Scheduled weekly dependency update for week 35

[pyup-bot]

Update certifi from 2023.5.7 to 2023.7.22.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/certifi
• Repo: https://github.com/certifi/python-certifi

Update charset-normalizer from 3.1.0 to 3.2.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/charset-normalizer
• Repo: https://github.com/Ousret/charset_normalizer

Update docutils from 0.19 to 0.20.1.

Changelog

0.20.1

===========================

Bugfix release. See HISTORY_ for details.

0.20

=========================

.. Note::

Docutils 0.20 is the last version supporting Python 3.7 and 3.8.

* General

- Support Python 3.11 (patch 198 by Hugo van Kemenade).

* Output changes:

HTML5:
 Use dpub-ARIA role "doc-footnote" (instead of ARIA role "note")
 for footnotes.

LaTeX:
 Do not load the `inputenc` package in UTF-8 encoded LaTeX sources.
 (UTF-8 is the default encoding for LaTeX2e since 2018).

* Configuration changes:

- Settings in the [latex2e writer] configuration file section
 are now ignored by the "xetex" writer.
 Place common settings in section `[latex writers]`_.

 .. _[latex writers]: docs/user/config.htmllatex-writers

- New command line setting output_. Obsoletes the ``<destination>``
 positional argument (cf. `future changes`__).

 __ `command-line usage pattern`_

* `utils.find_file_in_dirs()` now returns a POSIX path also on Windows;
`utils.get_stylesheet_list()` no longer converts ``\`` to ``/``.

* docutils/languages/
docutils/parsers/rst/languages/

- Support Ukrainian. Patch by Dmytro Kazanzhy.

* test/coverage.sh

- Removed. Use the coverage.py_ project instead,
 ``coverage run test/alltests.py`` and ``coverage report``.

.. _coverage.py: https://pypi.org/project/coverage/

* tools/

- Moved ``quicktest.py`` to ``tools/dev/``.

* Bugfixes and improvements (see HISTORY_).

.. _output: docs/user/config.htmloutput

Links

• PyPI: https://pypi.org/project/docutils
• Changelog: https://pyup.io/changelogs/docutils/
• Homepage: https://docutils.sourceforge.io/

Update MarkupSafe from 2.1.2 to 2.1.3.

Changelog

2.1.3

-------------

Unreleased

-   Implement ``format_map``, ``casefold``, ``removeprefix``, and ``removesuffix``
 methods. :issue:`370`
-   Fix static typing for basic ``str`` methods on ``Markup``. :issue:`358`

Links

• PyPI: https://pypi.org/project/markupsafe
• Changelog: https://pyup.io/changelogs/markupsafe/
• Homepage: https://palletsprojects.com/p/markupsafe/

Update Pygments from 2.15.1 to 2.16.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pygments

Update requests from 2.30.0 to 2.31.0.

Changelog

2.31.0

-------------------

**Security**
- Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of `Proxy-Authorization` headers to destination servers when
following HTTPS redirects.

When proxies are defined with user info (https://user:passproxy:8080), Requests
will construct a `Proxy-Authorization` header that is attached to the request to
authenticate with the proxy.

In cases where Requests receives a redirect response, it previously reattached
the `Proxy-Authorization` header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are *strongly* encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.

Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.

Full details can be read in our [Github Security Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q)
and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681).

Links

• PyPI: https://pypi.org/project/requests
• Changelog: https://pyup.io/changelogs/requests/
• Docs: https://requests.readthedocs.io

Update Sphinx from 7.0.0 to 7.2.4.

Changelog

7.2.4

=====================================

Bugs fixed
----------

* 11618: Fix a regression in the MoveModuleTargets transform,
introduced in 10478 (9662).
* 11649: linkcheck: Fix conversions from UTC to UNIX time
for timezones west of London.

7.2.3

=====================================

Dependencies
------------

* 11576: Require sphinxcontrib-serializinghtml 1.1.9.

Bugs fixed
----------

* Fix regression in ``autodoc.Documenter.parse_name()``.
* Fix regression in JSON serialisation.
* 11543: autodoc: Support positional-only parameters in ``classmethod`` methods
when ``autodoc_preserve_defaults`` is ``True``.
* Restore support string methods on path objects.
This is deprecated and will be removed in Sphinx 8.
Use :py:func:`os.fspath` to convert :py:class:`~pathlib.Path` objects to strings,
or :py:class:`~pathlib.Path`'s methods to work with path objects.

7.2.2

=====================================

Bugs fixed
----------

* Fix the signature of the ``StateMachine.insert_input()`` patch,
for when calling with keyword arguments.
* Fixed membership testing (``in``) for the :py:class:`str` interface
of the asset classes (``_CascadingStyleSheet`` and ``_JavaScript``),
which several extensions relied upon.
* Fixed a type error in ``SingleFileHTMLBuilder._get_local_toctree``,
``includehidden`` may be passed as a string or a boolean.
* Fix ``:noindex:`` for ``PyModule`` and ``JSModule``.

7.2.1

=====================================

Bugs fixed
----------

* Restored the the :py:class:`str` interface of the asset classes
(``_CascadingStyleSheet`` and ``_JavaScript``), which several extensions relied upon.
This will be removed in Sphinx 9.
* Restored calls to ``Builder.add_{css,js}_file()``,
which several extensions relied upon.
* Restored the private API ``TocTree.get_toctree_ancestors()``,
which several extensions relied upon.

7.2.0

=====================================

Dependencies
------------

* 11511: Drop Python 3.8 support.
* 11576: Require Pygments 2.14 or later.

Deprecated
----------

* 11512: Deprecate ``sphinx.util.md5`` and ``sphinx.util.sha1``.
Use ``hashlib`` instead.
* 11526: Deprecate ``sphinx.testing.path``.
Use ``os.path`` or ``pathlib`` instead.
* 11528: Deprecate ``sphinx.util.split_index_msg`` and ``sphinx.util.split_into``.
Use ``sphinx.util.index_entries.split_index_msg`` instead.
* Deprecate ``sphinx.builders.html.Stylesheet``
and ``sphinx.builders.html.Javascript``.
Use ``sphinx.application.Sphinx.add_css_file()``
and ``sphinx.application.Sphinx.add_js_file()`` instead.
* 11582: Deprecate ``sphinx.builders.html.StandaloneHTMLBuilder.css_files`` and
``sphinx.builders.html.StandaloneHTMLBuilder.script_files``.
Use ``sphinx.application.Sphinx.add_css_file()``
and ``sphinx.application.Sphinx.add_js_file()`` instead.
* 11459: Deprecate ``sphinx.ext.autodoc.preserve_defaults.get_function_def()``.
Patch by Bénédikt Tran.

Features added
--------------

* 11526: Support ``os.PathLike`` types and ``pathlib.Path`` objects
in many more places.
* 5474: coverage: Print summary statistics tables.
Patch by Jorge Leitao.
* 6319: viewcode: Add :confval:`viewcode_line_numbers` to control
whether line numbers are added to rendered source code.
Patch by Ben Krikler.
* 9662: Add the ``:no-typesetting:`` option to suppress textual output
and only create a linkable anchor.
Patch by Latosha Maltba.
* 11221: C++: Support domain objects in the table of contents.
Patch by Rouslan Korneychuk.
* 10938: doctest: Add :confval:`doctest_show_successes` option.
Patch by Trey Hunner.
* 11533: Add ``:no-index:``, ``:no-index-entry:``, and ``:no-contents-entry:``.
* 11572: Improve ``debug`` logging of reasons why files are detected as out of
date.
Patch by Eric Larson.
* 10678: Emit "source-read" events for files read via
the :dudir:`include` directive.
Patch by Halldor Fannar.
* 11570: Use short names when using :pep:`585` built-in generics.
Patch by Riccardo Mori.
* 11300: Improve ``SigElementFallbackTransform`` fallback logic and signature
text elements nodes. See :doc:`the documentation </extdev/nodes>` for more
details.
Patch by Bénédikt Tran.
* Allow running Sphinx with ``python -m sphinx build ...``.

Bugs fixed
----------

* 11077: graphviz: Fix relative links from within the graph.
Patch by Ralf Grubenmann.
* 11529: Line Block in LaTeX builder outputs spurious empty token.
Patch by Adrian Vollmer.
* 11196: autosummary: Summary line extraction failed with "e.g."
* 10614: Fixed a number of bugs in inheritance diagrams that resulted in
missing or broken links.
Patch by Albert Shih.
* 9428: Exclude substitution definitions when running the ``gettext`` builder.
Patch by Alvin Wong.
* 10795: Raise a descriptive error if ``graphviz_dot`` is falsy.
* 11546: Translated nodes identical to their original text are now marked
with the ``translated=True`` attribute.
* 10049: html: Change "Permalink" to "Link" for title text in link anchors.
* 4225: Relax Pygments parsing on lexing failures.
* 11246: Allow inline links in the first line of a docstring and one-line
type comments ``: :meta ...:`` when using :mod:`sphinx.ext.napoleon`.
Patch by Bénédikt Tran.
* 10930: Highlight all search terms on the search results page.
Patch by Dmitry Shachnev.
* 11473: Type annotations containing :py:data:`~typing.Literal` enumeration
values now render correctly.
Patch by Bénédikt Tran.
* 11591: Fix support for C coverage in ``sphinx.ext.coverage`` extension.
Patch by Stephen Finucane.
* 11594: HTML Theme: Enhancements to horizontal scrolling on smaller
devices in the ``agogo`` theme.
Patch by Lukas Engelter.
* 11459: Fix support for async and lambda functions in
``sphinx.ext.autodoc.preserve_defaults``.
Patch by Bénédikt Tran.

Testing
-------

* 11577: pytest: Fail tests on "XPASS".
* 11577: pytest: Use "importlib" import mode.
* 11577: pytest: Set PYTHONWARNINGS=error.
* 11577: pytest: Set strict config and strict markers.

7.1.2

=====================================

Bugs fixed
----------

* 11542: linkcheck: Properly respect :confval:`linkcheck_anchors`
and do not spuriously report failures to validate anchors.
Patch by James Addison.

7.1.1

=====================================

Bugs fixed
----------

* 11514: Fix ``SOURCE_DATE_EPOCH`` in multi-line copyright footer.
Patch by Bénédikt Tran.

7.1.0

=====================================

Incompatible changes
--------------------

* Releases are no longer signed, given the `change in PyPI policy`_.

.. _change in PyPI policy: https://blog.pypi.org/posts/2023-05-23-removing-pgp/

Deprecated
----------

* 11412: Emit warnings on using a deprecated Python-specific index entry type
(namely, ``module``, ``keyword``, ``operator``, ``object``, ``exception``,
``statement``, and ``builtin``) in the :rst:dir:`index` directive, and
set the removal version to Sphinx 9. Patch by Adam Turner.

Features added
--------------

* 11415: Add a checksum to JavaScript and CSS asset URIs included within
generated HTML, using the CRC32 algorithm.
* :meth:`~sphinx.application.Sphinx.require_sphinx` now allows the version
requirement to be specified as ``(major, minor)``.
* 11011: Allow configuring a line-length limit for object signatures, via
:confval:`maximum_signature_line_length` and the domain-specific variants.
If the length of the signature (in characters) is greater than the configured
limit, each parameter in the signature will be split to its own logical line.
This behaviour may also be controlled by options on object description
directives, for example :rst:dir:`py:function:single-line-parameter-list`.
Patch by Thomas Louf, Adam Turner, and Jean-François B.
* 10983: Support for multiline copyright statements in the footer block.
Patch by Stefanie Molin
* ``sphinx.util.display.status_iterator`` now clears the current line
with ANSI control codes, rather than overprinting with space characters.
* 11431: linkcheck: Treat SSL failures as broken links.
Patch by James Addison.
* 11157: Keep the ``translated`` attribute on translated nodes.
* 11451: Improve the traceback displayed when using :option:`sphinx-build -T`
in parallel builds. Patch by Bénédikt Tran
* 11324: linkcheck: Use session-basd HTTP requests.
* 11438: Add support for the :rst:dir:`py:class` and :rst:dir:`py:function`
directives for PEP 695 (generic classes and functions declarations) and
PEP 696 (default type parameters).  Multi-line support (11011) is enabled
for type parameters list and can be locally controlled on object description
directives, e.g., :rst:dir:`py:function:single-line-type-parameter-list`.
Patch by Bénédikt Tran.
* 11484: linkcheck: Allow HTML anchors to be ignored on a per-URL basis
via :confval:`linkcheck_anchors_ignore_for_url` while
still checking the validity of the page itself.
Patch by Bénédikt Tran
* 1246: Add translation progress statistics and inspection support,
via a new substitution (``|translation progress|``) and a new
configuration variable (:confval:`translation_progress_classes`).
These enable determining the percentage of translated elements within
a document, and the remaining translated and untranslated elements.

Bugs fixed
----------

* Restored the ``footnote-reference`` class that has been removed in
the latest (unreleased) version of Docutils.
* 11486: Use :rfc:`8081` font file MIME types in the EPUB builder.
Using the correct MIME type will prevent warnings from ``epubcheck``
and will generate a valid EPUB.
* 11435: Use microsecond-resolution timestamps for outdated file detection
in ``BuildEnvironment.get_outdated_files``.
* 11437: Top-level headings starting with a reStructuredText role
now render properly when :confval:`rst_prolog` is set.
Previously, a file starting with the below would have
improperly rendered due to where the prologue text
was inserted into the document.

.. code:: rst

  :mod:`lobster` -- The lobster module
  ====================================

  ...

Patch by Bénédikt Tran.
* 11337: Fix a ``MemoryError`` in ``sphinx.ext.intersphinx`` when using ``None``
or ``typing.*`` as inline type references. Patch by Bénédikt Tran (picnixz)

Testing
-------

* 11345: Always delete ``docutils.conf`` in test directories when running
``SphinxTestApp.cleanup()``.

7.0.1

=====================================

Dependencies
------------

* 11411: Support `Docutils 0.20`_. Patch by Adam Turner.

.. _Docutils 0.20: https://docutils.sourceforge.io/RELEASE-NOTES.html#release-0-20-2023-05-04

Bugs fixed
----------

* 11418: Clean up remaining references to ``sphinx.setup_command``
following the removal of support for setuptools.
Patch by Willem Mulder.

Links

• PyPI: https://pypi.org/project/sphinx
• Changelog: https://pyup.io/changelogs/sphinx/

Update sphinxcontrib-applehelp from 1.0.4 to 1.0.7.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/sphinxcontrib-applehelp

Update sphinxcontrib-devhelp from 1.0.2 to 1.0.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/sphinxcontrib-devhelp

Update sphinxcontrib-htmlhelp from 2.0.1 to 2.0.4.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/sphinxcontrib-htmlhelp

Update sphinxcontrib-plantuml from 0.25 to 0.26.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/sphinxcontrib-plantuml
• Repo: https://github.com/sphinx-contrib/plantuml/

Update sphinxcontrib-qthelp from 1.0.3 to 1.0.6.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/sphinxcontrib-qthelp

Update sphinxcontrib-serializinghtml from 1.1.5 to 1.1.9.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/sphinxcontrib-serializinghtml

Update urllib3 from 2.0.2 to 2.0.4.

Changelog

2.0.4

==================

- Added support for union operators to ``HTTPHeaderDict`` (`2254 <https://github.com/urllib3/urllib3/issues/2254>`__)
- Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`3078 <https://github.com/urllib3/urllib3/issues/3078>`__)
- Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client (`2757 <https://github.com/urllib3/urllib3/issues/2757>`__)
- Relied on the standard library for checking hostnames in supported PyPy releases (`3087 <https://github.com/urllib3/urllib3/issues/3087>`__)

2.0.3

==================

- Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. (`3020 <https://github.com/urllib3/urllib3/issues/3020>`__)
- Deprecated URLs which don't have an explicit scheme (`2950 <https://github.com/urllib3/urllib3/pull/2950>`_)
- Fixed response decoding with Zstandard when compressed data is made of several frames. (`3008 <https://github.com/urllib3/urllib3/issues/3008>`__)
- Fixed ``assert_hostname=False`` to correctly skip hostname check. (`3051 <https://github.com/urllib3/urllib3/issues/3051>`__)

Links

• PyPI: https://pypi.org/project/urllib3
• Changelog: https://pyup.io/changelogs/urllib3/