Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump chardet from 4.0.0 to 5.2.0 in /tools/deps #4054

Merged
merged 1 commit into from
May 20, 2024
Merged

Bump chardet from 4.0.0 to 5.2.0 in /tools/deps #4054

merged 1 commit into from
May 20, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 2, 2023
edited

Bumps chardet from 4.0.0 to 5.2.0.

Release notes

Sourced from chardet's releases.

chardet 5.2.0

Adds support for running chardet CLI via python -m chardet (0e9b7bc20366163efcc221281201baff4100fe19, @​dan-blanchard)

chardet 5.1.0

Features

  • Add should_rename_legacy argument to most functions, which will rename older encodings to their more modern equivalents (e.g., GB2312 becomes GB18030) (#264, @​dan-blanchard)
  • Add capital letter sharp S and ISO-8859-15 support (#222, @​SimonWaldherr)
  • Add a prober for MacRoman encoding (#5 updated as c292b52a97e57c95429ef559af36845019b88b33, Rob Speer and @​dan-blanchard )
  • Add --minimal flag to chardetect command (#214, @​dan-blanchard)
  • Add type annotations to the project and run mypy on CI (#261, @​jdufresne)
  • Add support for Python 3.11 (#274, @​hugovk)

Fixes

Misc changes

chardet 5.0.0

⚠️ This release is the first release of chardet that no longer supports Python < 3.6 ⚠️

In addition to that change, it features the following user-facing changes:

  • Added a prober for Johab Korean (#207, @​grizlupo)
  • Added a prober for UTF-16/32 BE/LE (#109, #206, @​jpz)
  • Added test data for Croatian, Czech, Hungarian, Polish, Slovak, Slovene, Greek, and Turkish, which should help prevent future errors with those languages
  • Improved XML tag filtering, which should improve accuracy for XML files (#208)
  • Tweaked SingleByteCharSetProber confidence to match latest uchardet (#209)
  • Made detect_all return child prober confidences (#210)
  • Updated examples in docs (#223, @​domdfcoding)
  • Documentation fixes (#212, #224, #225, #226, #220, #221, #244 from too many to mention)
  • Minor performance improvements (#252, @​deedy5)
  • Add support for Python 3.10 when testing (#232, @​jdufresne)
  • Lots of little development cycle improvements, mostly thanks to @​jdufresne
Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot mentioned this pull request Aug 2, 2023
Closed
@CLAassistant
Copy link

CLAassistant commented Aug 2, 2023
edited

CLA assistant check
All committers have signed the CLA.

@codecov
Copy link

codecov bot commented Aug 2, 2023
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 49.16%. Comparing base (81d7886) to head (d3ce021).
Report is 3 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4054      +/-   ##
==========================================
- Coverage   49.17%   49.16%   -0.01%     
==========================================
  Files          94       94              
  Lines       15681    15681              
==========================================
- Hits         7711     7710       -1     
- Misses       7970     7971       +1
Flag Coverage Δ
functional 38.00% <ø> (ø)
integration 2.06% <ø> (ø)
unit 37.61% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@poojadaine
Copy link
Contributor

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/pip/tools/deps/chardet-5.2.0 branch from 9f6cdce to 25962d0 Compare March 13, 2024 09:01
@poojadaine
Copy link
Contributor

@dependabot rebase

@dependabot
Bump chardet from 4.0.0 to 5.2.0 in /tools/deps
d3ce021 
Bumps [chardet](https://github.com/chardet/chardet) from 4.0.0 to 5.2.0.
- [Release notes](https://github.com/chardet/chardet/releases)
- [Commits](chardet/chardet@4.0.0...5.2.0)

---
updated-dependencies:
- dependency-name: chardet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/tools/deps/chardet-5.2.0 branch from 25962d0 to d3ce021 Compare March 19, 2024 06:39
@swetayadav1 swetayadav1 changed the base branch from master to dependabot/pip/tools/deps/tox-4.15.0 May 20, 2024 09:58
@swetayadav1 swetayadav1 merged commit 6899de3 into dependabot/pip/tools/deps/tox-4.15.0 May 20, 2024
15 of 16 checks passed
@swetayadav1 swetayadav1 deleted the dependabot/pip/tools/deps/chardet-5.2.0 branch May 20, 2024 09:58
swetayadav1 added a commit that referenced this pull request Jul 4, 2024
@swetayadav1 @dependabot @nuxeodrive
NXDRIVE-2933: Fix ReDoS in py library when used with subversion (#4908)
1c86642 
* Bump tox from 3.24.5 to 4.15.0 in /tools/deps

* Bump pluggy from 1.4.0 to 1.5.0 in /tools/deps (#4866)
* Bump py-cpuinfo from 8.0.0 to 9.0.0 in /tools/deps (#3677)
* Bump pytest-cov from 4.1.0 to 5.0.0 in /tools/deps (#4732)
* Bump pytest-timeout from 2.2.0 to 2.3.1 in /tools/deps (#4679)
* Bump pytest-benchmark from 3.4.1 to 4.0.0 in /tools/deps (#4072)
* Bump pytest from 7.4.4 to 8.2.1 in /tools/deps (#4888)
* Bump filelock from 3.12.4 to 3.14.0 in /tools/deps (#4833)
* Bump virtualenv from 20.4.7 to 20.26.2 in /tools/deps (#4887)
* Bump chardet from 4.0.0 to 5.2.0 in /tools/deps (#4054)
* Bump py from 1.10.0 to 1.11.0 in /tools/deps (#3676)
* Bump platformdirs from 4.2.0 to 4.2.2 in /tools/deps (#4894)

* NXDRIVE-2936: Fix security issue Requests Session object does not verify requests after making first request with verify=False (#4924)

* NXDRIVE-2928: Fix security issue IDNA vulnerable to denial of service from specially crafted inputs to idna.encode (#4865)
---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub-CI action (Release) <drive@hyland.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@mr-shekhar mr-shekhar

Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@CLAassistant @poojadaine @mr-shekhar @swetayadav1