Skip to content

Bump ijson from 3.3.0 to 3.4.0 #191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mb-jp merged 1 commit into from
May 8, 2025
Merged

Bump ijson from 3.3.0 to 3.4.0 #191

mb-jp merged 1 commit into from
May 8, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 8, 2025
edited
Loading

Bumps ijson from 3.3.0 to 3.4.0.

Changelog

Sourced from ijson's changelog.

[3.4.0]

  • Added support for PEP 489 multi-phase initialisation and per-module state for our C extension, allowing us to support sub-interpreters with per-interpreter GIL.
  • Advertise support for free-threading python mode.
  • Removed support for Python < 3.9.
  • Enhanced generators so they yield all possible results to users before errors are raised (#123).
  • Added ijson.ALL_BACKENDS constant listing all supported backends (which might or not be available at runtime).
  • Added a capabilities constant to each backend describing which capabilities it supports.
  • Exposing backend's name under <backend>.backend_name, and default backend's name under ijson.backend_name. This is similar to the already existing name constant, only slightly better named to hopefully avoid confusion.
  • Restructured source code so all code lives under src/, and the ijson.backends._yajl2 extension under src/ijson/backends/ext/_yajl2. This allows C backend tests to actually run on cibuildwheel.
  • Improved performance of parse routine in C backend by ~4%.
  • Fixed several potential stability issues in C backend around correct error handling.
  • Fixed corner-case wrong behaviour of yajl2_c backend, which didn't work correctly with user-provided event names.
  • Pointing to our own fork of yajl (for when we build it ourselves) that contains fixes for all known CVEs (#126).
  • Removed leftover compatibility bits in the C backend.
  • Fixed potential issue with yajl and yajl2 backends where crashes could occur at interpreter shutdown.
  • Removed tox.
  • Moved static project metadata to pyproject.toml.
Commits
  • 36701be Release ijson 3.4.0
  • cfb044a Modernize packaging (#138)
  • 044cf9b Bump pypa/cibuildwheel from 2.23.2 to 2.23.3 (#140)
  • 81e24b4 Allow building embedded yajl with cmake 4.0
  • b3f9647 Bump pypa/cibuildwheel from 2.23.1 to 2.23.2 (#137)
  • d8fd6d2 Bump pypa/cibuildwheel from 2.23.0 to 2.23.1 (#134)
  • caebc6f Bump pypa/cibuildwheel from 2.22.0 to 2.23.0 (#133)
  • 698b114 Downgrade to ubuntu-22.04 to avoid gcc segfault
  • 9f28dc0 Allow certain branches to trigger a full CI build
  • 901fd3b Add custom event name interning to yajl2_c
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 8, 2025
@mb-jp
Copy link
Contributor

mb-jp commented May 8, 2025

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/pip/ijson-3.4.0 branch from 5389abd to 59ddbca Compare May 8, 2025 08:54
@dependabot
Bump ijson from 3.3.0 to 3.4.0
44b594e 
Bumps [ijson](https://github.com/ICRAR/ijson) from 3.3.0 to 3.4.0.
- [Changelog](https://github.com/ICRAR/ijson/blob/master/CHANGELOG.md)
- [Commits](ICRAR/ijson@v3.3.0...v3.4.0)

---
updated-dependencies:
- dependency-name: ijson
  dependency-version: 3.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/ijson-3.4.0 branch from 59ddbca to 44b594e Compare May 8, 2025 09:10
@mb-jp mb-jp merged commit 9d29a48 into main May 8, 2025
2 checks passed
@dependabot dependabot bot deleted the dependabot/pip/ijson-3.4.0 branch May 8, 2025 09:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mb-jp