This repository has been archived by the owner on Aug 4, 2018. It is now read-only.
[requires.io] dependency update on master branch #39
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Reviewed 1 of 1 files at r1. Comments from Reviewable |
bors-fusion bot
added a commit
that referenced
this pull request
Oct 4, 2017
107: Update cffi to 1.11.1 r=mithrandi There's a new version of [cffi](https://pypi.python.org/pypi/cffi) available. You are currently using **1.10.0**. I have updated it to **1.11.1** These links might come in handy: <a href="https://pypi.python.org/pypi/cffi">PyPI</a> | <a href="https://pyup.io/changelogs/cffi/">Changelog</a> | <a href="http://cffi.readthedocs.org">Docs</a> ### Changelog > >### 1.11.1 >======= >* Fix tests, remove deprecated C API usage >* Fix (hack) for 3.6.0/3.6.1/3.6.2 giving incompatible binary extensions > (cpython issue `29943`_) >* Fix for 3.7.0a1+ >.. _`29943`: https://bugs.python.org/issue29943 >### 1.11 >===== >* Support the modern standard types ``char16_t`` and ``char32_t``. > These work like ``wchar_t``: they represent one unicode character, or > when used as ``charN_t *`` or ``charN_t[]`` they represent a unicode > string. The difference with ``wchar_t`` is that they have a known, > fixed size. They should work at all places that used to work with > ``wchar_t`` (please report an issue if I missed something). Note > that with ``set_source()``, you need to make sure that these types are > actually defined by the C source you provide (if used in ``cdef()``). >* Support the C99 types ``float _Complex`` and ``double _Complex``. > Note that libffi doesn't support them, which means that in the ABI > mode you still cannot call C functions that take complex numbers > directly as arguments or return type. >* Fixed a rare race condition when creating multiple ``FFI`` instances > from multiple threads. (Note that you aren't meant to create many > ``FFI`` instances: in inline mode, you should write ``ffi = > cffi.FFI()`` at module level just after ``import cffi``; and in > out-of-line mode you don't instantiate ``FFI`` explicitly at all.) >* Windows: using callbacks can be messy because the CFFI internal error > messages show up to stderr---but stderr goes nowhere in many > applications. This makes it particularly hard to get started with the > embedding mode. (Once you get started, you can at least use > ``ffi.def_extern(onerror=...)`` and send the error logs where it > makes sense for your application, or record them in log files, and so > on.) So what is new in CFFI is that now, on Windows CFFI will try to > open a non-modal MessageBox (in addition to sending raw messages to > stderr). The MessageBox is only visible if the process stays alive: > typically, console applications that crash close immediately, but that > is also the situation where stderr should be visible anyway. >* Progress on support for `callbacks in NetBSD`__. >* Functions returning booleans would in some case still return 0 or 1 > instead of False or True. Fixed. >* `ffi.gc()`__ now takes an optional third parameter, which gives an > estimate of the size (in bytes) of the object. So far, this is only > used by PyPy, to make the next GC occur more quickly (`issue 320`__). > In the future, this might have an effect on CPython too (provided > the CPython `issue 31105`__ is addressed). >* Add a note to the documentation: the ABI mode gives function objects > that are *slower* to call than the API mode does. For some reason it > is often thought to be faster. It is not! >.. __: https://bitbucket.org/cffi/cffi/issues/321/cffi-191-segmentation-fault-during-self >.. __: ref.htmlffi-gc >.. __: https://bitbucket.org/cffi/cffi/issues/320/improve-memory_pressure-management >.. __: http://bugs.python.org/issue31105 >### 1.10.1 >======= *Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.* Happy merging! 🤖
bors-fusion bot
added a commit
that referenced
this pull request
Nov 17, 2017
117: Update lxml to 4.1.1 r=mithrandi a=pyup-bot There's a new version of [lxml](https://pypi.python.org/pypi/lxml) available. You are currently using **3.8.0**. I have updated it to **4.1.1** These links might come in handy: <a href="https://pypi.python.org/pypi/lxml">PyPI</a> | <a href="https://pyup.io/changelogs/lxml/">Changelog</a> | <a href="http://lxml.de/">Homepage</a> | <a href="https://bugs.launchpad.net/lxml">Bugtracker</a> ### Changelog > >### 4.1.1 >================== >* Rebuild with Cython 0.27.3 to improve support for Py3.7. >### 4.1.0 >================== >Features added >-------------- >* ElementPath supports text predicates for current node, like "[.='text']". >* ElementPath allows spaces in predicates. >* Custom Element classes and XPath functions can now be registered with a > decorator rather than explicit dict assignments. >* Static Linux wheels are now built with link time optimisation (LTO) enabled. > This should have a beneficial impact on the overall performance by providing > a tighter compiler integration between lxml and libxml2/libxslt. >Bugs fixed >---------- >* LP1722776: Requesting non-Element objects like comments from a document with > ``PythonElementClassLookup`` could fail with a TypeError. >### 4.0.0 >================== >Features added >-------------- >* The ElementPath implementation is now compiled using Cython, > which speeds up the ``.find*()`` methods quite significantly. >* The modules ``lxml.builder``, ``lxml.html.diff`` and ``lxml.html.clean`` > are also compiled using Cython in order to speed them up. >* ``xmlfile()`` supports async coroutines using ``async with`` and ``await``. >* ``iterwalk()`` has a new method ``skip_subtree()`` that prevents walking into > the descendants of the current element. >* ``RelaxNG.from_rnc_string()`` accepts a ``base_url`` argument to > allow relative resource lookups. >* The XSLT result object has a new method ``.write_output(file)`` that serialises > output data into a file according to the ``<xsl:output>`` configuration. >Bugs fixed >---------- >* GH251: HTML comments were handled incorrectly by the soupparser. > Patch by mozbugbox. >* LP1654544: The html5parser no longer passes the ``useChardet`` option > if the input is a Unicode string, unless explicitly requested. When parsing > files, the default is to enable it when a URL or file path is passed (because > the file is then opened in binary mode), and to disable it when reading from > a file(-like) object. > Note: This is a backwards incompatible change of the default configuration. > If your code parses byte strings/streams and depends on character detection, > please pass the option ``guess_charset=True`` explicitly, which already worked > in older lxml versions. >* LP1703810: ``etree.fromstring()`` failed to parse UTF-32 data with BOM. >* LP1526522: Some RelaxNG errors were not reported in the error log. >* LP1567526: Empty and plain text input raised a TypeError in soupparser. >* LP1710429: Uninitialised variable usage in HTML diff. >* LP1415643: The closing tags context manager in ``xmlfile()`` could continue > to output end tags even after writing failed with an exception. >* LP1465357: ``xmlfile.write()`` now accepts and ignores None as input argument. >* Compilation under Py3.7-pre failed due to a modified function signature. >Other changes >------------- >* The main module source files were renamed from ``lxml.*.pyx`` to plain > ``*.pyx`` (e.g. ``etree.pyx``) to simplify their handling in the build > process. Care was taken to keep the old header files as fallbacks for > code that compiles against the public C-API of lxml, but it might still > be worth validating that third-party code does not notice this change. *Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.* Happy merging! 🤖
bors-fusion bot
added a commit
that referenced
this pull request
Nov 17, 2017
116: Update cryptography to 2.1.3 r=mithrandi a=pyup-bot There's a new version of [cryptography](https://pypi.python.org/pypi/cryptography) available. You are currently using **2.0.3**. I have updated it to **2.1.3** These links might come in handy: <a href="https://pypi.python.org/pypi/cryptography">PyPI</a> | <a href="https://pyup.io/changelogs/cryptography/">Changelog</a> | <a href="https://github.com/pyca/cryptography">Repo</a> ### Changelog > >### 2.1.2 >~~~~~~~~~~~~~~~~~~ >* Corrected a bug with the ``manylinux1`` wheels where OpenSSL's stack was > marked executable. >.. _v2-1-1: >### 2.1.1 >~~~~~~~~~~~~~~~~~~ >* Fixed support for install with the system ``pip`` on Ubuntu 16.04. >.. _v2-1: >### 2.1 >~~~~~~~~~~~~~~~~ >* **FINAL DEPRECATION** Python 2.6 support is deprecated, and will be removed > in the next release of ``cryptography``. >* **BACKWARDS INCOMPATIBLE:** ``Whirlpool``, ``RIPEMD160``, and > ``UnsupportedExtension`` have been removed in accordance with our > :doc:`/api-stability` policy. >* **BACKWARDS INCOMPATIBLE:** > :attr:`DNSName.value <cryptography.x509.DNSName.value>`, > :attr:`RFC822Name.value <cryptography.x509.RFC822Name.value>`, and > :attr:`UniformResourceIdentifier.value > <cryptography.x509.UniformResourceIdentifier.value>` > will now return an :term:`A-label` string when parsing a certificate > containing an internationalized domain name (IDN) or if the caller passed > a :term:`U-label` to the constructor. See below for additional deprecations > related to this change. >* Installing ``cryptography`` now requires ``pip`` 6 or newer. >* Deprecated passing :term:`U-label` strings to the > :class:`~cryptography.x509.DNSName`, > :class:`~cryptography.x509.UniformResourceIdentifier`, and > :class:`~cryptography.x509.RFC822Name` constructors. Instead, users should > pass values as :term:`A-label` strings with ``idna`` encoding if necessary. > This change will not affect anyone who is not processing internationalized > domains. >* Added support for > :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20`. In > most cases users should choose > :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305` > rather than using this unauthenticated form. >* Added :meth:`~cryptography.x509.CertificateRevocationList.is_signature_valid` > to :class:`~cryptography.x509.CertificateRevocationList`. >* Support :class:`~cryptography.hazmat.primitives.hashes.BLAKE2b` and > :class:`~cryptography.hazmat.primitives.hashes.BLAKE2s` with > :class:`~cryptography.hazmat.primitives.hmac.HMAC`. >* Added support for > :class:`~cryptography.hazmat.primitives.ciphers.modes.XTS` mode for > AES. >* Added support for using labels with > :class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP` when using > OpenSSL 1.0.2 or greater. >* Improved compatibility with NSS when issuing certificates from an issuer > that has a subject with non-``UTF8String`` string types. >* Add support for the :class:`~cryptography.x509.DeltaCRLIndicator` extension. >* Add support for the :class:`~cryptography.x509.TLSFeature` > extension. This is commonly used for enabling ``OCSP Must-Staple`` in > certificates. >* Add support for the :class:`~cryptography.x509.FreshestCRL` extension. >.. _v2-0-3: *Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.* Happy merging! 🤖
bors-fusion bot
added a commit
that referenced
this pull request
Jan 1, 2018
124: Scheduled weekly dependency update for week 00 r=mithrandi a=pyup-bot ## Updates Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need. <table align="center"> <tr> <td><b>asn1crypto</b></td> <td align="center">0.23.0</td> <td align="center">»</td> <td align="center">0.24.0</td> <td> <a href="https://pypi.python.org/pypi/asn1crypto">PyPI</a> | <a href="https://pyup.io/changelogs/asn1crypto/">Changelog</a> | <a href="https://github.com/wbond/asn1crypto/issues">Repo</a> </td> <tr> <td><b>attrs</b></td> <td align="center">17.3.0</td> <td align="center">»</td> <td align="center">17.4.0</td> <td> <a href="https://pypi.python.org/pypi/attrs">PyPI</a> | <a href="https://pyup.io/changelogs/attrs/">Changelog</a> | <a href="http://www.attrs.org/">Homepage</a> </td> <tr> <td><b>ipaddress</b></td> <td align="center">1.0.18</td> <td align="center">»</td> <td align="center">1.0.19</td> <td> <a href="https://pypi.python.org/pypi/ipaddress">PyPI</a> | <a href="https://github.com/phihag/ipaddress">Repo</a> </td> </tr> </table> ## Changelogs ### asn1crypto 0.23.0 -> 0.24.0 >### 0.24.0 > - `x509.Certificate().self_signed` will no longer return `"yes"` under any > circumstances. This helps prevent confusion since the library does not > verify the signature. Instead a library like oscrypto should be used > to confirm if a certificate is self-signed. > - Added various OIDs to `x509.KeyPurposeId()` > - Added `x509.Certificate().private_key_usage_period_value` > - Added structures for parsing common subject directory attributes for > X.509 certificates, including `x509.SubjectDirectoryAttribute()` > - Added `algos.AnyAlgorithmIdentifier()` for situations where an > algorithm identifier may contain a digest, signed digest or encryption > algorithm OID > - Fixed a bug with `x509.Certificate().subject_directory_attributes_value` > not returning the correct value > - Fixed a bug where explicitly-tagged fields in a `core.Sequence()` would > not function properly when the field had a default value > - Fixed a bug with type checking in `pem.armor()` ### attrs 17.3.0 -> 17.4.0 >### 17.4.0 >------------------- >Backward-incompatible Changes >^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >- The traversal of MROs when using multiple inheritance was backward: > If you defined a class ``C`` that subclasses ``A`` and ``B`` like ``C(A, B)``, ``attrs`` would have collected the attributes from ``B`` *before* those of ``A``. > This is now fixed and means that in classes that employ multiple inheritance, the output of ``__repr__`` and the order of positional arguments in ``__init__`` changes. > Due to the nature of this bug, a proper deprecation cycle was unfortunately impossible. > Generally speaking, it's advisable to prefer ``kwargs``-based initialization anyways – *especially* if you employ multiple inheritance and diamond-shaped hierarchies. > `298 <https://github.com/python-attrs/attrs/issues/298>`_, > `299 <https://github.com/python-attrs/attrs/issues/299>`_, > `304 <https://github.com/python-attrs/attrs/issues/304>`_ >- The ``__repr__`` set by ``attrs`` > no longer produces an ``AttributeError`` > when the instance is missing some of the specified attributes > (either through deleting > or after using ``init=False`` on some attributes). > This can break code > that relied on ``repr(attr_cls_instance)`` raising ``AttributeError`` > to check if any attr-specified members were unset. > If you were using this, > you can implement a custom method for checking this:: > def has_unset_members(self): > for field in attr.fields(type(self)): > try: > getattr(self, field.name) > except AttributeError: > return True > return False > `308 <https://github.com/python-attrs/attrs/issues/308>`_ >Deprecations >^^^^^^^^^^^^ >- The ``attr.ib(convert=callable)`` option is now deprecated in favor of ``attr.ib(converter=callable)``. > This is done to achieve consistency with other noun-based arguments like *validator*. > *convert* will keep working until at least January 2019 while raising a ``DeprecationWarning``. > `307 <https://github.com/python-attrs/attrs/issues/307>`_ >Changes >^^^^^^^ >- Generated ``__hash__`` methods now hash the class type along with the attribute values. > Until now the hashes of two classes with the same values were identical which was a bug. > The generated method is also *much* faster now. > `261 <https://github.com/python-attrs/attrs/issues/261>`_, > `295 <https://github.com/python-attrs/attrs/issues/295>`_, > `296 <https://github.com/python-attrs/attrs/issues/296>`_ >- ``attr.ib``\ ’s ``metadata`` argument now defaults to a unique empty ``dict`` instance instead of sharing a common empty ``dict`` for all. > The singleton empty ``dict`` is still enforced. > `280 <https://github.com/python-attrs/attrs/issues/280>`_ >- ``ctypes`` is optional now however if it's missing, a bare ``super()`` will not work in slots classes. > This should only happen in special environments like Google App Engine. > `284 <https://github.com/python-attrs/attrs/issues/284>`_, > `286 <https://github.com/python-attrs/attrs/issues/286>`_ >- The attribute redefinition feature introduced in 17.3.0 now takes into account if an attribute is redefined via multiple inheritance. > In that case, the definition that is closer to the base of the class hierarchy wins. > `285 <https://github.com/python-attrs/attrs/issues/285>`_, > `287 <https://github.com/python-attrs/attrs/issues/287>`_ >- Subclasses of ``auto_attribs=True`` can be empty now. > `291 <https://github.com/python-attrs/attrs/issues/291>`_, > `292 <https://github.com/python-attrs/attrs/issues/292>`_ >- Equality tests are *much* faster now. > `306 <https://github.com/python-attrs/attrs/issues/306>`_ >- All generated methods now have correct ``__module__``, ``__name__``, and (on Python 3) ``__qualname__`` attributes. > `309 <https://github.com/python-attrs/attrs/issues/309>`_ >---- That's it for now! Happy merging! 🤖
bors-fusion bot
added a commit
that referenced
this pull request
Mar 11, 2018
126: Scheduled weekly dependency update for week 09 r=mithrandi a=pyup-bot ## Updates Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need. <table align="center"> <tr> <td><b>cffi</b></td> <td align="center">1.11.4</td> <td align="center">»</td> <td align="center">1.11.5</td> <td> <a href="https://pypi.python.org/pypi/cffi">PyPI</a> | <a href="https://pyup.io/changelogs/cffi/">Changelog</a> | <a href="http://cffi.readthedocs.org">Docs</a> </td> <tr> <td><b>packaging</b></td> <td align="center">16.8</td> <td align="center">»</td> <td align="center">17.1</td> <td> <a href="https://pypi.python.org/pypi/packaging">PyPI</a> | <a href="https://pyup.io/changelogs/packaging/">Changelog</a> | <a href="https://github.com/pypa/packaging">Repo</a> </td> </tr> </table> ## Changelogs ### cffi 1.11.4 -> 1.11.5 >### 1.11.5 >======= >* `Issue 357`_: fix ``ffi.emit_python_code()`` which generated a buggy > Python file if you are using a ``struct`` with an anonymous ``union`` > field or vice-versa. >* Windows: ``ffi.dlopen()`` should now handle unicode filenames. >* ABI mode: implemented ``ffi.dlclose()`` for the in-line case (it used > to be present only in the out-of-line case). >* Fixed a corner case for ``setup.py install --record=xx --root=yy`` > with an out-of-line ABI module. Also fixed `Issue 345`_. >* More hacks on Windows for running CFFI's own ``setup.py``. >* `Issue 358`_: in embedding, to protect against (the rare case of) > Python initialization from several threads in parallel, we have to use > a spin-lock. On CPython 3 it is worse because it might spin-lock for > a long time (execution of ``Py_InitializeEx()``). Sadly, recent > changes to CPython make that solution needed on CPython 2 too. >* CPython 3 on Windows: we no longer compile with ``Py_LIMITED_API`` > by default because such modules cannot be used with virtualenv. > `Issue 350`_ mentions a workaround if you still want that and are not > concerned about virtualenv: pass a ``define_macros=[("Py_LIMITED_API", > None)]`` to the ``ffibuilder.set_source()`` call. >.. _`Issue 345`: https://bitbucket.org/cffi/cffi/issues/345/ >.. _`Issue 350`: https://bitbucket.org/cffi/cffi/issues/350/ >.. _`Issue 358`: https://bitbucket.org/cffi/cffi/issues/358/ >.. _`Issue 357`: https://bitbucket.org/cffi/cffi/issues/357/ ### packaging 16.8 -> 17.1 >### 17.1 >~~~~~~~~~~~~~~~~~ >* Fix ``utils.canonicalize_version`` when supplying non PEP 440 versions. >### 17.0 >~~~~~~~~~~~~~~~~~ >* Drop support for python 2.6, 3.2, and 3.3. >* Define minimal pyparsing version to 2.0.2 (:issue:`91`). >* Add ``epoch``, ``release``, ``pre``, ``dev``, and ``post`` attributes to > ``Version`` and ``LegacyVersion`` (:issue:`34`). >* Add ``Version().is_devrelease`` and ``LegacyVersion().is_devrelease`` to > make it easy to determine if a release is a development release. >* Add ``utils.canonicalize_version`` to canonicalize version strings or > ``Version`` instances (:issue:`121`). That's it for now! Happy merging! 🤖
bors-fusion bot
added a commit
that referenced
this pull request
Apr 5, 2018
129: Scheduled weekly dependency update for week 13 r=mithrandi a=pyup-bot ### Update [cryptography](https://pypi.python.org/pypi/cryptography) from **2.1.4** to **2.2.2**. <details> <summary>Changelog</summary> ### 2.2.1 ``` ~~~~~~~~~~~~~~~~~~ * Reverted a change to ``GeneralNames`` which prohibited having zero elements, due to breakages. * Fixed a bug in :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` that caused it to raise ``InvalidUnwrap`` when key length modulo 8 was zero. .. _v2-2: ``` ### 2.2 ``` ~~~~~~~~~~~~~~~~ * **BACKWARDS INCOMPATIBLE:** Support for Python 2.6 has been dropped. * Resolved a bug in ``HKDF`` that incorrectly constrained output size. * Added :class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP256R1`, :class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP384R1`, and :class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP512R1` to support inter-operating with systems like German smart meters. * Added token rotation support to :doc:`Fernet </fernet>` with :meth:`~cryptography.fernet.MultiFernet.rotate`. * Fixed a memory leak in :func:`~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key`. * Added support for AES key wrapping with padding via :func:`~cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding` and :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` . * Allow loading DSA keys with 224 bit ``q``. .. _v2-1-4: ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.python.org/pypi/cryptography - Changelog: https://pyup.io/changelogs/cryptography/ - Repo: https://github.com/pyca/cryptography </details> ### Update [lxml](https://pypi.python.org/pypi/lxml) from **4.1.1** to **4.2.1**. <details> <summary>Changelog</summary> ### 4.2.1 ``` ================== Bugs fixed ---------- * LP1755825: ``iterwalk()`` failed to return the 'start' event for the initial element if a tag selector is used. * LP1756314: Failure to import 4.2.0 into PyPy due to a missing library symbol. * LP1727864, GH258: Add "-isysroot" linker option on MacOS as needed by XCode 9. ``` ### 4.2.0 ``` ================== Features added -------------- * GH255: ``SelectElement.value`` returns more standard-compliant and browser-like defaults for non-multi-selects. If no option is selected, the value of the first option is returned (instead of None). If multiple options are selected, the value of the last one is returned (instead of that of the first one). If no options are present (not standard-compliant) ``SelectElement.value`` still returns ``None``. * GH261: The ``HTMLParser()`` now supports the ``huge_tree`` option. Patch by stranac. Bugs fixed ---------- * LP1551797: Some XSLT messages were not captured by the transform error log. * LP1737825: Crash at shutdown after an interrupted iterparse run with XMLSchema validation. Other changes ------------- ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.python.org/pypi/lxml - Changelog: https://pyup.io/changelogs/lxml/ - Homepage: http://lxml.de/ - Bugtracker: https://bugs.launchpad.net/lxml </details>
bors-fusion bot
added a commit
that referenced
this pull request
May 9, 2018
133: Scheduled weekly dependency update for week 18 r=mithrandi a=pyup-bot ### Update [attrs](https://pypi.org/project/attrs) from **17.4.0** to **18.1.0**. <details> <summary>Changelog</summary> ### 18.1.0 ``` ------------------- Changes ^^^^^^^ - ``x=X(); x.cycle = x; repr(x)`` will no longer raise a ``RecursionError``, and will instead show as ``X(x=...)``. `95 <https://github.com/python-attrs/attrs/issues/95>`_ - ``attr.ib(factory=f)`` is now syntactic sugar for the common case of ``attr.ib(default=attr.Factory(f))``. `178 <https://github.com/python-attrs/attrs/issues/178>`_, `356 <https://github.com/python-attrs/attrs/issues/356>`_ - Added ``attr.field_dict()`` to return an ordered dictionary of ``attrs`` attributes for a class, whose keys are the attribute names. `290 <https://github.com/python-attrs/attrs/issues/290>`_, `349 <https://github.com/python-attrs/attrs/issues/349>`_ - The order of attributes that are passed into ``attr.make_class()`` or the ``these`` argument of ``attr.s()`` is now retained if the dictionary is ordered (i.e. ``dict`` on Python 3.6 and later, ``collections.OrderedDict`` otherwise). Before, the order was always determined by the order in which the attributes have been defined which may not be desirable when creating classes programatically. `300 <https://github.com/python-attrs/attrs/issues/300>`_, `339 <https://github.com/python-attrs/attrs/issues/339>`_, `343 <https://github.com/python-attrs/attrs/issues/343>`_ - In slotted classes, ``__getstate__`` and ``__setstate__`` now ignore the ``__weakref__`` attribute. `311 <https://github.com/python-attrs/attrs/issues/311>`_, `326 <https://github.com/python-attrs/attrs/issues/326>`_ - Setting the cell type is now completely best effort. This fixes ``attrs`` on Jython. We cannot make any guarantees regarding Jython though, because our test suite cannot run due to dependency incompatabilities. `321 <https://github.com/python-attrs/attrs/issues/321>`_, `334 <https://github.com/python-attrs/attrs/issues/334>`_ - If ``attr.s`` is passed a *these* argument, it will not attempt to remove attributes with the same name from the class body anymore. `322 <https://github.com/python-attrs/attrs/issues/322>`_, `323 <https://github.com/python-attrs/attrs/issues/323>`_ - The hash of ``attr.NOTHING`` is now vegan and faster on 32bit Python builds. `331 <https://github.com/python-attrs/attrs/issues/331>`_, `332 <https://github.com/python-attrs/attrs/issues/332>`_ - The overhead of instantiating frozen dict classes is virtually eliminated. `336 <https://github.com/python-attrs/attrs/issues/336>`_ - Generated ``__init__`` methods now have an ``__annotations__`` attribute derived from the types of the fields. `363 <https://github.com/python-attrs/attrs/issues/363>`_ - We have restructured the documentation a bit to account for ``attrs``' growth in scope. Instead of putting everything into the `examples <http://www.attrs.org/en/stable/examples.html>`_ page, we have started to extract narrative chapters. So far, we've added chapters on `initialization <http://www.attrs.org/en/stable/init.html>`_ and `hashing <http://www.attrs.org/en/stable/hashing.html>`_. Expect more to come! `369 <https://github.com/python-attrs/attrs/issues/369>`_, `370 <https://github.com/python-attrs/attrs/issues/370>`_ ---- ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/attrs - Changelog: https://pyup.io/changelogs/attrs/ - Homepage: http://www.attrs.org/ </details> ### Update [twisted[tls]](https://pypi.org/project/twisted) from **17.9.0** to **18.4.0**. <details> <summary>Changelog</summary> ### 18.4.0 ``` =========================== Features -------- - The --port/--https arguments to web plugin are now deprecated, in favor of --listen. The --listen argument can be given multiple times to listen on multiple ports. (6670) - Twisted now requires zope.interface 4.4.2 or higher across all platforms and Python versions. (8149) - The osx_platform setuptools extra has been renamed to macos_platform, with the former name being a compatibility alias. (8848) - Zsh completions are now provided for the twist command. (9338) - twisted.internet.endpoints.HostnameEndpoint now has a __repr__ method which includes the host and port to which the endpoint connects. (9341) Bugfixes -------- - twistd now uses the UID's default GID to initialize groups when --uid is given but --gid is not. This prevents an unhandled TypeError from being raised when os.initgroups() is called. (4442) - twisted.protocols.basic.LineReceiver checks received lines' lengths against its MAX_LENGTH only after receiving a complete delimiter. A line ending in a multi-byte delimiter like '\r\n' might be split by the network, with the first part arriving before the rest; previously, LineReceiver erroneously disconnected if the first part, e.g. 'zzzz....\r' exceeded MAX_LENGTH. LineReceiver now checks received data against MAX_LENGTH plus the delimiter's length, allowing short reads to complete a line. (6556) - twisted.protocols.basic.LineOnlyReceiver disconnects the transport after receiving a line that exceeds MAX_LENGTH, like LineReceiver. (6557) - twisted.web.http.Request.getClientIP now returns the host part of the client's address when connected over IPv6. (7704) - twisted.application.service.IService is now documented as requiring the 'running', 'name' and 'parent' attributes (the documentation previously implied they were required, but was unclear). (7922) - twisted.web.wsgi.WSGIResource no longer raises an exception when a client connects over IPv6. (8241) - When using TLS enable automatic ECDH curve selection on OpenSSL 1.0.2+ instead of only supporting P-256 (9210) - twisted.trial._dist.worker and twisted.trial._dist.workertrial consistently pass bytes, not unicode to AMP. This fixes "trial -j" on Python 3. (9264) - twisted.trial.runner now uses the 'importlib' module instead of the 'imp' module on Python 3+. This eliminates DeprecationWarnings caused by importing 'imp' on Python 3. (9275) - twisted.web.client.HTTP11ClientProtocol now closes the connection when the server is sending a header line which is longer than he line limit of twisted.protocols.basic.LineReceiver.MAX_LENGTH. (9295) - twisted.python.failure now handles long stacktraces better; in particular it will log tracebacks for stack overflow errors. (9301) - The "--_shell-completion" argument to twistd now works on Python 3. (9303) - twisted.python.failure.Failure now raises the wrapped exception in Python3, and self (Failure) n Python2 when trap() is called without a matching exception (9307) - Writing large amounts of data no longer implies repeated, expensive copying under Python 3. Python 3's write speeds are now as fast as Python 2's. (9324) - twisted.protocols.postfix now properly encodes errors which are unicode strings to bytes. (9335) - twisted.protocols.policies.ProtocolWrapper and twisted.protocols.tls.TLSMemoryBIOProtocol no longer create circular references that keep protocol instances in memory after connection is closed. (9374) - twisted.conch.ssh.transport.SSHTransportBase no longer strips trailing spaces from the SSH version string of the connected peer. (9377) - `trial -j` no longer crashes on Python 2 on test failure messages containing non-ASCII bytes. (9378) - RSA keys replaced with 2048bit ones in twisted.conch.test.keydata in order to be compatible with OpenSSH 7.6. (9388) - AsyncioSelectorReactor uses the global policy's event loop. asyncio libraries that retrieve the running event loop with get_event_loop() will now receive the one used by AsyncioSelectorReactor. (9390) Improved Documentation ---------------------- - public attributes of `twisted.logger.Logger` are now documented as attributes. (8157) - List indentation formatting errors have been corrected throughout the documentation. (9256) Deprecations and Removals ------------------------- - twisted.protocols.basic.LineOnlyReceiver.lineLengthExceeded no longer returns twisted.internet.error.ConnectionLost. It instead directly disconnects the transport and returns None. (6557) - twisted.python.win32.getProgramsMenuPath and twisted.python.win32.getProgramFilesPath were deprecated in Twisted 15.3.0 and have now been removed. (9312) - Python 3.3 is no longer supported. (9352) Misc ---- - 7033, 8887, 9204, 9289, 9291, 9292, 9293, 9302, 9336, 9355, 9356, 9364, 9375, 9381, 9382, 9389, 9391, 9393, 9394, 9396 Conch ----- Bugfixes ~~~~~~~~ - twisted.plugins.cred_unix now properly converts a username and password from bytes to str on Python 3. In addition, passwords which are encrypted with SHA512 and SH256 are properly verified. This fixes running a conch server with: "twistd -n conch -d /etc/ssh/ --auth=unix". (9130) - In twisted.conch.scripts.conch, on Python 3 do not write bytes directly to sys.stderr. On Python 3, this fixes remote SSH execution of a command which fails. (9344) Deprecations and Removals ~~~~~~~~~~~~~~~~~~~~~~~~~ - twisted.conch.ssh.filetransfer.FileTransferClient.wasAFile attribute has been removed as it serves no purpose. (9362) - Removed deprecated support for PyCrypto key objects in conch (9368) Web --- Features ~~~~~~~~ - The new twisted.iweb.IRequest.getClientAddress returns the IAddress provider representing the client's address. Callers should check the type of the returned value before using it. (7707) - Eliminate use of twisted.python.log in twisted.web modules. (9280) Bugfixes ~~~~~~~~ - Scripts ending with .rpy, .epy, and .cgi now execute properly in Twisted Web on Python 3. (9271) - twisted.web.http.Request and twisted.web.server.Request are once again hashable on Python 2, fixing a regression introduced in Twisted 17.5.0. (9314) Improved Documentation ~~~~~~~~~~~~~~~~~~~~~~ - Correct reactor docstrings for twisted.web.client.Agent and twisted.web.client._StandardEndpointFactory to communicate interface requirements since 17.1. (9274) - The examples for the "Twisted Web in 60 Seconds" tutorial have been fixed to work on Python 3. (9285) Deprecations and Removals ~~~~~~~~~~~~~~~~~~~~~~~~~ - twisted.iweb.IRequest.getClientIP is deprecated. Use twisted.iweb.IRequest.getClientAddress instead (see 7707). (7705) - twisted.web.iweb.IRequest.getClient and its implementations (deprecated in 2552) have been removed. (9395) Mail ---- Bugfixes ~~~~~~~~ - twistd.mail.scripts.mailmail has been ported to Python 3. (8487) - twisted.mail.bounce now works on Python 3. (9260) - twisted.mail.pop3 and twisted.mail.pop3client now work on Python 3. (9269) - SMTP authentication in twisted.mail.smtp now works better on Python 3, due to improved improved bytes vs unicode handling. (9299) Misc ~~~~ - 9310 Words ----- No significant changes. Names ----- No significant changes. ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/twisted - Changelog: https://pyup.io/changelogs/twisted/ - Homepage: http://twistedmatrix.com/ - Bugtracker: https://twistedmatrix.com/trac/ </details> ### Update [zope.interface](https://pypi.org/project/zope.interface) from **4.4.3** to **4.5.0**. <details> <summary>Changelog</summary> ### 4.5.0 ``` ------------------ - Drop support for 3.3, avoid accidental dependence breakage via setup.py. See `PR 110 <https://github.com/zopefoundation/zope.interface/pull/110>`_. - Allow registering and unregistering instance methods as listeners. See `issue 12 <https://github.com/zopefoundation/zope.interface/issues/12>`_ and `PR 102 <https://github.com/zopefoundation/zope.interface/pull/102>`_. - Synchronize and simplify zope/__init__.py. See `issue 114 <https://github.com/zopefoundation/zope.interface/issues/114>`_ ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/zope.interface - Changelog: https://pyup.io/changelogs/zope.interface/ - Repo: https://github.com/zopefoundation/zope.interface </details>
bors-fusion bot
added a commit
that referenced
this pull request
Jul 23, 2018
143: Scheduled weekly dependency update for week 29 r=mithrandi a=pyup-bot ### Update [cryptography](https://pypi.org/project/cryptography) from **2.2.2** to **2.3**. <details> <summary>Changelog</summary> ### 2.3 ``` ~~~~~~~~~~~~~~~~ * **SECURITY ISSUE:** :meth:`~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag` allowed tag truncation by default which can allow tag forgery in some cases. The method now enforces the ``min_tag_length`` provided to the :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` constructor. * Added support for Python 3.7. * Added :meth:`~cryptography.fernet.Fernet.extract_timestamp` to get the authenticated timestamp of a :doc:`Fernet </fernet>` token. * Support for Python 2.7.x without ``hmac.compare_digest`` has been deprecated. We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next ``cryptography`` release. * Fixed multiple issues preventing ``cryptography`` from compiling against LibreSSL 2.7.x. * Added :class:`~cryptography.x509.CertificateRevocationList.get_revoked_certificate_by_serial_number` for quick serial number searches in CRLs. * The :class:`~cryptography.x509.RelativeDistinguishedName` class now preserves the order of attributes. Duplicate attributes now raise an error instead of silently discarding duplicates. * :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap` and :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` now raise :class:`~cryptography.hazmat.primitives.keywrap.InvalidUnwrap` if the wrapped key is an invalid length, instead of ``ValueError``. .. _v2-2-2: ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/cryptography - Changelog: https://pyup.io/changelogs/cryptography/ - Repo: https://github.com/pyca/cryptography </details> ### Update [twisted[tls]](https://pypi.org/project/twisted) from **18.4.0** to **18.7.0**. <details> <summary>Changelog</summary> ### 18.7.0 ``` =========================== Features -------- - Cancelling a Deferred returned by twisted.internet.defer.inlineCallbacks now cancels the Deferred it is waiting on. (4632) - twisted.application.internet.ClientService now accepts a function to initialize or validate a connection before it is returned by the whenConnected method as the prepareConnection argument. (8375) - Traceback generated for twisted.internet.defer.inlineCallbacks now includes the full stack of inlineCallbacks generators between catcher and raiser (before it only contained raiser's stack). (9176) - Add optional cwd argument to twisted.runner.procmon.ProcMon.addProcess (9287) - twisted.python.failure.Failure tracebacks generated by coroutines scheduled with twisted.internet.defer.ensureDeferred - i.e. any Deferred-awaiting coroutine - now contain fewer extraneous frames from the trampoline implementation, and correctly indicate the source of exceptions raised in other call stacks - i.e. the function that raised the exception. In other words: if you 'await' a function that raises an exception, you'll be able to see where the error came from. (9459) Bugfixes -------- - On UNIX-like platforms, Twisted attempts to recover from EMFILE when accepting connections on TCP and UNIX ports by shedding incoming clients. (5368) - The documentation of IReactorTime.getDelayedCalls() has been corrected to indicate that the method returns a list, not a tuple. (9418) - "python -m twisted web --help" now refers to "--listen" instead of the non-existing "--http" (9434) - twisted.python.htmlizer.TokenPrinter now explicitly works on bytestrings. (9442) - twisted.enterprise.adbapi.ConnectionPool.runWithConnection and runInteraction now use the reactor that is passed to ConnectionPool's constructor. (9467) Improved Documentation ---------------------- - The Twisted Coding Standard now contains examples of how to mark up a feature as added in the next Twisted release. (9460) Deprecations and Removals ------------------------- - Deprecate direct introspection of ProcMon's processes: processes should not be directly accessed or pickled. (9287) - twisted.internet.address.IPv4Address._bwHack and twisted.internet.address.UNIXAddress._bwHack, as well as the parameters to the constructors, deprecated since Twisted 11.0, have been removed. (9450) Misc ---- - 7495, 9399, 9406, 9411, 9425, 9439, 9449, 9450, 9452 Conch ----- Features ~~~~~~~~ - twisted.conch.ssh.transport.SSHTransportBase now includes Twisted's version in the software version string it sends to the server, allowing servers to apply compatibility workarounds for bugs in particular client versions. (9424) Bugfixes ~~~~~~~~ - If the command run by twisted.conch.endpoints.SSHCommandClientEndpoint exits because of a delivered signal, the client protocol's connectionLost is now called with a ProcessTerminated exception instead of a ConnectionDone exception. (9412) - twisted.conch.ssh.transport.SSHTransportBase now correctly handles MSG_DEBUG with a false alwaysDisplay field on Python 2 (broken since 8.0.0). (9422) - twisted.conch.manhole.lastColorizedLine now does not throw a UnicodeDecodeError on non-ASCII input. (9442) Web --- Features ~~~~~~~~ - Added support for SameSite cookies in ``http.Request.addCookie``. (9387) Bugfixes ~~~~~~~~ - twisted.web.server.GzipEncoderFactory would sometimes fail to gzip requests if the Accept-Encoding header contained whitespace between the comma-separated acceptable encodings. It now trims whitespace before checking if gzip is an acceptable encoding. (9086) - twisted.web.static.File renders directory listings on Python 2, including those with text paths. (9438) - twisted.python.http.Request now correcly parses multipart bodies on Python 3.7. (9448) - twisted.web.http.combinedLogFormatter (used by t.w.http.Server and t.w.server.Site) no longer produces DeprecationWarning about Request.getClientIP. (9470) Misc ~~~~ - 9432, 9466, 9479, 9480 Mail ---- No significant changes. Words ----- No significant changes. Names ----- Misc ~~~~ - 9398 ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/twisted - Changelog: https://pyup.io/changelogs/twisted/ - Homepage: http://twistedmatrix.com/ - Bugtracker: https://twistedmatrix.com/trac/ </details> Co-authored-by: pyup-bot <github-bot@pyup.io>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change is