the previous/next item in the loop. If such an item does not exist, the value is undefined.
  • Added changed(*values) to loop contexts, providing an easy way of checking whether a value has changed since the last iteration (or rather since the last call of the method)
  • Added a namespace function that creates a special object which allows attribute assignment using the set tag. This can be used to carry data across scopes, e.g. from a loop body to code that comes after the loop.
  • Added a trimmed modifier to {% trans %} to strip linebreaks and surrounding whitespace. Also added a new policy to enable this for all trans blocks.
  • The random filter is no longer incorrectly constant folded and will produce a new random choice each time the template is rendered. :pr:478
  • Added a unique filter. :pr:469
  • Added min and max filters. :pr:475
  • Added tests for all comparison operators: eq, ne, lt, le, gt, ge. :pr:665
  • import statement cannot end with a trailing comma. :pr:617, :pr:618
  • indent filter will not indent blank lines by default. :pr:685
  • Add reverse argument for dictsort filter. :pr:692
  • Add a NativeEnvironment that renders templates to native Python types instead of strings. :pr:708
  • Added filter support to the block set tag. :pr:489
  • tojson filter marks output as safe to match documented behavior. :pr:718
  • Resolved a bug where getting debug locals for tracebacks could

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [jinja2](https://github.com/pallets/jinja) from 2.8 to 2.10.1.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst)
- [Commits](pallets/jinja@2.8...2.10.1)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 14, 2020
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 20, 2021

Superseded by #1845.

@dependabot dependabot bot closed this Mar 20, 2021
@dependabot dependabot bot deleted the dependabot/pip/jinja2-2.10.1 branch March 20, 2021 00:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants